Malwarebytes podezřelá aktivita
Napsal: 10 dub 2022 12:41
Dobrý den,
posledních několik dní mi celkem často vyskakuje hláška malwarebytes o zablokování nějakého webu / exploitu. Ze začátku se jednalo pouze o určité programy jako Acronis true image updater, a hláška se objevila tak max jednou do týdne:
později se k tomu přidal Asus framework:
opět, hláška čas od času, neřešil jsem to.
Jenže potom mi za jeden den přišlo asi 10 hlášek, jedna za druhou:
a dneska dokonce přišla hláška od steamu:
nevím co si o tom má myslet. Mám PC zabezpečený Norton 360 antivirem, Malwarebytes antimalwarem s aktivní ochranou, prozkoumal jsem PC jak jedním tak druhým programem tak i pomocí TDSS a KVRT, nic jsem nenašel.
Podle návodu přikládám log z FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-04-2022
Ran by PROXIMA (administrator) on PROXIMA (Gigabyte Technology Co., Ltd. X570 AORUS PRO) (10-04-2022 13:33:14)
Running from D:\STAHOVÁNÍ
Loaded Profiles: PROXIMA
Platform: Microsoft Windows 10 Pro Version 21H2 19044.1586 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Agent\bin\bckp_amgr.exe
(C:\Program Files (x86)\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Agent\bin\monitoring-mini.exe
(C:\Program Files (x86)\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Agent\bin\task-manager.exe
(C:\Program Files (x86)\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH.) C:\Program Files (x86)\Acronis\Agent\bin\adp-agent.exe
(C:\Program Files (x86)\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH.) C:\Program Files (x86)\Acronis\Agent\bin\updater.exe
(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI.CentralServer.exe
(C:\Program Files (x86)\Origin\Origin.exe ->) (Electronic Arts, Inc. -> ) C:\Program Files (x86)\Origin\QtWebEngineProcess.exe <17>
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe ->) (Ubisoft Entertainment Sweden AB -> Ubisoft) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UplayWebCore.exe <8>
(C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe ->) (ASUSTEK COMPUTER INCORPORATION -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(cmd.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe
(Discord Inc. -> Discord Inc.) C:\Users\PROXIMA\AppData\Local\Discord\app-1.0.9004\Discord.exe <6>
(explorer.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <25>
(explorer.exe ->) (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(explorer.exe ->) (Ubisoft Entertainment Sweden AB -> Ubisoft) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(MICRO-STAR INTERNATIONAL CO., LTD) C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.123.0_x64__kzh8wxbdkxb8p\DCv2\DCv2.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
(services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Agent\aakore.exe
(services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
(services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.02.12\atkexComSvc.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTEK COMPUTER INCORPORATION -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
(services.exe ->) (cFos Software GmbH -> cFos Software GmbH) C:\Program Files\cFosSpeed\spd.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginClientService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\FoundationService\MSIAPService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe
(services.exe ->) (NortonLifeLock Inc. -> NortonLifelock Inc.) C:\Program Files\Norton Security\Engine\22.22.2.10\NortonSecurity.exe <2>
(services.exe ->) (NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security\Engine\22.22.2.10\nsWscSvc.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c0e159863e7afdde\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (O&O Software GmbH -> O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_b022f456c858acec\RtkAudUService64.exe <2>
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\AacExtCard\extensionCardHal_x86.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x86.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\True Color\MSI.True Color.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControlEngine.exe
(svchost.exe ->) (Realtek Semiconductor Corp) C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.27.252.0_x64__dt26b99r8h8gj\RtkUWP.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_b022f456c858acec\RtkAudUService64.exe [1269672 2021-07-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18727048 2018-10-05] (Logitech Inc -> Logitech Inc.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [637784 2021-10-22] (Acronis International GmbH -> Acronis International GmbH)
HKLM\...\Run: [OODefragTray] => C:\Program Files\OO Software\Defrag\oodtray.exe (No File)
HKU\S-1-5-21-2060847573-491222334-2049653053-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35888256 2022-03-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Windows x64\Print Processors\hpcpp108: C:\Windows\System32\spool\prtprocs\x64\hpcpp108.DLL [331776 2011-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: c:\windows\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\100.0.4896.75\Installer\chrmstp.exe [2022-04-07] (Google LLC -> Google LLC)
Startup: C:\Users\PROXIMA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DesktopVideoPlayer.lnk [2022-03-28]
ShortcutTarget: DesktopVideoPlayer.lnk -> C:\Users\PROXIMA\AppData\Local\vghd\bin\vghd.exe (Totem Core Limited) [File not signed]
Startup: C:\Users\PROXIMA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2022-03-20]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {003F7941-9EF9-41A5-B39D-DE5052C6F152} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22865832 2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {0F3891B4-9EBF-495A-A97D-F38D5BF47B4A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1009872 2021-11-02] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {19F9522C-3D40-4F6D-8E9A-ECF7DA9C58CF} - System32\Tasks\Norton 360\Norton 360 Error Analyzer => C:\Program Files\Norton Security\Engine\22.22.2.10\SymErr.exe [108752 2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {1A8A140C-5602-4AF8-BC05-3095A13771F9} - System32\Tasks\MSI Task Host - DisplayID => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [102712 2021-07-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {228B4FDC-5DD6-4050-B518-1D2518B67B68} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647376 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
Task: {229DF518-AC73-4B8A-B259-37F99956FA9B} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [39584 2022-03-21] (HP Inc. -> HP Inc.)
Task: {271D8884-3ABE-4297-B36D-90FFD7A62A37} - System32\Tasks\MSI Task Host - Detect_Monitor => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [102712 2021-07-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {34A1E781-6FAC-4878-B026-E7E2A2D2A55D} - System32\Tasks\Norton 360\Norton 360 Error Processor => C:\Program Files\Norton Security\Engine\22.22.2.10\SymErr.exe [108752 2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {3C553D2A-1313-4F33-8368-94F756221114} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138680 2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {4AD5C56E-1B9F-439D-BD30-54A3850C458D} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [168520 2020-09-07] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {4CEE3B05-E3E5-40C1-8BA1-006FA23157A4} - System32\Tasks\ASUS\ArmouryAIOFanServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\ArmouryAIOFanServer.exe (No File)
Task: {56A68A1A-487F-4B23-A4DF-AD68CD5A30D2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-03-10] (Piriform Software Ltd -> Piriform)
Task: {57C021B5-713E-4BFD-BF6F-ADE67561EA00} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe [1781072 2021-12-17] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {59B501DC-A298-4BC2-B21F-AAFB7CA2F6A2} - System32\Tasks\MSI Task Host - MSI.True Color => C:\Program Files (x86)\MSI\One Dragon Center\True Color\MSI.True Color.exe [47416 2021-03-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {59ECF0A8-B2EB-4EAD-A939-6C0D8548017E} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.22.2.10\WSCStub.exe [646520 2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {68573E22-C8AD-4FC7-B69B-42A839A3E7D5} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [2248120 2021-12-17] (ASUSTeK Computer Inc. -> ASUS)
Task: {6D50F2BB-AE5A-43CE-AA6F-1B779732A3A3} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [39584 2022-03-21] (HP Inc. -> HP Inc.)
Task: {73C0A417-6D9E-418B-BB50-C96050178386} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
Task: {76021797-89D9-4091-8CE7-CE86AC6C20CD} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339472 2022-02-03] (Nvidia Corporation -> NVIDIA Corporation)
Task: {77F0687B-025E-4AA7-BAC5-66770193C104} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138680 2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {836459C1-20F3-430F-B4B4-430DDF93CDA4} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
Task: {9AC3D692-672F-4A4F-9565-79CE0214FADC} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton 360\Upgrade.exe [2353000 2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {A884348C-F639-4957-A56C-A64BAF2BA339} - System32\Tasks\CCleanerSkipUAC - PROXIMA => C:\Program Files\CCleaner\CCleaner.exe [30053504 2022-03-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {AA294346-A9B0-47E4-8A45-E8214D4152CA} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
Task: {AF7EB1E4-C049-4A73-93C0-0072C994BFB1} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (No File)
Task: {B65258BE-7A92-4319-884B-26586693516D} - System32\Tasks\Norton 360\Norton 360 Autofix => C:\Program Files\Norton Security\Engine\22.22.2.10\SymErr.exe [108752 2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {B7CFFF60-2A36-4F1F-B7EF-A2E6983772B1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-29] (Google LLC -> Google LLC)
Task: {D04571CB-06CE-4010-90FA-571DA967A525} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [115464 2021-12-17] (ASUSTeK Computer Inc. -> ASUS)
Task: {D656104E-D848-4E40-9318-1A855759BDA5} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d68540ff86a61f => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [168520 2020-09-07] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {E4C719A0-C72C-462A-865C-F7579C499708} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [61336 2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {EA17F951-1A95-4272-92E4-AEFF23A0ED80} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
Task: {EC360C9E-BC90-428E-9E0C-8EDC4E55FCE9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22865832 2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {F0EFD96E-42CD-4929-BF75-59F6C3C12E73} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [804408 2021-12-03] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {F2A9A347-ED09-4A16-A296-EF5E81AA1B86} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {F337B9C8-FF4B-4364-A34B-8F59ED9A14B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-29] (Google LLC -> Google LLC)
Task: {F3C77CA8-120C-47EB-97B4-6AA103814DF3} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
Task: {FEF043D0-245B-41C6-BAF5-896A3A4982F1} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 86.49.5.221 86.49.5.222
Tcpip\..\Interfaces\{15d3c97b-5dc3-48f2-9901-03272a120b8d}: [DhcpNameServer] 86.49.5.221 86.49.5.222
Edge:
=======
DownloadDir: D:\STAHOVÁNÍ
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Profile 1
Edge Profile: C:\Users\PROXIMA\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2022-04-05]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\PROXIMA\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-04-05]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-03-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-03-05] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\PROXIMA\AppData\Local\Google\Chrome\User Data\Default [2022-04-10]
CHR DownloadDir: D:\STAHOVÁNÍ
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Session Restore: Default -> is enabled.
CHR Extension: (Slides) - C:\Users\PROXIMA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-11-13]
CHR Extension: (Norton Password Manager) - C:\Users\PROXIMA\AppData\Local\Google\Chrome\User Data\Default\Extensions\admmjipmmciaobhojoghlmleefbicajg [2022-03-31]
CHR Extension: (Docs) - C:\Users\PROXIMA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-11-13]
CHR Extension: (Google Drive) - C:\Users\PROXIMA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-13]
CHR Extension: (YouTube) - C:\Users\PROXIMA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-13]
CHR Extension: (Slinky Elegant) - C:\Users\PROXIMA\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmanlajnpdncmhfkiccmbgeocgbncfln [2020-11-13]
CHR Extension: (Tampermonkey) - C:\Users\PROXIMA\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2022-02-19]
CHR Extension: (Sheets) - C:\Users\PROXIMA\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-11-13]
CHR Extension: (Norton Safe Web) - C:\Users\PROXIMA\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnpbeacklnhmkkilekogeiekaglbmmka [2022-03-17]
CHR Extension: (Google Docs Offline) - C:\Users\PROXIMA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-12]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\PROXIMA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-03-12]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\PROXIMA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-04-09]
CHR Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\PROXIMA\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2022-03-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\PROXIMA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-13]
CHR Extension: (Gmail) - C:\Users\PROXIMA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-13]
CHR Profile: C:\Users\PROXIMA\AppData\Local\Google\Chrome\User Data\System Profile [2022-03-27]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aakore; C:\Program Files (x86)\Acronis\Agent\aakore.exe [9031480 2021-10-22] (Acronis International GmbH -> Acronis International GmbH)
R2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [13716704 2021-10-22] (Acronis International GmbH -> )
S4 AcronisCyberProtectionService; C:\Program Files\Acronis\CyberProtect\cyber-protect-service.exe [1420344 2021-10-22] (Acronis International GmbH -> Acronis International GmbH)
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1704216 2021-10-22] (Acronis International GmbH -> Acronis International GmbH)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6391536 2021-12-25] (Acronis International GmbH -> )
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe [349408 2022-01-16] (ASUSTEK COMPUTER INCORPORATION -> ASUSTeK COMPUTER INC.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.12\atkexComSvc.exe [457544 2021-10-21] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [168520 2020-09-07] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [181576 2022-01-16] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [168520 2020-09-07] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 AsusROGLSLService; C:\Program Files (x86)\ASUS\AsusROGLSLService\AsusROGLSLService.exe [660096 2020-09-07] (ASUSTeK Computer Inc. -> ASUS)
R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [602376 2021-07-29] (cFos Software GmbH -> cFos Software GmbH)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11666384 2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2021-12-09] (FUTUREMARK INC -> Futuremark)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [218272 2022-03-21] (HP Inc. -> HP Inc.)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [3683496 2021-11-24] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R2 LightKeeperService; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe [86776 2020-12-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-10-05] (Logitech Inc -> Logitech Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8348856 2022-04-03] (Malwarebytes Inc -> Malwarebytes)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4878896 2021-10-22] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2019-11-18] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\CyberProtectHomeOffice\mobile_backup_status_server.exe [2133920 2021-10-22] (Acronis International GmbH -> )
R2 MSI Foundation Service; C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\FoundationService\MSIAPService.exe [75216 2020-09-23] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
R2 MSI_Central_Service; C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe [147088 2020-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_Companion_Service; C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe [143160 2021-03-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe [36152 2021-08-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe [39760 2021-05-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.22.2.10\NortonSecurity.exe [344888 2022-03-04] (NortonLifeLock Inc. -> NortonLifelock Inc.)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.22.2.10\nsWscSvc.exe [1059176 2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [1699192 2020-06-11] (O&O Software GmbH -> O&O Software GmbH)
R3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2563288 2022-02-22] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3481824 2022-02-22] (Electronic Arts, Inc. -> Electronic Arts)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1856816 2021-08-04] (Rockstar Games, Inc. -> Rockstar Games)
R2 ROG Live Service; C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe [6101680 2021-12-17] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6228008 2022-03-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7403104 2021-10-22] (Acronis International GmbH -> )
S3 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [5910328 2021-03-23] (Acronis International GmbH -> Acronis International GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2020-01-27] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2020-01-27] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c0e159863e7afdde\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c0e159863e7afdde\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [34384 2021-10-21] (ASUSTeK Computer Inc. -> )
R1 Asusgio3; C:\WINDOWS\system32\drivers\AsIO3.sys [43168 2022-01-16] (ASUSTeK Computer Inc. -> )
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [802976 2021-10-22] (Bitdefender SRL -> Bitdefender)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.19.9.63\Definitions\BASHDefs\20220407.011\BHDrvx64.sys [2018784 2021-09-15] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [284672 2021-04-15] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1616020.00A\ccSetx64.sys [184312 2022-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 cFosSpeed; C:\WINDOWS\system32\DRIVERS\cfosspeed6.sys [1695016 2021-07-29] (cFos Software GmbH -> cFos Software GmbH)
R3 cpuz152; C:\WINDOWS\temp\cpuz152\cpuz152_x64.sys [35840 2022-04-09] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)
R1 CTIIO; C:\WINDOWS\system32\drivers\CtiIo64.sys [29208 2022-01-16] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [509904 2021-11-10] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 EneTechIo; C:\Windows\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [145376 2022-02-21] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [726160 2021-12-25] (Acronis International GmbH -> Acronis International GmbH)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [392840 2021-12-25] (Acronis International GmbH -> Acronis International GmbH)
R0 fltsrv; C:\WINDOWS\System32\DRIVERS\fltsrv.sys [183944 2020-12-01] (Acronis International GmbH -> Acronis International GmbH)
S3 gdrv2; C:\Windows\gdrv2.sys [32600 2020-01-27] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R1 GLCKIO2; C:\Windows\system32\drivers\GLCKIO2.sys [29368 2019-04-24] (ASUSTeK Computer Inc. -> )
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.19.9.63\Definitions\IPSDefs\20220408.061\IDSvia64.sys [1515512 2022-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2018-10-05] (Logitech Inc -> Logitech Inc.)
R3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2018-10-05] (Logitech -> Logitech Inc.)
R3 LGSUsbFilt; C:\WINDOWS\system32\DRIVERS\LGSUsbFilt.Sys [41752 2018-10-05] (Logitech -> Logitech Inc.)
R0 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223688 2022-04-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [195024 2022-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69040 2022-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2022-01-16] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [158856 2022-04-09] (Malwarebytes Inc -> Malwarebytes)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
S0 ngelam; C:\WINDOWS\System32\drivers\ngelam.sys [16344 2021-10-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Acronis International GmbH)
R1 ngscan; C:\WINDOWS\System32\DRIVERS\ngscan.sys [198112 2021-10-22] (Acronis International GmbH -> Acronis International GmbH)
S3 nsvst_NGC; C:\WINDOWS\System32\drivers\NGCx64\1616020.00A\nsvst.sys [56080 2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\One Dragon Center\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Lib\NTIOLib_X64.sys [14288 2017-07-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 Revoflt; C:\WINDOWS\System32\DRIVERS\revoflt.sys [38400 2020-10-14] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R1 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1616020.00A\SRTSP64.SYS [892600 2022-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1616020.00A\SRTSPX64.SYS [48824 2022-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1616020.00A\SYMEFASI64.SYS [2030768 2022-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1616020.00A\SymELAM.sys [31984 2022-03-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [93152 2021-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.19.9.63\SymPlatform\SymEvnt.sys [712432 2021-07-13] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1616020.00A\Ironx64.SYS [319152 2022-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1616020.00A\symnets.sys [575344 2022-03-04] (Symantec Corporation -> Symantec Corporation)
R3 SymTAP; C:\WINDOWS\System32\drivers\SymTAP.sys [52104 2018-10-16] (Symantec Corporation -> The OpenVPN Project)
S3 tib; C:\WINDOWS\system32\DRIVERS\tib.sys [887032 2021-12-25] (Acronis International GmbH -> Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [175648 2021-12-25] (Acronis International GmbH -> Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [694920 2021-12-25] (Acronis International GmbH -> Acronis International GmbH)
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [340488 2021-12-25] (Acronis International GmbH -> Acronis International GmbH)
R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [251016 2021-12-25] (Acronis International GmbH -> Acronis International GmbH)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2020-01-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2020-01-27] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2020-01-27] (Microsoft Windows -> Microsoft Corporation)
R1 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1616020.00A\wpCtrlDrv.sys [1015760 2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 cpuz148; \??\C:\WINDOWS\temp\cpuz148\cpuz148_x64.sys [X]
S3 cpuz150; \??\C:\WINDOWS\temp\cpuz150\cpuz150_x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-04-10 13:32 - 2022-04-10 13:33 - 000000000 ____D C:\FRST
2022-04-09 20:43 - 2022-04-09 20:43 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2022-04-09 12:53 - 2022-04-09 13:00 - 000000000 ____D C:\WINDOWS\SysWOW64\lock.lock
2022-04-09 12:53 - 2022-04-09 12:53 - 000195024 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2022-04-09 12:53 - 2022-04-09 12:53 - 000158856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2022-04-09 12:53 - 2022-04-09 12:53 - 000069040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2022-04-09 12:50 - 2022-04-09 12:50 - 000001133 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2022-04-09 12:48 - 2022-04-09 12:49 - 000351096 _____ C:\TDSSKiller.3.1.0.28_09.04.2022_12.48.40_log.txt
2022-04-03 21:11 - 2022-04-03 21:12 - 000349354 _____ C:\TDSSKiller.3.1.0.28_03.04.2022_21.11.43_log.txt
2022-04-03 21:10 - 2022-04-03 21:10 - 000009588 _____ C:\TDSSKiller.3.1.0.28_03.04.2022_21.10.25_log.txt
2022-04-03 21:09 - 2022-04-03 21:09 - 000002032 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-03-31 16:06 - 2022-03-31 16:06 - 000000000 ____D C:\Users\PROXIMA\Documents\Ubisoft
2022-03-31 16:05 - 2022-03-31 16:05 - 000000222 _____ C:\Users\PROXIMA\Desktop\HEROES.url
2022-03-29 23:33 - 2022-03-29 23:33 - 000846896 _____ C:\Users\PROXIMA\Desktop\návrh kupní smlouvy - oprava.pdf
2022-03-27 10:01 - 2022-03-27 10:01 - 000000000 ____D C:\Users\PROXIMA\Desktop\POJIŠTĚNÍ
2022-03-27 09:23 - 2022-03-27 09:23 - 000000000 ____D C:\Users\PROXIMA\AppData\Roaming\NVIDIA
2022-03-27 00:38 - 2022-03-27 00:38 - 000023146 _____ C:\Users\PROXIMA\Documents\registry 26.03.2022.reg
2022-03-26 23:45 - 2022-03-26 23:45 - 000000000 ____D C:\WINDOWS\system32\lxss
2022-03-26 23:45 - 2022-03-26 23:45 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2022-03-26 23:43 - 2022-03-17 18:33 - 000134832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2022-03-26 23:43 - 2022-03-17 18:33 - 000047792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2022-03-26 23:36 - 2022-03-18 07:43 - 001905904 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-03-26 23:36 - 2022-03-18 07:43 - 001905904 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-03-26 23:36 - 2022-03-18 07:43 - 001478392 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-03-26 23:36 - 2022-03-18 07:43 - 001478392 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-03-26 23:36 - 2022-03-18 07:43 - 001467840 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-03-26 23:36 - 2022-03-18 07:43 - 001432312 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-03-26 23:36 - 2022-03-18 07:43 - 001432312 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-03-26 23:36 - 2022-03-18 07:43 - 001209400 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-03-26 23:36 - 2022-03-18 07:43 - 001145584 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-03-26 23:36 - 2022-03-18 07:43 - 001145584 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-03-26 23:36 - 2022-03-18 07:40 - 000795704 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-03-26 23:36 - 2022-03-18 07:40 - 000715944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-03-26 23:36 - 2022-03-18 07:40 - 000636480 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-03-26 23:36 - 2022-03-18 07:39 - 002121688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-03-26 23:36 - 2022-03-18 07:39 - 001600680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-03-26 23:36 - 2022-03-18 07:39 - 001529936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-03-26 23:36 - 2022-03-18 07:39 - 001175696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-03-26 23:36 - 2022-03-18 07:39 - 000981648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-03-26 23:36 - 2022-03-18 07:39 - 000792208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-03-26 23:36 - 2022-03-18 07:39 - 000712664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-03-26 23:36 - 2022-03-18 07:38 - 008610472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-03-26 23:36 - 2022-03-18 07:38 - 007713872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-03-26 23:36 - 2022-03-18 07:38 - 005729752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-03-26 23:36 - 2022-03-18 07:38 - 005101528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-03-26 23:36 - 2022-03-18 07:38 - 002931856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-03-26 23:36 - 2022-03-18 07:38 - 000456872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-03-26 23:36 - 2022-03-18 07:36 - 000850088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-03-26 23:36 - 2022-03-18 07:35 - 007611808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2022-03-26 23:36 - 2022-03-18 07:35 - 006458872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-03-26 23:36 - 2022-03-17 18:33 - 000089337 _____ C:\WINDOWS\system32\nvinfo.pb
2022-03-23 20:51 - 2022-03-23 20:51 - 000000000 ____D C:\Users\PROXIMA\AppData\LocalLow\NVIDIA
2022-03-21 18:34 - 2022-03-21 18:34 - 000000050 _____ C:\Users\PROXIMA\Desktop\čísla účtů.txt
2022-03-16 00:10 - 2022-03-27 00:00 - 000001585 _____ C:\Users\Public\Desktop\NORTON.lnk
2022-03-15 15:15 - 2022-04-10 01:04 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton 360
2022-03-15 15:10 - 2022-03-16 00:10 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2022-03-15 15:10 - 2022-03-15 15:10 - 000003376 _____ C:\WINDOWS\system32\Tasks\Norton WSC Integration
2022-03-11 16:58 - 2022-03-11 16:58 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-03-11 16:58 - 2022-03-11 16:58 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2022-03-11 16:58 - 2022-03-11 16:58 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
2022-03-11 16:58 - 2022-03-11 16:58 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-03-11 16:58 - 2022-03-11 16:58 - 000195584 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2022-03-11 16:58 - 2022-03-11 16:58 - 000011911 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-04-10 13:34 - 2022-02-15 17:43 - 000000000 ____D C:\Users\PROXIMA\Documents\Soubory aplikace Outlook
2022-04-10 13:29 - 2020-11-13 17:37 - 000000000 ____D C:\Program Files (x86)\Steam
2022-04-10 13:19 - 2020-11-13 17:47 - 000000000 ____D C:\Users\PROXIMA\AppData\Roaming\Discord
2022-04-10 13:19 - 2020-01-27 05:47 - 000000000 ____D C:\Program Files (x86)\Google
2022-04-10 12:55 - 2020-11-13 17:51 - 000000000 ____D C:\Users\PROXIMA\AppData\Local\Discord
2022-04-10 12:25 - 2022-01-16 15:27 - 000000000 ____D C:\ProgramData\NVIDIA
2022-04-10 12:07 - 2020-05-29 22:13 - 000000000 ____D C:\Users\PROXIMA\AppData\Roaming\vlc
2022-04-10 11:55 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-04-10 10:49 - 2020-01-29 23:33 - 000000000 ____D C:\Program Files\CCleaner
2022-04-10 10:47 - 2021-02-13 17:04 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6dd2c7584dd01
2022-04-10 10:47 - 2020-12-28 17:18 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-04-10 10:46 - 2021-09-25 23:32 - 000000000 ____D C:\Users\PROXIMA\AppData\Roaming\Origin
2022-04-10 10:46 - 2020-12-28 17:12 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-04-10 01:24 - 2020-01-29 03:36 - 000000000 ____D C:\Users\PROXIMA\AppData\Local\CrashDumps
2022-04-09 18:04 - 2022-01-16 15:26 - 000000000 ____D C:\Users\PROXIMA\AppData\Local\D3DSCache
2022-04-09 15:24 - 2020-11-13 17:49 - 000000000 ____D C:\Users\PROXIMA\AppData\Roaming\HeroineRumble
2022-04-09 15:17 - 2021-09-25 23:33 - 000000000 ____D C:\Program Files (x86)\Origin
2022-04-09 14:08 - 2022-01-16 15:49 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2022-04-09 13:00 - 2020-12-28 17:21 - 001974168 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-04-09 13:00 - 2020-12-28 17:18 - 000000000 ____D C:\WINDOWS\system32\Tasks\ASUS
2022-04-09 13:00 - 2020-01-28 20:22 - 000000000 ____D C:\ProgramData\Package Cache
2022-04-09 13:00 - 2019-12-07 16:43 - 000824218 _____ C:\WINDOWS\system32\perfh005.dat
2022-04-09 13:00 - 2019-12-07 16:43 - 000187320 _____ C:\WINDOWS\system32\perfc005.dat
2022-04-09 13:00 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-04-09 12:55 - 2021-09-25 23:33 - 000000000 ____D C:\Program Files (x86)\Origin Games
2022-04-09 12:55 - 2021-09-25 23:32 - 000000000 ____D C:\Users\PROXIMA\AppData\Local\Origin
2022-04-09 12:55 - 2021-09-25 23:32 - 000000000 ____D C:\ProgramData\Origin
2022-04-09 12:55 - 2020-11-13 17:53 - 000000000 ____D C:\Users\PROXIMA\AppData\Local\Ubisoft Game Launcher
2022-04-09 12:53 - 2022-02-15 17:42 - 000008192 ___SH C:\DumpStack.log.tmp
2022-04-09 12:53 - 2020-12-28 17:18 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-04-09 12:52 - 2022-01-16 16:09 - 000003130 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner
2022-04-09 12:52 - 2019-12-07 11:03 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2022-04-09 12:50 - 2020-02-03 19:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2022-04-09 11:53 - 2020-06-11 00:30 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-04-09 11:53 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-04-09 11:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-04-08 14:48 - 2020-09-30 02:41 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-04-07 04:54 - 2020-03-29 00:21 - 000002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-04-07 04:53 - 2020-05-11 17:41 - 000000000 ____D C:\Program Files\Microsoft Office
2022-04-03 21:11 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-04-03 21:09 - 2020-09-09 14:13 - 000002044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-04-03 21:08 - 2021-09-09 23:34 - 000223688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-04-03 21:08 - 2020-01-28 20:36 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-04-03 21:08 - 2020-01-28 20:32 - 000000000 ____D C:\Program Files\Malwarebytes
2022-04-03 00:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-03-28 16:50 - 2020-01-30 23:17 - 000000000 ____D C:\Users\PROXIMA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iStripper
2022-03-27 07:53 - 2022-01-16 15:28 - 000000000 ____D C:\Users\PROXIMA\AppData\Local\NVIDIA
2022-03-27 00:35 - 2020-12-29 11:42 - 000000000 ____D C:\WINDOWS\Minidump
2022-03-27 00:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-03-26 23:45 - 2022-01-16 15:27 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-03-25 17:16 - 2020-12-28 17:18 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-03-23 21:13 - 2020-09-30 02:41 - 000601432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2022-03-23 21:12 - 2020-09-30 02:41 - 000483664 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2022-03-23 20:43 - 2021-10-23 00:49 - 000002084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-03-23 20:43 - 2020-12-28 17:18 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-03-22 17:52 - 2021-05-17 06:56 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2022-03-22 17:52 - 2021-05-17 06:56 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2022-03-22 00:30 - 2020-01-27 05:44 - 000000000 ____D C:\Users\PROXIMA\AppData\Local\Packages
2022-03-18 00:29 - 2020-12-28 17:13 - 000000000 ____D C:\Users\PROXIMA
2022-03-15 15:43 - 2020-01-28 20:11 - 000000000 ____D C:\Program Files\Common Files\AV
2022-03-15 15:10 - 2020-01-28 19:45 - 000000000 ____D C:\WINDOWS\system32\Drivers\NGCx64
2022-03-12 16:34 - 2020-12-28 17:12 - 000437000 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-03-12 16:32 - 2019-12-07 16:47 - 000000000 ___SD C:\WINDOWS\system32\AppV
2022-03-12 16:32 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-03-12 16:32 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-03-12 16:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-03-12 16:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-03-12 16:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-03-12 16:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-03-12 16:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-03-12 16:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-03-12 16:32 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2022-03-11 17:01 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-03-11 16:58 - 2020-12-28 17:16 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-03-11 16:50 - 2020-01-27 05:54 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-03-11 16:48 - 2020-01-27 05:54 - 145666720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Files in the root of some directories ========
2021-05-15 20:11 - 2021-05-26 19:50 - 000000134 _____ () C:\Users\PROXIMA\AppData\Roaming\CSharpAnalytics-MeasurementQueue
2021-05-15 19:38 - 2021-05-26 19:50 - 000000443 _____ () C:\Users\PROXIMA\AppData\Roaming\CSharpAnalytics-MeasurementSession
2022-02-22 18:35 - 2022-02-22 18:35 - 000007895 _____ () C:\Users\PROXIMA\AppData\Local\recently-used.xbel
2020-06-11 01:49 - 2020-12-21 03:49 - 000007602 _____ () C:\Users\PROXIMA\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-04-2022
Ran by PROXIMA (10-04-2022 13:34:21)
Running from D:\STAHOVÁNÍ
Microsoft Windows 10 Pro Version 21H2 19044.1586 (X64) (2020-12-28 15:18:21)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2060847573-491222334-2049653053-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2060847573-491222334-2049653053-503 - Limited - Disabled)
Guest (S-1-5-21-2060847573-491222334-2049653053-501 - Limited - Disabled)
PROXIMA (S-1-5-21-2060847573-491222334-2049653053-1001 - Administrator - Enabled) => C:\Users\PROXIMA
WDAGUtilityAccount (S-1-5-21-2060847573-491222334-2049653053-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton 360 (Enabled - Up to date) {1122B19A-E671-38EC-8EAC-87048FD4528D}
AV: Norton 360 (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton 360 (Enabled - Up to date) {AECE2126-F4E7-6909-11F2-1B69D1FBCBD0}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Norton 360 (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A}
FW: Norton 360 (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}
FW: Norton 360 (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1}
FW: Norton 360 (Enabled) {96F5A003-BE88-6851-3AAD-B25C2F288CAB}
FW: Norton 360 (Enabled) {291930BF-AC1E-39B4-A5F3-2E31710715F6}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
@BIOS (HKLM-x32\...\{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 4.19.0917.1 - GIGABYTE) Hidden
@BIOS (HKLM-x32\...\InstallShield_{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 4.19.0917.1 - GIGABYTE)
64 Bit HP CIO Components Installer (HKLM\...\{5737101A-27C4-408A-8A57-D1DC78DF84B4}) (Version: 8.2.1 - Hewlett-Packard) Hidden
7-Zip 21.07 (x64) (HKLM\...\7-Zip) (Version: 21.07 - Igor Pavlov)
Acronis Cyber Protect Home Office (HKLM-x32\...\{E1FEA3C4-5790-465E-ADDD-6FF1E9FDCAB4}) (Version: 26.1.39703 - Acronis) Hidden
Acronis Cyber Protect Home Office (HKLM-x32\...\{E1FEA3C4-5790-465E-ADDD-6FF1E9FDCAB4}Visible) (Version: 26.1.39703 - Acronis)
Acronis Drivers (HKLM\...\{C5293FA2-D7C1-4445-9DC9-3E34349D59AF}) (Version: 26.1.39703 - Acronis) Hidden
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.001.20085 - Adobe)
AIDA64 Extreme v6.33 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 6.33 - FinalWire Ltd.)
AMD Ryzen Master SDK (HKLM\...\{DBD50508-5F75-416B-995D-C42433A00944}) (Version: 2.7.0.1725 - Advanced Micro Devices, Inc.)
Application Compatibility Toolkit (HKLM\...\{97AA1749-3B8B-55AB-C963-8AEBFB17DB67}) (Version: 10.1.17763.1 - Microsoft) Hidden
Appman Auto Sequencer (HKLM-x32\...\{63475AEF-75DB-C472-9BC9-48CFA944F6C2}) (Version: 10.1.17763.1 - Microsoft) Hidden
Appman Sequencer on amd64 (HKLM\...\{0DAD4350-0168-50CC-7701-7ACAA7F59A6A}) (Version: 10.1.17763.1 - Microsoft) Hidden
ARMOURY CRATE Lite Service (HKLM\...\{EF3944FF-2501-4568-B15C-5701E726719E}) (Version: 5.0.8 - ASUS)
Assessments on Client (HKLM-x32\...\{AB7B2E42-DBB1-3CF3-7EA7-6F96F6731BA9}) (Version: 10.1.17763.1 - Microsoft) Hidden
ASUS AIOFan HAL (HKLM\...\{EAE80DED-1A39-41C5-9F60-87CC947F6454}) (Version: 1.1.43.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AIOFan HAL (HKLM-x32\...\{2e3d34f7-20ec-4a4a-bfb6-2c74633e412d}) (Version: 1.1.43.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM\...\{237E1CAC-1708-4940-AC34-DF15C079AB70}) (Version: 1.1.0.13 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{c398adfb-d090-4897-8845-baca53f7ecde}) (Version: 1.1.0.13 - ASUSTeK COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.11 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.4.3 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA VGA Component (HKLM-x32\...\{7a0d5159-cb5e-4f66-91f8-bab46f864f14}) (Version: 0.0.4.3 - ASUSTek COMPUTER INC. ) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{3507c756-a80f-4b0e-8475-975d8b432176}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{5960FD0F-BB3B-49AF-B175-F77DC91E995A}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.69 - ASUSTeK Computer Inc.) Hidden
AURA DRAM Component (HKLM\...\{9AFE5429-866B-457D-A864-80BCF7672EE8}) (Version: 1.1.16 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{41a78792-5489-400c-a567-b78d40b8c878}) (Version: 1.1.16 - ASUS) Hidden
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.21 - ASUS)
AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.21 - ASUS)
AURA Service (HKLM-x32\...\{0E536061-3B55-4D45-BF58-0BDA261C94B0}) (Version: 3.05.29 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{abff099e-96f5-4bf4-9c6e-6f435f9f6c55}) (Version: 3.05.29 - ASUSTeK Computer Inc.)
Authy Desktop (HKU\S-1-5-21-2060847573-491222334-2049653053-1001\...\authy) (Version: 1.8.4 - Twilio Inc.)
AutoHotkey 1.1.33.04 (HKLM\...\AutoHotkey) (Version: 1.1.33.04 - Lexikos)
CCleaner (HKLM\...\CCleaner) (Version: 5.91 - Piriform)
cFosSpeed 12.01 (HKLM\...\cFosSpeed) (Version: 12.01 - cFos Software GmbH, Bonn)
Command & Conquer™: Generals and Zero Hour (HKLM-x32\...\{609F6FD5-4B22-4D7A-AD30-8C9DD480D5BE}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Data Lifeguard Diagnostic version 1.36 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version: - Western Digital Corporation)
Discord (HKU\S-1-5-21-2060847573-491222334-2049653053-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
ENE RGB HAL (HKLM\...\{E050E98C-5524-4AFB-9E53-97700BEF2C02}) (Version: 1.1.39.5 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{09239bb1-d62b-4710-991f-f8cf987be42b}) (Version: 1.1.39.5 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.3.31 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{cb8809b0-c2ad-40f3-80c7-8ebf6c6f8f63}) (Version: 1.0.3.31 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.9.7 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{aeca6fd4-1d77-499a-b01c-d4521a6b7bff}) (Version: 1.0.9.7 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_X-JMI_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.5.1 - ENE Tech) Hidden
ENE_X-JMI_HAL (HKLM-x32\...\{50ec3a07-291b-463e-be86-487eb8cbb71c}) (Version: 1.0.5.1 - ENE Tech) Hidden
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Futuremark SystemInfo (HKLM-x32\...\{63C33A87-484C-4D23-BAA4-5658DD908D8E}) (Version: 5.45.1044.0 - Futuremark)
Geeks3D FurMark 1.29.0.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: 1.29.0.0 - Geeks3D)
GIMP 2.10.30 (HKU\S-1-5-21-2060847573-491222334-2049653053-1001\...\GIMP-2_is1) (Version: 2.10.30 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 100.0.4896.75 - Google LLC)
HD Tune Pro 5.75 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
Image Resizer for Windows (64 bit) (HKLM\...\{6026BD89-5CCA-4A47-8012-08FDA0EF935A}) (Version: 3.1.2.0 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{0903AF19-2041-4EBB-81CB-7A1506EC9868}) (Version: 3.1.2.0 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{e798dcc8-a5a5-424e-9f9a-8148e824ab13}) (Version: 3.1.2.0 - Brice Lambson)
Imaging And Configuration Designer (HKLM-x32\...\{4E1BAC0C-0BF2-4A6B-E837-A368AC6BF20D}) (Version: 10.1.17763.1 - Microsoft) Hidden
Imaging Designer (HKLM-x32\...\{949093A4-14B4-E19A-CCE8-1FE1D3527EFD}) (Version: 10.1.17763.1 - Microsoft) Hidden
Imaging Tools Support (HKLM-x32\...\{A8D1FB0D-D923-75CE-F7CF-5C6C498C2038}) (Version: 10.1.17763.1 - Microsoft) Hidden
KeyDominator2 (HKLM-x32\...\BloodyKeyboard) (Version: 20.01.0002 - Bloody)
Kingston AURA DRAM Component (HKLM\...\{965CDF5F-901C-476F-B3A8-7396701B1129}) (Version: 1.1.12 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{2237a879-7fa4-4e21-ae3b-00f6a649b9d9}) (Version: 1.1.12 - KINGSTON COMPONENTS INC.) Hidden
Kits Configuration Installer (HKLM-x32\...\{B0D8CD97-2DD5-E313-D77D-C737FEC323F3}) (Version: 10.1.17763.1 - Microsoft) Hidden
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech Gaming Software 9.02 (HKLM\...\Logitech Gaming Software) (Version: 9.02.65 - Logitech Inc.)
Malwarebytes version 4.5.7.186 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.7.186 - Malwarebytes)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.15028.20160 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 100.0.1185.36 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 100.0.1185.36 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29913 (HKLM-x32\...\{03d1453c-7d5c-479c-afea-8482f406e036}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MSI Afterburner 4.6.4 (HKLM-x32\...\Afterburner) (Version: 4.6.4 - MSI Co., LTD)
MSI SDK (HKLM-x32\...\{EE7D557C-3AE7-4348-8DCA-3A89790D0002}}_is1) (Version: 2.2021.1227.01 - MSI)
Norton 360 (HKLM-x32\...\NGC) (Version: 22.22.2.10 - Symantec Corporation)
NVIDIA FrameView SDK 1.2.7321.30900954 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7321.30900954 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.25.0.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.25.0.84 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.39.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.3 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 512.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 512.15 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
O&O Defrag Professional (HKLM\...\{D295063F-D1BB-4631-A189-B0892705843D}) (Version: 23.5.5019 - O&O Software GmbH)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15028.20050 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15028.20160 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.111.50299 - Electronic Arts, Inc.)
Patriot Viper DRAM RGB (HKLM\...\{1F9C282E-CCB4-4D8E-A5CB-7B74DFCD8C95}) (Version: 1.0.9.2 - Patriot Memory) Hidden
Patriot Viper DRAM RGB (HKLM-x32\...\{fdc098ce-d76c-4e2e-a0a6-01a24e9a1f7d}) (Version: 1.0.9.2 - Patriot Memory)
Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.0.6.5 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{387596e5-692e-4baf-bec2-3338d555df7a}) (Version: 1.0.6.5 - Patriot Memory)
PHISON HAL (HKLM\...\{966E33F0-6786-4B38-AA29-C1B3F6C1955D}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden
PHISON HAL (HKLM-x32\...\{549da357-1b81-456b-83f2-dcc47c41dfff}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden
REDlauncher (HKU\S-1-5-21-2060847573-491222334-2049653053-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - GOG.com)
Revo Uninstaller Pro 4.5.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.5.5 - VS Revo Group, Ltd.)
RivaTuner Statistics Server 7.3.3 (HKLM-x32\...\RTSS) (Version: 7.3.3 - Unwinder)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.45.416 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.8.9 - Rockstar Games)
ROG Live Service (HKLM-x32\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 1.3.10.0 - ASUSTek COMPUTER INC.)
ROG Ryujin (HKLM-x32\...\{5da85431-3e0b-4f6f-a887-99db97a0b618}) (Version: 3.00.05 - ASUSTek Computer Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Toolkit Documentation (HKLM-x32\...\{2610C547-A3EC-2F50-41CB-6A509C16AAE5}) (Version: 10.1.17763.1 - Microsoft) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22a - Ghisler Software GmbH)
TreeSize Free V4.5.1 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.5.1 - JAM Software)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 53.0 - Ubisoft)
UEV Tools on amd64 (HKLM\...\{FD70DA2C-E6E3-0E51-0377-FFA3AFC69A96}) (Version: 10.1.17763.1 - Microsoft) Hidden
Universal Holtek RGB DRAM (HKLM\...\{826388E4-E31F-4514-948B-3BB954FB3EAF}) (Version: 1.0.0.2 - PD) Hidden
Universal Holtek RGB DRAM (HKLM-x32\...\{6870588f-9f28-488b-a169-cf548ad6b393}) (Version: 1.0.0.2 - PD)
User State Migration Tool (HKLM-x32\...\{F5044029-8613-6685-8CE1-6D401324614E}) (Version: 10.1.17763.1 - Microsoft) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{e42c5874-37b0-4977-9e8d-70bf006e1f76}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
Windows Assessment and Deployment Kit - Windows 10 (HKLM-x32\...\{3dec9467-d9ad-42df-8e84-888057bac8f1}) (Version: 10.1.17763.1 - Microsoft Corporation)
Windows Assessment and Deployment Kit Windows Preinstallation Environment Add-ons - Windows 10 (HKLM-x32\...\{d5163028-7863-4874-9e37-2284427b76fb}) (Version: 10.1.17763.1 - Microsoft Corporation)
WPT Redistributables (HKLM-x32\...\{1D8348E1-F258-06C3-1562-8DC2AEFF9F72}) (Version: 10.1.17763.1 - Microsoft) Hidden
WPTx64 (HKLM-x32\...\{7C3818E5-0654-A08A-C701-95B459B78C31}) (Version: 10.1.17763.1 - Microsoft) Hidden
Packages:
=========
ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.0.11.0_x64__qmba6cd70vzyy [2022-01-16] (ASUSTeK COMPUTER INC.)
DragonCenter -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.123.0_x64__kzh8wxbdkxb8p [2022-01-16] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_135.1.385.0_x64__v10z8vjag6ke6 [2022-03-21] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-29] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-03-26] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.27.252.0_x64__dt26b99r8h8gj [2021-08-01] (Realtek Semiconductor Corp)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files (x86)\Acronis\CyberProtectHomeOffice\tishell64_26_1_39703.dll [2021-10-22] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\CyberProtectHomeOffice\tishell64_26_1_39703.dll [2021-10-22] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\CyberProtectHomeOffice\tishell64_26_1_39703.dll [2021-10-22] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\CyberProtectHomeOffice\tishell64_26_1_39703.dll [2021-10-22] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.22.2.10\buShell.dll [2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.22.2.10\buShell.dll [2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.22.2.10\buShell.dll [2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.22.2.10\buShell.dll [2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.22.2.10\buShell.dll [2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.22.2.10\buShell.dll [2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.22.2.10\buShell.dll [2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [Image Resizer] -> {51B4D7E5-7568-4234-B4BB-47FB3C016A69} => C:\Program Files\Image Resizer for Windows\ShellExtensions.dll [2019-12-23] (Open Source Developer, Brice Lambson -> Brice Lambson)
ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.22.2.10\NavShExt.dll [2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2020-06-11] (O&O Software GmbH -> O&O Software GmbH)
ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.22.2.10\NavShExt.dll [2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers2: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2020-06-11] (O&O Software GmbH -> O&O Software GmbH)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-01-28] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c0e159863e7afdde\nvshext.dll [2022-03-18] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.22.2.10\buShell.dll [2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-01-28] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.22.2.10\NavShExt.dll [2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2020-06-11] (O&O Software GmbH -> O&O Software GmbH)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2020-09-28] (VS Revo Group Ltd. -> VS Revo Group)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.RTV1] => c:\windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\PROXIMA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2022-01-21 00:49 - 2021-12-10 18:55 - 000093184 _____ () [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\zlibwapi.dll
2021-12-03 15:36 - 2021-12-03 15:36 - 000232960 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2021-12-03 15:36 - 2021-12-03 15:36 - 000057344 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2021-12-03 15:36 - 2021-12-03 15:36 - 000668672 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2021-12-03 15:36 - 2021-12-03 15:36 - 000074240 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2021-12-03 15:36 - 2021-12-03 15:36 - 000371712 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2021-09-25 23:33 - 2021-09-25 23:33 - 000015360 _____ () [File not signed] C:\Program Files (x86)\Origin\libEGL.DLL
2021-09-25 23:33 - 2021-09-25 23:33 - 003090944 _____ () [File not signed] C:\Program Files (x86)\Origin\libGLESv2.dll
2020-02-13 16:53 - 2022-01-28 00:05 - 126964224 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2020-02-13 16:53 - 2021-11-17 13:38 - 000384000 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2020-02-13 16:53 - 2021-11-17 13:38 - 008006656 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2018-03-23 13:00 - 2021-08-01 01:17 - 131129344 _____ () [File not signed] C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\libcef.dll
2021-08-01 12:09 - 2021-08-01 01:17 - 000332288 _____ () [File not signed] C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\libegl.dll
2021-08-01 12:09 - 2021-08-01 01:17 - 005855232 _____ () [File not signed] C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\libglesv2.dll
2020-08-01 14:38 - 2020-08-01 14:38 - 000043520 _____ () [File not signed] C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\libUbiCustomEvent.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 006982158 _____ () [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\ffmpeg\avcodec-55.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000904718 _____ () [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\ffmpeg\avformat-55.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000242190 _____ () [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\ffmpeg\avutil-52.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000408590 _____ () [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\ffmpeg\swscale-2.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000052836 _____ () [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\ffmpeg\zlib1.dll
2020-05-26 18:08 - 2020-05-26 18:08 - 002831360 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\LightingService\log4cxx.dll
2021-12-27 10:04 - 2021-12-27 10:04 - 000047104 _____ (CTI) [File not signed] C:\Program Files\ENE\Aac_ENE RGB HAL\x86\MsIo32_ENE.dll
2022-01-16 16:41 - 2018-11-15 15:08 - 002200784 _____ (Dexin Corp -> MICRO-STAR INTERNATIONAL) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\IcMSIDll.dll
2022-01-16 16:39 - 2022-01-16 16:39 - 002972368 _____ (Dexin Corp -> MICRO-STAR INTERNATIONAL) [File not signed] C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.123.0_x64__kzh8wxbdkxb8p\DCv2\Device\GM6070\IcMSIDll.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000135168 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\mediaservice\wmfengine.dll
2021-08-01 12:16 - 2021-08-01 12:16 - 000242176 _____ (Fortemedia) [File not signed] C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.27.252.0_x64__dt26b99r8h8gj\FMAPOCTL.dll
2009-09-16 19:44 - 2009-09-16 19:44 - 000153088 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hptcpmib.dll
2009-09-16 19:45 - 2009-09-16 19:45 - 000331264 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\HpTcpMon.dll
2009-09-16 12:44 - 2009-09-16 12:44 - 000132096 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hpzjrd01.dll
2022-01-16 01:53 - 2021-12-26 16:00 - 000093696 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2009-09-16 19:45 - 2009-09-16 19:45 - 000317440 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\HPTcpMUI.dll
2020-05-11 17:41 - 2020-05-11 17:41 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2020-05-11 17:41 - 2020-05-11 17:41 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2022-01-16 16:41 - 2018-08-31 08:26 - 000053760 _____ (MS) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\MsIo32_Galax.dll
2020-01-27 05:44 - 2020-01-27 05:44 - 000023040 _____ (Synaptics Incorporated.) [File not signed] C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.27.252.0_x64__dt26b99r8h8gj\SynAudSrvDll.dll
2020-02-13 16:53 - 2022-01-28 00:05 - 000983552 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\chrome_elf.dll
2018-03-23 13:00 - 2021-08-01 01:17 - 000952320 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\chrome_elf.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 000002560 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Origin\icudt58.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 001252864 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Origin\icuuc58.dll
2022-01-21 00:49 - 2021-12-10 18:55 - 003394560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libcrypto-1_1-x64.dll
2022-01-21 00:49 - 2021-12-10 18:55 - 000679424 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libssl-1_1-x64.dll
2021-09-25 23:33 - 2021-09-25 23:33 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2021-09-25 23:33 - 2021-09-25 23:33 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2018-04-06 20:29 - 2018-04-06 20:29 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\LIBEAY32.dll
2018-04-06 20:29 - 2018-04-06 20:29 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\ssleay32.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 001276928 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\LIBEAY32.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000276992 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\ssleay32.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qgif.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 000032768 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qico.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 000256512 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 000026112 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qtga.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 000305152 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2021-09-25 23:33 - 2021-09-25 23:33 - 000278016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\mediaservice\dsengine.dll
2021-09-25 23:33 - 2021-09-25 23:33 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 000709120 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Multimedia.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 000207360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Positioning.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 000310272 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5PrintSupport.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 003513344 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Qml.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 003390976 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Quick.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 000068096 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5QuickWidgets.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 000045568 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5TextToSpeech.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 054071296 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebEngineCore.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 000211456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebEngineWidgets.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 000116224 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebChannel.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000047104 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\audio\qtaudio_windows.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000038400 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\bearer\qgenericbearer.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000025600 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\imageformats\qgif.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000034816 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\imageformats\qicns.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000025600 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\imageformats\qico.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000364032 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\imageformats\qjpeg.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000021504 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\imageformats\qsvg.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000019968 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\imageformats\qtga.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000331776 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\imageformats\qtiff.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000019456 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\imageformats\qwbmp.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000414720 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\imageformats\qwebp.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 001192960 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\platforms\qwindows.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\Qt5Concurrent.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 005087232 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\Qt5Core.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 005353984 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\Qt5Gui.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000576512 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\Qt5Multimedia.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 001042944 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\Qt5Network.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000260096 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\Qt5Positioning.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000267776 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\Qt5PrintSupport.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 003359232 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\Qt5Qml.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 003181056 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\Qt5Quick.dll
2021-12-21 17:05 - 2022-01-10 16:33 - 000059904 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\Qt5QuickWidgets.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000265728 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\Qt5Svg.dll
2021-12-21 17:05 - 2022-01-10 16:33 - 059392000 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\Qt5WebEngineCore.dll
2021-12-21 17:05 - 2022-01-10 16:33 - 000187904 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\Qt5WebEngineWidgets.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\Qt5WebChannel.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000125440 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\Qt5WebSockets.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 004532224 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\Qt5Widgets.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000147456 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\Qt5Xml.dll
2021-12-21 17:05 - 2022-01-10 16:33 - 000122880 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\styles\qwindowsvistastyle.dll
2022-01-16 16:41 - 2016-10-04 05:43 - 000399872 _____ (TODO: <公司名稱>) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Lib\SDKDLL.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\01546352.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\10428605.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\01546352.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\10428605.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-2060847573-491222334-2049653053-1001\Software\Classes\.scr: DWGTrueViewScriptFile => C:\WINDOWS\system32\notepad.exe "%1"
==================== Internet Explorer (Whitelisted) ==========
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.22.2.10\coIEPlg.dll [2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-03-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine32\22.22.2.10\coIEPlg.dll [2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.22.2.10\coIEPlg.dll [2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.22.2.10\coIEPlg.dll [2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 06:49 - 2019-03-19 06:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2060847573-491222334-2049653053-1001\Control Panel\Desktop\\Wallpaper -> D:\OBRÁZKY\BACKGROUNDS\wallhaven-965qzx.jpg
DNS Servers: 86.49.5.221 - 86.49.5.222
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet 2: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)
Ethernet: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run32: => "Discord"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKU\S-1-5-21-2060847573-491222334-2049653053-1001\...\StartupApproved\StartupFolder: => "DesktopVideoPlayer.lnk"
HKU\S-1-5-21-2060847573-491222334-2049653053-1001\...\StartupApproved\StartupFolder: => "Poslat do aplikace OneNote.lnk"
HKU\S-1-5-21-2060847573-491222334-2049653053-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2060847573-491222334-2049653053-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2060847573-491222334-2049653053-1001\...\StartupApproved\Run: => "SurfEasy"
HKU\S-1-5-21-2060847573-491222334-2049653053-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2060847573-491222334-2049653053-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B784FE21-701F-4BFB-9F84-E474C3E255F0}] => (Allow) D:\HRY\steamapps\common\Far Cry New Dawn\bin\FarCryNewDawn.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{58790B5A-82F4-4201-BE6F-E6F74E01AB60}] => (Allow) D:\HRY\steamapps\common\Far Cry New Dawn\bin\FarCryNewDawn.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{8F294AD7-C20F-41D8-BEB6-59FD2AC17F36}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{60EEF22F-3B77-4CAE-A702-625C27C3F97F}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe => No File
FirewallRules: [{0C35891E-CC97-4E60-80F6-76821D8425A0}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{903707C3-5A7E-43CF-9C03-F01365A07421}] => (Allow) D:\HRY\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com)
FirewallRules: [{62959DEE-BA12-4A72-BE16-A216C79F0608}] => (Allow) D:\HRY\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com)
FirewallRules: [{4A1CB351-EF6A-40E3-B6DE-0FC7A24207A4}] => (Allow) D:\HRY\steamapps\common\LastEvil\LastEvil.exe () [File not signed]
FirewallRules: [{146918A2-FE4C-4937-9EED-AD08A5A87ABA}] => (Allow) D:\HRY\steamapps\common\LastEvil\LastEvil.exe () [File not signed]
FirewallRules: [{1FC6714A-772C-4778-8C7A-3A129EF131F8}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{4211B7C9-D40A-4E38-96A9-ACC0D4589378}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{C41B0838-85DF-4E16-97E5-D50161F907F6}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{91C1E9AA-1630-4A24-8EBF-2F889B90ADEA}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{151244F0-B71F-442A-A391-FA4693447F74}] => (Allow) D:\HRY\steamapps\common\Far Cry 4\bin\IGE_WPF64.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{2094F646-0D1B-4F2A-BA58-F4F9AE9884FC}] => (Allow) D:\HRY\steamapps\common\Far Cry 4\bin\IGE_WPF64.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{62A45BD7-60EA-494F-BBA5-F1DD6971E06E}] => (Allow) D:\HRY\steamapps\common\Far Cry 4\bin\FarCry4.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{697BF95A-87E7-418B-8BCF-0D44410B2595}] => (Allow) D:\HRY\steamapps\common\Far Cry 4\bin\FarCry4.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{0F44197A-723C-4A35-901E-5991A71B6EC8}] => (Allow) C:\Program Files\Acronis\CyberProtect\cyber-protect-service.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{0EC73DA9-E7C7-4F66-AE90-2BECA2CA660E}] => (Allow) C:\Program Files (x86)\Acronis\Agent\aakore.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{916F5D4F-08DB-43F8-A8C0-2CB5B14C44C5}] => (Allow) D:\HRY\steamapps\common\Far Cry 3\bin\farcry3_d3d11.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{CC6FF476-6359-4438-B9F0-FB57F2A13FCF}] => (Allow) D:\HRY\steamapps\common\Far Cry 3\bin\farcry3_d3d11.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{DDB9457E-FF4B-4465-B7AD-99C71205C52C}] => (Allow) D:\HRY\steamapps\common\Far Cry 3\bin\farcry3.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{A9D40703-9D66-4536-8917-84CA67DA7852}] => (Allow) D:\HRY\steamapps\common\Far Cry 3\bin\farcry3.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{B0EAB618-0AC8-4466-8225-8D889DC2FC30}] => (Allow) D:\HRY\steamapps\common\FarCry5\bin\FarCry5.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{4ACCE089-B880-4521-9D3F-EF4F16E46394}] => (Allow) D:\HRY\steamapps\common\FarCry5\bin\FarCry5.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{488B3B31-5121-489D-95BD-FD7591BB6B41}] => (Allow) D:\HRY\steamapps\common\Metro Exodus\MetroExodus.exe (4A Games) [File not signed]
FirewallRules: [{A0ED29B6-9D94-4039-95D9-8998E60D5396}] => (Allow) D:\HRY\steamapps\common\Metro Exodus\MetroExodus.exe (4A Games) [File not signed]
FirewallRules: [{30E15B77-C99A-4432-952D-43FE18849EFE}] => (Allow) D:\HRY\steamapps\common\Metro Last Light Redux\metro.exe (Koch Media GmbH -> 4A Games)
FirewallRules: [{BBF8565B-D036-49B9-AB45-EEBF5D867994}] => (Allow) D:\HRY\steamapps\common\Metro Last Light Redux\metro.exe (Koch Media GmbH -> 4A Games)
FirewallRules: [{A93D0B15-6938-48EB-A896-3D44E2BFB133}] => (Allow) D:\HRY\steamapps\common\Metro 2033 Redux\metro.exe (Koch Media GmbH -> 4A Games)
FirewallRules: [{94E9C275-D01D-4FF0-BB7A-9802E9625825}] => (Allow) D:\HRY\steamapps\common\Metro 2033 Redux\metro.exe (Koch Media GmbH -> 4A Games)
FirewallRules: [{3DF5AB67-5C2E-4CFD-BA1E-FE12C76A3854}] => (Allow) D:\HRY\steamapps\common\Far Cry 2\bin\FC2ServerLauncher.exe (Ubisoft Entertainment) [File not signed]
FirewallRules: [{1C0E9D67-47F9-4DC5-900E-E746D312DFE9}] => (Allow) D:\HRY\steamapps\common\Far Cry 2\bin\FC2ServerLauncher.exe (Ubisoft Entertainment) [File not signed]
FirewallRules: [{7B189CEB-7B64-47C4-B77D-A1440B0E2FD7}] => (Allow) D:\HRY\steamapps\common\Far Cry 2\bin\FC2BenchmarkTool.exe (Ubisoft Entertainment) [File not signed]
FirewallRules: [{806D0DB1-4938-4377-B9CC-5EBCA1D0FD6F}] => (Allow) D:\HRY\steamapps\common\Far Cry 2\bin\FC2BenchmarkTool.exe (Ubisoft Entertainment) [File not signed]
FirewallRules: [{2F6B4C81-1DEF-45E5-8ADA-C61F5CDA35E2}] => (Allow) D:\HRY\steamapps\common\Far Cry 2\bin\FC2Editor.exe (Ubisoft Entertainment) [File not signed]
FirewallRules: [{8B873CD6-002E-4401-9B18-DB0E48D62D0F}] => (Allow) D:\HRY\steamapps\common\Far Cry 2\bin\FC2Editor.exe (Ubisoft Entertainment) [File not signed]
FirewallRules: [{CB1036EF-F0B5-4DE8-88F5-37030BE26056}] => (Allow) D:\HRY\steamapps\common\Far Cry 2\bin\FarCry2.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{AEA8DE10-6412-4C4E-BE15-B08E4517F91A}] => (Allow) D:\HRY\steamapps\common\Far Cry 2\bin\FarCry2.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{A75691EE-201D-4AAE-AC52-8323AFD1B0D5}] => (Allow) D:\HRY\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{C445DD13-E87D-4115-A74B-12A624421575}] => (Allow) D:\HRY\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{C3568898-163C-49A3-892D-7C9ABBCB05D8}] => (Allow) D:\HRY\steamapps\common\Command and Conquer Red Alert 3\runme.exe () [File not signed]
FirewallRules: [{860E0A68-A332-4650-9D5D-0C7C8C040D1D}] => (Allow) D:\HRY\steamapps\common\Command and Conquer Red Alert 3\runme.exe () [File not signed]
FirewallRules: [{18C31DC6-2EA1-415E-8E04-B35525AF123B}] => (Allow) D:\HRY\steamapps\common\Command and Conquer 3 - Kane's Wrath\CNC3EP1.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{D47AF13C-2D10-47BF-8C5C-765EE8B278CC}] => (Allow) D:\HRY\steamapps\common\Command and Conquer 3 - Kane's Wrath\CNC3EP1.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{D4D7CF2C-7BC0-41A0-809C-FD4F3B7A571A}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe (Acronis International GmbH -> )
FirewallRules: [{E9F2A250-033A-4B7C-B6B2-41ED4E02104D}] => (Allow) D:\HRY\steamapps\common\Star Wars Empire at War\runme2.exe (Disney Interactive Studios Inc -> )
FirewallRules: [{6AD2E3D7-000D-497E-829F-4B5F50EE66BD}] => (Allow) D:\HRY\steamapps\common\Star Wars Empire at War\runme2.exe (Disney Interactive Studios Inc -> )
FirewallRules: [{9FA944DC-6CD5-4C83-A3B5-DF91AF5D2692}] => (Allow) D:\HRY\steamapps\common\Star Wars Empire at War\runme.exe (Disney Interactive Studios Inc -> )
FirewallRules: [{DE840D14-2892-45BF-B7C6-D7073EF6796C}] => (Allow) D:\HRY\steamapps\common\Star Wars Empire at War\runme.exe (Disney Interactive Studios Inc -> )
FirewallRules: [{41415005-63DD-4A2D-A9BE-B7B0311CEF61}] => (Allow) D:\HRY\steamapps\common\Quake 3 Arena\quake3.exe () [File not signed]
FirewallRules: [{DF31E89E-CF8F-4C51-9949-82972F69E155}] => (Allow) D:\HRY\steamapps\common\Quake 3 Arena\quake3.exe () [File not signed]
FirewallRules: [{4F88C9BB-1A26-480A-A58A-0D6F2B674EF2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{434EA81D-48F2-49FB-97E1-62FA364C2C6C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{81E9C241-D9D0-4542-88A9-2DBBEFFAA844}] => (Allow) D:\HRY\steamapps\common\Cinderella Escape! R12\CinderellaEscape!_R12.exe () [File not signed]
FirewallRules: [{82710235-2331-417D-BC51-63FAA49D6026}] => (Allow) D:\HRY\steamapps\common\Cinderella Escape! R12\CinderellaEscape!_R12.exe () [File not signed]
FirewallRules: [{C9B5DD00-8028-4C1D-A8CC-7C69A3BCA6D0}] => (Allow) C:\Users\PROXIMA\AppData\Local\vghd\bin\vghd.exe (Totem Core Limited) [File not signed]
FirewallRules: [{90243407-4E72-4748-88C5-036CCE40A8BD}] => (Allow) C:\Users\PROXIMA\AppData\Local\vghd\bin\vghd.exe (Totem Core Limited) [File not signed]
FirewallRules: [{E22E0740-9C27-4F25-BFBC-5563391A6899}] => (Allow) D:\HRY\steamapps\common\Torchlight II\ModLauncher.exe (Runic Games, Inc. -> Runic Games, Inc.)
FirewallRules: [{51233C75-A6BE-41EF-89FD-25D88E695215}] => (Allow) D:\HRY\steamapps\common\Torchlight II\ModLauncher.exe (Runic Games, Inc. -> Runic Games, Inc.)
FirewallRules: [{27B2A585-63D1-433B-9B31-0C199A13770F}] => (Allow) D:\HRY\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{26CDAF47-8EFD-48EE-99BF-5EF7F204C302}] => (Allow) D:\HRY\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [UDP Query User{4375D644-7889-4999-914D-95C9D30107FB}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{CEEBEABA-B53C-4FE6-8A36-7666E08D232A}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [{719B9DD9-EBC7-4576-AE1F-E800D5EFA0E8}] => (Allow) D:\HRY\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Take-Two Interactive Software, Inc. -> Gearbox Software)
FirewallRules: [{17AA2BF1-BE96-41A0-8477-72F5F8F0C307}] => (Allow) D:\HRY\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Take-Two Interactive Software, Inc. -> Gearbox Software)
FirewallRules: [{51910EBB-08FA-4478-8DBB-96E123464130}] => (Allow) D:\HRY\steamapps\common\Star Trek Online\Star Trek Online.exe (CRYPTIC STUDIOS, INC -> )
FirewallRules: [{FD31F164-015B-47E0-9A21-8E2417BCE774}] => (Allow) D:\HRY\steamapps\common\Star Trek Online\Star Trek Online.exe (CRYPTIC STUDIOS, INC -> )
FirewallRules: [{6F51060A-B286-4AD3-A215-59880613CDB1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{74934010-C151-4D6A-B0A8-0311964D660B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{8871A495-E9A5-47E2-8C97-F928723CF8DF}] => (Block) C:\program files (x86)\gigabyte\@bios\flashbios.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
FirewallRules: [{18DB614F-0F6C-4436-BB95-23F489B6A696}] => (Block) C:\program files (x86)\gigabyte\@bios\flashbios.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
FirewallRules: [UDP Query User{DC771EBE-AB50-4652-A965-22157807F4CD}C:\program files (x86)\gigabyte\@bios\flashbios.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\flashbios.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
FirewallRules: [TCP Query User{A6978883-5BEE-4DDC-A206-15CD0E9DD984}C:\program files (x86)\gigabyte\@bios\flashbios.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\flashbios.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
FirewallRules: [{0528BF92-05EC-4343-9707-1494AEB63DD4}] => (Allow) D:\HRY\steamapps\common\3DMark\3DMarkLauncher.exe (FUTUREMARK INC -> Futuremark)
FirewallRules: [{DAD0B92F-E400-41EF-9C95-743193D4ABE0}] => (Allow) D:\HRY\steamapps\common\3DMark\3DMarkLauncher.exe (FUTUREMARK INC -> Futuremark)
FirewallRules: [{6119D93F-9075-4B95-BD8A-210AC9F77178}] => (Allow) D:\HRY\steamapps\common\BorderlandsGOTYEnhanced\Binaries\Win64\Launcher.exe (Gearbox Software) [File not signed]
FirewallRules: [{702E434C-84DC-4D01-B1FE-845F8BCA20D7}] => (Allow) D:\HRY\steamapps\common\BorderlandsGOTYEnhanced\Binaries\Win64\Launcher.exe (Gearbox Software) [File not signed]
FirewallRules: [{9C946168-E388-443B-8428-5CE7E50CA255}] => (Allow) D:\HRY\steamapps\common\FarCry5\bin\FarCry5.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{157299C5-0231-40A8-8F40-5E01C6AB209D}] => (Allow) D:\HRY\steamapps\common\FarCry5\bin\FarCry5.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{7C7E6AB4-977A-4213-A920-CA4089667966}] => (Allow) D:\HRY\steamapps\common\FarCry5\bin\ArcadeEditor64.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{65C6065B-2736-4384-8A6F-B030F86C8DCB}] => (Allow) D:\HRY\steamapps\common\FarCry5\bin\ArcadeEditor64.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{3C594074-EDFF-4423-A278-F877C1CA0218}] => (Allow) D:\HRY\steamapps\common\She Will Punish Them\She Will Punish Them.exe () [File not signed]
FirewallRules: [{35536CA6-93D6-412F-A4FD-09A52DCBBA42}] => (Allow) D:\HRY\steamapps\common\She Will Punish Them\She Will Punish Them.exe () [File not signed]
FirewallRules: [{C8F800AC-39F3-41EE-9100-C0E27B33BB83}] => (Allow) D:\HRY\steamapps\common\Naval Action\Client.exe () [File not signed]
FirewallRules: [{76700009-64E5-4067-B9E0-C7C9BE16D4B1}] => (Allow) D:\HRY\steamapps\common\Naval Action\Client.exe () [File not signed]
FirewallRules: [{01EDE943-BA62-49AC-968D-F6F69B00937D}] => (Allow) D:\HRY\steamapps\common\Naval Action\NavalActionCrashSender.exe (Game Labs, Inc. -> )
FirewallRules: [{393411BC-F844-45E2-9092-A58B7446BC1F}] => (Allow) D:\HRY\steamapps\common\Naval Action\NavalActionCrashSender.exe (Game Labs, Inc. -> )
FirewallRules: [{24B364F7-3D0E-4A23-A996-7CC2E716AC3F}] => (Allow) D:\HRY\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{BE4C8F11-00C2-45E4-889B-E9EC10B86A22}] => (Allow) D:\HRY\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{849E7A2D-CF0A-459D-B641-77BB32DE329A}] => (Allow) D:\HRY\steamapps\common\OpenTTD\openttd.exe (OpenTTD Distribution LTD -> OpenTTD Development Team)
FirewallRules: [{AAB8A78C-0B1F-4BF7-9E74-D00AAFBA03DC}] => (Allow) D:\HRY\steamapps\common\OpenTTD\openttd.exe (OpenTTD Distribution LTD -> OpenTTD Development Team)
FirewallRules: [{7140E622-BF05-424F-A7B7-7EDF5E67AB4F}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> )
FirewallRules: [{F2D80B9F-5FCF-4EF5-A333-09D3923D5E19}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{AD231456-18F5-498D-85AD-C79DE93CC958}] => (Allow) C:\Program Files (x86)\Acronis\CyberProtectHomeOffice\CyberProtectHomeOffice.exe (Acronis International GmbH -> )
FirewallRules: [{86EEF5F9-59A7-4E11-8E07-AD4E85A8F091}] => (Allow) C:\Program Files (x86)\Acronis\CyberProtectHomeOffice\CyberProtectHomeOfficeMonitor.exe (Acronis International GmbH -> )
FirewallRules: [{A1F198A9-76B1-42C0-BCE0-45979C375133}] => (Allow) C:\Program Files (x86)\Acronis\CyberProtectHomeOffice\CyberProtectHomeOfficeTools.exe (Acronis International GmbH -> )
FirewallRules: [{D0B00939-1C32-4278-A2AF-DB1E86F7C5B2}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\CyberProtectHomeOffice\CyberProtectHomeOfficeService.exe (Acronis International GmbH -> )
FirewallRules: [{B3D6A000-4675-40D7-90CD-018BA450F317}] => (Allow) C:\Program Files (x86)\Acronis\CyberProtectHomeOffice\MediaBuilder.exe (Acronis International GmbH -> )
FirewallRules: [{19F568FC-95BC-445B-9DAD-7F76CB203604}] => (Allow) C:\Program Files (x86)\Acronis\CyberProtectHomeOffice\SystemReport.exe (Acronis International GmbH -> )
FirewallRules: [{5E0C90E7-CCA5-4BF6-9027-0C19F6EF5A82}] => (Allow) C:\Program Files (x86)\Acronis\CyberProtectHomeOffice\acronis_drive.exe (Acronis International GmbH -> )
FirewallRules: [{44AF784D-9E2D-4892-A655-06CFA0ECA25D}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{4CF82429-BCBF-4152-A8D0-53CB922FEDBB}] => (Allow) C:\Program Files (x86)\Acronis\CyberProtectHomeOffice\mobile_backup_status_server.exe (Acronis International GmbH -> )
FirewallRules: [{A617C266-AA25-483E-9F5D-BA7876AED69C}] => (Allow) C:\Program Files (x86)\Acronis\CyberProtectHomeOffice\ga_service.exe (Acronis International GmbH -> )
FirewallRules: [{2395C823-0877-44C0-ACB2-3A7CA6911837}] => (Allow) C:\Program Files (x86)\Acronis\CyberProtectHomeOffice\LicenseActivator.exe (Acronis International GmbH -> )
FirewallRules: [{143D187F-B65B-4EEF-96A7-CE88A657CF05}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Home\report_sender.exe (Acronis International GmbH -> )
FirewallRules: [{EFCA75C9-873A-4FA5-879C-65144555FC3A}] => (Allow) C:\Program Files (x86)\Acronis\Agent\bin\bckp_amgr.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{0C95293D-8859-45CC-902D-BDE925129677}] => (Allow) C:\Program Files (x86)\Acronis\Agent\bin\task-manager.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{668B9E8D-0E79-4B67-A620-7FC73571791A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4ECB65AC-3753-42A0-ABA7-4D670632CDEC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{22310D04-1BD7-458E-A488-77E9E8082F07}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{B752E2E7-2F30-49D4-8286-7F848E82645A}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{BF8B9150-614D-4776-9D14-CB75EE88031D}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{7B5CA7B9-4E23-4C83-B5B6-21C3412FC6B5}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{8DB2492D-C9DA-4EA4-B309-626385BC972D}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{13CFF836-93ED-49CD-B9F2-07AD25A432EC}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe => No File
FirewallRules: [{AF0F3A20-DE32-4F46-A0E7-772CCBCCEA6E}] => (Allow) D:\HRY\steamapps\common\Bedroom Blackjack\Bedroom Blackjack\Bedroom Blackjack.exe () [File not signed]
FirewallRules: [{C82E8AED-B4DE-4865-8450-DA2F75AB84B4}] => (Allow) D:\HRY\steamapps\common\Bedroom Blackjack\Bedroom Blackjack\Bedroom Blackjack.exe () [File not signed]
FirewallRules: [{0E1DCD8A-82BD-4F5B-B0CF-57D87FAC1499}] => (Allow) D:\HRY\steamapps\common\Far Cry New Dawn\bin\FarCryNewDawn.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{75A04994-29CB-43B5-A825-8018F0364364}] => (Allow) D:\HRY\steamapps\common\Far Cry New Dawn\bin\FarCryNewDawn.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{8471746B-FF4D-4810-B968-04A47D5C7496}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{CA995243-BD7E-44C8-BE51-84A475856111}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{D69904E0-8BE2-45FC-B9D5-9D0165E505A4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{597069C1-B701-4606-A434-5FD8DE9B0101}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{8D96A1E7-0DAA-4106-8A39-159A6094970A}] => (Allow) D:\HRY\steamapps\common\Heroes of Might & Magic III - HD Edition\HOMM3Launcher.exe () [File not signed]
FirewallRules: [{FF47E219-4105-4C37-A165-99189437B95E}] => (Allow) D:\HRY\steamapps\common\Heroes of Might & Magic III - HD Edition\HOMM3Launcher.exe () [File not signed]
FirewallRules: [{FA87B405-A051-40CA-BC0B-FD36515304ED}] => (Allow) D:\HRY\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{7F02FE15-55E6-4D60-AFBF-CAB01F60F1F3}] => (Allow) D:\HRY\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{D0272A6E-8885-4C6E-96CD-B1134A0746F6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{61A79B85-6946-4005-89BB-BBBF49C18AAA}] => (Allow) D:\HRY\steamapps\common\3DMark\bin\x86\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{3F7CF548-987A-4115-8E55-3C40E02A9D92}] => (Allow) D:\HRY\steamapps\common\3DMark\bin\x86\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{E5F44B89-E382-47CB-B51C-C508CEF3D333}] => (Allow) D:\HRY\steamapps\common\3DMark\bin\x64\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{12928AC8-71B7-444A-9FF2-8F5DAC2F770E}] => (Allow) D:\HRY\steamapps\common\3DMark\bin\x64\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{27E8171C-6978-4E31-B6CA-B3CAEE9908DA}] => (Allow) LPort=32682
FirewallRules: [{3A020870-4E8C-4716-889A-EEA16DCAF076}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:952.79 GB) (Free:773.42 GB) (81%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (04/10/2022 01:24:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AcPowerNotification.exe, verze: 1.0.3.5, časové razítko: 0xf18935db
Název chybujícího modulu: clr.dll, verze: 4.8.4470.0, časové razítko: 0x61b731cd
Kód výjimky: 0xc00000fd
Posun chyby: 0x004d556a
ID chybujícího procesu: 0x2b18
Čas spuštění chybující aplikace: 0x01d84c000c397c00
Cesta k chybující aplikaci: C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
Cesta k chybujícímu modulu: C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
ID zprávy: b965c67a-755f-4a80-b4cb-a5afc118ff1b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (04/10/2022 12:10:56 AM) (Source: Acronis Scheduler) (EventID: 1) (User: PROXIMA)
Description: Scheduler failed to run task with GUID '35CD6FD7-EB08-40BF-9D7B-33B0535CBF1B' because of error 3 (Systém nemůže nalézt uvedenou cestu).
Error: (04/09/2022 12:52:29 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (04/09/2022 12:52:29 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (04/09/2022 12:42:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbam.exe, verze: 4.0.0.1290, časové razítko: 0x622f1bce
Název chybujícího modulu: Qt5Core.dll, verze: 5.15.8.0, časové razítko: 0x620c5b61
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000002abf8
ID chybujícího procesu: 0x6de0
Čas spuštění chybující aplikace: 0x01d84bfe8b61d3b6
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Cesta k chybujícímu modulu: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
ID zprávy: aa045449-1ab4-42ec-a6bf-3c747ca53f7d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (04/09/2022 12:42:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbam.exe, verze: 4.0.0.1290, časové razítko: 0x622f1bce
Název chybujícího modulu: Qt5Core.dll, verze: 5.15.8.0, časové razítko: 0x620c5b61
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000005000
ID chybujícího procesu: 0x6de0
Čas spuštění chybující aplikace: 0x01d84bfe8b61d3b6
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Cesta k chybujícímu modulu: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
ID zprávy: 06c723e1-315d-4113-ad46-000e47684b2a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (04/08/2022 11:00:25 PM) (Source: Acronis Scheduler) (EventID: 1) (User: PROXIMA)
Description: Scheduler failed to run task with GUID '35CD6FD7-EB08-40BF-9D7B-33B0535CBF1B' because of error 3 (Systém nemůže nalézt uvedenou cestu).
Error: (04/08/2022 10:59:00 PM) (Source: Acronis Scheduler) (EventID: 1) (User: PROXIMA)
Description: Scheduler failed to run task with GUID '1A7779C8-8294-4740-8160-E7D888EB3738' because of error 3 (Systém nemůže nalézt uvedenou cestu).
System errors:
=============
Error: (04/09/2022 12:47:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ASUS Com Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (04/04/2022 04:29:02 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.
Error: (03/27/2022 12:37:42 AM) (Source: DCOM) (EventID: 10000) (User: PROXIMA)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (03/27/2022 12:35:27 AM) (Source: DCOM) (EventID: 10000) (User: PROXIMA)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (03/26/2022 11:45:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (03/26/2022 11:45:25 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba NVIDIA LocalSystem Container byla ukončena s následující chybou:
Obecný spustitelný příkaz vrátil výsledek označující selhání.
Error: (03/17/2022 03:26:47 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (14:22:52, 17.03.2022) bylo neočekávané.
Error: (03/17/2022 12:23:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
CodeIntegrity:
===============
Date: 2022-04-10 12:48:13
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Norton Security\Engine\22.22.2.10\symamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. F30 09/15/2020
Motherboard: Gigabyte Technology Co., Ltd. X570 AORUS PRO
Processor: AMD Ryzen 7 3700X 8-Core Processor
Percentage of memory in use: 22%
Total physical RAM: 65481.91 MB
Available physical RAM: 51074.65 MB
Total Virtual: 75209.91 MB
Available Virtual: 55862.12 MB
==================== Drives ================================
Drive c: (01 - SYSTEM) (Fixed) (Total:952.79 GB) (Free:773.42 GB) NTFS
Drive d: (02 - DATA) (Fixed) (Total:3726.01 GB) (Free:1682.52 GB) NTFS
Drive e: (03 - ZÁLOHA) (Fixed) (Total:1863.01 GB) (Free:1494.8 GB) NTFS
Drive f: (04 - ZÁLOHA) (Fixed) (Total:13038.98 GB) (Free:664.87 GB) NTFS
Drive g: (05 - ACRONI) (Removable) (Total:7.31 GB) (Free:6.73 GB) FAT32
\\?\Volume{e94febca-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.57 GB) (Free:0.13 GB) NTFS
\\?\Volume{e94febca-0000-0000-0000-d056ee000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 13039 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: EA22F96F)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 953.9 GB) (Disk ID: E94FEBCA)
Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=952.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=524 MB) - (Type=27)
==========================================================
Disk: 3 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 5 (MBR Code: Windows 7/8/10) (Size: 7.3 GB) (Disk ID: 7D307545)
Partition 1: (Active) - (Size=7.3 GB) - (Type=0C)
==================== End of Addition.txt =======================
posledních několik dní mi celkem často vyskakuje hláška malwarebytes o zablokování nějakého webu / exploitu. Ze začátku se jednalo pouze o určité programy jako Acronis true image updater, a hláška se objevila tak max jednou do týdne:
později se k tomu přidal Asus framework:
opět, hláška čas od času, neřešil jsem to.
Jenže potom mi za jeden den přišlo asi 10 hlášek, jedna za druhou:
a dneska dokonce přišla hláška od steamu:
nevím co si o tom má myslet. Mám PC zabezpečený Norton 360 antivirem, Malwarebytes antimalwarem s aktivní ochranou, prozkoumal jsem PC jak jedním tak druhým programem tak i pomocí TDSS a KVRT, nic jsem nenašel.
Podle návodu přikládám log z FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-04-2022
Ran by PROXIMA (administrator) on PROXIMA (Gigabyte Technology Co., Ltd. X570 AORUS PRO) (10-04-2022 13:33:14)
Running from D:\STAHOVÁNÍ
Loaded Profiles: PROXIMA
Platform: Microsoft Windows 10 Pro Version 21H2 19044.1586 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\SwAgent\ArmourySwAgent.exe
(C:\Program Files (x86)\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Agent\bin\bckp_amgr.exe
(C:\Program Files (x86)\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Agent\bin\monitoring-mini.exe
(C:\Program Files (x86)\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Agent\bin\task-manager.exe
(C:\Program Files (x86)\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH.) C:\Program Files (x86)\Acronis\Agent\bin\adp-agent.exe
(C:\Program Files (x86)\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH.) C:\Program Files (x86)\Acronis\Agent\bin\updater.exe
(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI.CentralServer.exe
(C:\Program Files (x86)\Origin\Origin.exe ->) (Electronic Arts, Inc. -> ) C:\Program Files (x86)\Origin\QtWebEngineProcess.exe <17>
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe ->) (Ubisoft Entertainment Sweden AB -> Ubisoft) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UplayWebCore.exe <8>
(C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe ->) (ASUSTEK COMPUTER INCORPORATION -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe
(C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.UserSessionHelper.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(cmd.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe
(Discord Inc. -> Discord Inc.) C:\Users\PROXIMA\AppData\Local\Discord\app-1.0.9004\Discord.exe <6>
(explorer.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <25>
(explorer.exe ->) (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(explorer.exe ->) (Ubisoft Entertainment Sweden AB -> Ubisoft) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(MICRO-STAR INTERNATIONAL CO., LTD) C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.123.0_x64__kzh8wxbdkxb8p\DCv2\DCv2.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
(services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Agent\aakore.exe
(services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
(services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.02.12\atkexComSvc.exe
(services.exe ->) (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(services.exe ->) (ASUSTEK COMPUTER INCORPORATION -> ASUSTeK COMPUTER INC.) C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe
(services.exe ->) (cFos Software GmbH -> cFos Software GmbH) C:\Program Files\cFosSpeed\spd.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginClientService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\FoundationService\MSIAPService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe
(services.exe ->) (NortonLifeLock Inc. -> NortonLifelock Inc.) C:\Program Files\Norton Security\Engine\22.22.2.10\NortonSecurity.exe <2>
(services.exe ->) (NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security\Engine\22.22.2.10\nsWscSvc.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c0e159863e7afdde\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (O&O Software GmbH -> O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_b022f456c858acec\RtkAudUService64.exe <2>
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files\ASUS\KINGSTON_Aac_DRAM\AacKingstonDramHal_x86.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\AacExtCard\extensionCardHal_x86.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS_Aac_DRAM\Aac3572DramHal_x86.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\True Color\MSI.True Color.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControlEngine.exe
(svchost.exe ->) (Realtek Semiconductor Corp) C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.27.252.0_x64__dt26b99r8h8gj\RtkUWP.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_b022f456c858acec\RtkAudUService64.exe [1269672 2021-07-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18727048 2018-10-05] (Logitech Inc -> Logitech Inc.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [637784 2021-10-22] (Acronis International GmbH -> Acronis International GmbH)
HKLM\...\Run: [OODefragTray] => C:\Program Files\OO Software\Defrag\oodtray.exe (No File)
HKU\S-1-5-21-2060847573-491222334-2049653053-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35888256 2022-03-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Windows x64\Print Processors\hpcpp108: C:\Windows\System32\spool\prtprocs\x64\hpcpp108.DLL [331776 2011-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: c:\windows\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\100.0.4896.75\Installer\chrmstp.exe [2022-04-07] (Google LLC -> Google LLC)
Startup: C:\Users\PROXIMA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DesktopVideoPlayer.lnk [2022-03-28]
ShortcutTarget: DesktopVideoPlayer.lnk -> C:\Users\PROXIMA\AppData\Local\vghd\bin\vghd.exe (Totem Core Limited) [File not signed]
Startup: C:\Users\PROXIMA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2022-03-20]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {003F7941-9EF9-41A5-B39D-DE5052C6F152} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22865832 2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {0F3891B4-9EBF-495A-A97D-F38D5BF47B4A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1009872 2021-11-02] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {19F9522C-3D40-4F6D-8E9A-ECF7DA9C58CF} - System32\Tasks\Norton 360\Norton 360 Error Analyzer => C:\Program Files\Norton Security\Engine\22.22.2.10\SymErr.exe [108752 2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {1A8A140C-5602-4AF8-BC05-3095A13771F9} - System32\Tasks\MSI Task Host - DisplayID => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [102712 2021-07-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {228B4FDC-5DD6-4050-B518-1D2518B67B68} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647376 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
Task: {229DF518-AC73-4B8A-B259-37F99956FA9B} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [39584 2022-03-21] (HP Inc. -> HP Inc.)
Task: {271D8884-3ABE-4297-B36D-90FFD7A62A37} - System32\Tasks\MSI Task Host - Detect_Monitor => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [102712 2021-07-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {34A1E781-6FAC-4878-B026-E7E2A2D2A55D} - System32\Tasks\Norton 360\Norton 360 Error Processor => C:\Program Files\Norton Security\Engine\22.22.2.10\SymErr.exe [108752 2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {3C553D2A-1313-4F33-8368-94F756221114} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138680 2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {4AD5C56E-1B9F-439D-BD30-54A3850C458D} - System32\Tasks\ASUS\ASUSUpdateTaskMachineUA => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [168520 2020-09-07] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {4CEE3B05-E3E5-40C1-8BA1-006FA23157A4} - System32\Tasks\ASUS\ArmouryAIOFanServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AIOFanSDK\ArmouryAIOFanServer.exe (No File)
Task: {56A68A1A-487F-4B23-A4DF-AD68CD5A30D2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-03-10] (Piriform Software Ltd -> Piriform)
Task: {57C021B5-713E-4BFD-BF6F-ADE67561EA00} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe [1781072 2021-12-17] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {59B501DC-A298-4BC2-B21F-AAFB7CA2F6A2} - System32\Tasks\MSI Task Host - MSI.True Color => C:\Program Files (x86)\MSI\One Dragon Center\True Color\MSI.True Color.exe [47416 2021-03-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {59ECF0A8-B2EB-4EAD-A939-6C0D8548017E} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.22.2.10\WSCStub.exe [646520 2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {68573E22-C8AD-4FC7-B69B-42A839A3E7D5} - System32\Tasks\ASUS\ArmourySocketServer => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe [2248120 2021-12-17] (ASUSTeK Computer Inc. -> ASUS)
Task: {6D50F2BB-AE5A-43CE-AA6F-1B779732A3A3} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [39584 2022-03-21] (HP Inc. -> HP Inc.)
Task: {73C0A417-6D9E-418B-BB50-C96050178386} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
Task: {76021797-89D9-4091-8CE7-CE86AC6C20CD} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339472 2022-02-03] (Nvidia Corporation -> NVIDIA Corporation)
Task: {77F0687B-025E-4AA7-BAC5-66770193C104} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138680 2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {836459C1-20F3-430F-B4B4-430DDF93CDA4} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
Task: {9AC3D692-672F-4A4F-9565-79CE0214FADC} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton 360\Upgrade.exe [2353000 2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {A884348C-F639-4957-A56C-A64BAF2BA339} - System32\Tasks\CCleanerSkipUAC - PROXIMA => C:\Program Files\CCleaner\CCleaner.exe [30053504 2022-03-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {AA294346-A9B0-47E4-8A45-E8214D4152CA} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
Task: {AF7EB1E4-C049-4A73-93C0-0072C994BFB1} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (No File)
Task: {B65258BE-7A92-4319-884B-26586693516D} - System32\Tasks\Norton 360\Norton 360 Autofix => C:\Program Files\Norton Security\Engine\22.22.2.10\SymErr.exe [108752 2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {B7CFFF60-2A36-4F1F-B7EF-A2E6983772B1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-29] (Google LLC -> Google LLC)
Task: {D04571CB-06CE-4010-90FA-571DA967A525} - System32\Tasks\ASUS\AcPowerNotification => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe [115464 2021-12-17] (ASUSTeK Computer Inc. -> ASUS)
Task: {D656104E-D848-4E40-9318-1A855759BDA5} - System32\Tasks\ASUS\ASUSUpdateTaskMachineCore1d68540ff86a61f => C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [168520 2020-09-07] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {E4C719A0-C72C-462A-865C-F7579C499708} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [61336 2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {EA17F951-1A95-4272-92E4-AEFF23A0ED80} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
Task: {EC360C9E-BC90-428E-9E0C-8EDC4E55FCE9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22865832 2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {F0EFD96E-42CD-4929-BF75-59F6C3C12E73} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [804408 2021-12-03] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {F2A9A347-ED09-4A16-A296-EF5E81AA1B86} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {F337B9C8-FF4B-4364-A34B-8F59ED9A14B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-29] (Google LLC -> Google LLC)
Task: {F3C77CA8-120C-47EB-97B4-6AA103814DF3} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
Task: {FEF043D0-245B-41C6-BAF5-896A3A4982F1} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1656320 2022-01-28] (Nvidia Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 86.49.5.221 86.49.5.222
Tcpip\..\Interfaces\{15d3c97b-5dc3-48f2-9901-03272a120b8d}: [DhcpNameServer] 86.49.5.221 86.49.5.222
Edge:
=======
DownloadDir: D:\STAHOVÁNÍ
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Profile 1
Edge Profile: C:\Users\PROXIMA\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2022-04-05]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\PROXIMA\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-04-05]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-03-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-03-05] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\PROXIMA\AppData\Local\Google\Chrome\User Data\Default [2022-04-10]
CHR DownloadDir: D:\STAHOVÁNÍ
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Session Restore: Default -> is enabled.
CHR Extension: (Slides) - C:\Users\PROXIMA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-11-13]
CHR Extension: (Norton Password Manager) - C:\Users\PROXIMA\AppData\Local\Google\Chrome\User Data\Default\Extensions\admmjipmmciaobhojoghlmleefbicajg [2022-03-31]
CHR Extension: (Docs) - C:\Users\PROXIMA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-11-13]
CHR Extension: (Google Drive) - C:\Users\PROXIMA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-13]
CHR Extension: (YouTube) - C:\Users\PROXIMA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-13]
CHR Extension: (Slinky Elegant) - C:\Users\PROXIMA\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmanlajnpdncmhfkiccmbgeocgbncfln [2020-11-13]
CHR Extension: (Tampermonkey) - C:\Users\PROXIMA\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2022-02-19]
CHR Extension: (Sheets) - C:\Users\PROXIMA\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-11-13]
CHR Extension: (Norton Safe Web) - C:\Users\PROXIMA\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnpbeacklnhmkkilekogeiekaglbmmka [2022-03-17]
CHR Extension: (Google Docs Offline) - C:\Users\PROXIMA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-12]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\PROXIMA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-03-12]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\PROXIMA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-04-09]
CHR Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\PROXIMA\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2022-03-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\PROXIMA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-13]
CHR Extension: (Gmail) - C:\Users\PROXIMA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-13]
CHR Profile: C:\Users\PROXIMA\AppData\Local\Google\Chrome\User Data\System Profile [2022-03-27]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aakore; C:\Program Files (x86)\Acronis\Agent\aakore.exe [9031480 2021-10-22] (Acronis International GmbH -> Acronis International GmbH)
R2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [13716704 2021-10-22] (Acronis International GmbH -> )
S4 AcronisCyberProtectionService; C:\Program Files\Acronis\CyberProtect\cyber-protect-service.exe [1420344 2021-10-22] (Acronis International GmbH -> Acronis International GmbH)
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1704216 2021-10-22] (Acronis International GmbH -> Acronis International GmbH)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6391536 2021-12-25] (Acronis International GmbH -> )
R2 ArmouryCrateService; C:\Program Files\ASUS\ARMOURY CRATE Lite Service\ArmouryCrate.Service.exe [349408 2022-01-16] (ASUSTEK COMPUTER INCORPORATION -> ASUSTeK COMPUTER INC.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.12\atkexComSvc.exe [457544 2021-10-21] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 asus; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [168520 2020-09-07] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [181576 2022-01-16] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.)
S3 asusm; C:\Program Files (x86)\ASUS\Update\AsusUpdate.exe [168520 2020-09-07] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 AsusROGLSLService; C:\Program Files (x86)\ASUS\AsusROGLSLService\AsusROGLSLService.exe [660096 2020-09-07] (ASUSTeK Computer Inc. -> ASUS)
R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [602376 2021-07-29] (cFos Software GmbH -> cFos Software GmbH)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11666384 2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2021-12-09] (FUTUREMARK INC -> Futuremark)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [218272 2022-03-21] (HP Inc. -> HP Inc.)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [3683496 2021-11-24] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R2 LightKeeperService; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe [86776 2020-12-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-10-05] (Logitech Inc -> Logitech Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8348856 2022-04-03] (Malwarebytes Inc -> Malwarebytes)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4878896 2021-10-22] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2019-11-18] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\CyberProtectHomeOffice\mobile_backup_status_server.exe [2133920 2021-10-22] (Acronis International GmbH -> )
R2 MSI Foundation Service; C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\FoundationService\MSIAPService.exe [75216 2020-09-23] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
R2 MSI_Central_Service; C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe [147088 2020-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_Companion_Service; C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe [143160 2021-03-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe [36152 2021-08-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe [39760 2021-05-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.22.2.10\NortonSecurity.exe [344888 2022-03-04] (NortonLifeLock Inc. -> NortonLifelock Inc.)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.22.2.10\nsWscSvc.exe [1059176 2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [1699192 2020-06-11] (O&O Software GmbH -> O&O Software GmbH)
R3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2563288 2022-02-22] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3481824 2022-02-22] (Electronic Arts, Inc. -> Electronic Arts)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1856816 2021-08-04] (Rockstar Games, Inc. -> Rockstar Games)
R2 ROG Live Service; C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe [6101680 2021-12-17] (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6228008 2022-03-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7403104 2021-10-22] (Acronis International GmbH -> )
S3 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [5910328 2021-03-23] (Acronis International GmbH -> Acronis International GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2020-01-27] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2020-01-27] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c0e159863e7afdde\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c0e159863e7afdde\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [34384 2021-10-21] (ASUSTeK Computer Inc. -> )
R1 Asusgio3; C:\WINDOWS\system32\drivers\AsIO3.sys [43168 2022-01-16] (ASUSTeK Computer Inc. -> )
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [802976 2021-10-22] (Bitdefender SRL -> Bitdefender)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.19.9.63\Definitions\BASHDefs\20220407.011\BHDrvx64.sys [2018784 2021-09-15] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [284672 2021-04-15] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1616020.00A\ccSetx64.sys [184312 2022-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 cFosSpeed; C:\WINDOWS\system32\DRIVERS\cfosspeed6.sys [1695016 2021-07-29] (cFos Software GmbH -> cFos Software GmbH)
R3 cpuz152; C:\WINDOWS\temp\cpuz152\cpuz152_x64.sys [35840 2022-04-09] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)
R1 CTIIO; C:\WINDOWS\system32\drivers\CtiIo64.sys [29208 2022-01-16] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [509904 2021-11-10] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 EneTechIo; C:\Windows\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [145376 2022-02-21] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [726160 2021-12-25] (Acronis International GmbH -> Acronis International GmbH)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [392840 2021-12-25] (Acronis International GmbH -> Acronis International GmbH)
R0 fltsrv; C:\WINDOWS\System32\DRIVERS\fltsrv.sys [183944 2020-12-01] (Acronis International GmbH -> Acronis International GmbH)
S3 gdrv2; C:\Windows\gdrv2.sys [32600 2020-01-27] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R1 GLCKIO2; C:\Windows\system32\drivers\GLCKIO2.sys [29368 2019-04-24] (ASUSTeK Computer Inc. -> )
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.19.9.63\Definitions\IPSDefs\20220408.061\IDSvia64.sys [1515512 2022-04-05] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2018-10-05] (Logitech Inc -> Logitech Inc.)
R3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2018-10-05] (Logitech -> Logitech Inc.)
R3 LGSUsbFilt; C:\WINDOWS\system32\DRIVERS\LGSUsbFilt.Sys [41752 2018-10-05] (Logitech -> Logitech Inc.)
R0 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223688 2022-04-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [195024 2022-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69040 2022-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2022-01-16] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [158856 2022-04-09] (Malwarebytes Inc -> Malwarebytes)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [17424 2020-01-19] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
S0 ngelam; C:\WINDOWS\System32\drivers\ngelam.sys [16344 2021-10-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Acronis International GmbH)
R1 ngscan; C:\WINDOWS\System32\DRIVERS\ngscan.sys [198112 2021-10-22] (Acronis International GmbH -> Acronis International GmbH)
S3 nsvst_NGC; C:\WINDOWS\System32\drivers\NGCx64\1616020.00A\nsvst.sys [56080 2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\One Dragon Center\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Lib\NTIOLib_X64.sys [14288 2017-07-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 Revoflt; C:\WINDOWS\System32\DRIVERS\revoflt.sys [38400 2020-10-14] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R1 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1616020.00A\SRTSP64.SYS [892600 2022-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1616020.00A\SRTSPX64.SYS [48824 2022-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1616020.00A\SYMEFASI64.SYS [2030768 2022-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1616020.00A\SymELAM.sys [31984 2022-03-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [93152 2021-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.19.9.63\SymPlatform\SymEvnt.sys [712432 2021-07-13] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1616020.00A\Ironx64.SYS [319152 2022-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1616020.00A\symnets.sys [575344 2022-03-04] (Symantec Corporation -> Symantec Corporation)
R3 SymTAP; C:\WINDOWS\System32\drivers\SymTAP.sys [52104 2018-10-16] (Symantec Corporation -> The OpenVPN Project)
S3 tib; C:\WINDOWS\system32\DRIVERS\tib.sys [887032 2021-12-25] (Acronis International GmbH -> Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [175648 2021-12-25] (Acronis International GmbH -> Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [694920 2021-12-25] (Acronis International GmbH -> Acronis International GmbH)
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [340488 2021-12-25] (Acronis International GmbH -> Acronis International GmbH)
R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [251016 2021-12-25] (Acronis International GmbH -> Acronis International GmbH)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2020-01-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2020-01-27] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2020-01-27] (Microsoft Windows -> Microsoft Corporation)
R1 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1616020.00A\wpCtrlDrv.sys [1015760 2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 cpuz148; \??\C:\WINDOWS\temp\cpuz148\cpuz148_x64.sys [X]
S3 cpuz150; \??\C:\WINDOWS\temp\cpuz150\cpuz150_x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-04-10 13:32 - 2022-04-10 13:33 - 000000000 ____D C:\FRST
2022-04-09 20:43 - 2022-04-09 20:43 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2022-04-09 12:53 - 2022-04-09 13:00 - 000000000 ____D C:\WINDOWS\SysWOW64\lock.lock
2022-04-09 12:53 - 2022-04-09 12:53 - 000195024 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2022-04-09 12:53 - 2022-04-09 12:53 - 000158856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2022-04-09 12:53 - 2022-04-09 12:53 - 000069040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2022-04-09 12:50 - 2022-04-09 12:50 - 000001133 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2022-04-09 12:48 - 2022-04-09 12:49 - 000351096 _____ C:\TDSSKiller.3.1.0.28_09.04.2022_12.48.40_log.txt
2022-04-03 21:11 - 2022-04-03 21:12 - 000349354 _____ C:\TDSSKiller.3.1.0.28_03.04.2022_21.11.43_log.txt
2022-04-03 21:10 - 2022-04-03 21:10 - 000009588 _____ C:\TDSSKiller.3.1.0.28_03.04.2022_21.10.25_log.txt
2022-04-03 21:09 - 2022-04-03 21:09 - 000002032 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-03-31 16:06 - 2022-03-31 16:06 - 000000000 ____D C:\Users\PROXIMA\Documents\Ubisoft
2022-03-31 16:05 - 2022-03-31 16:05 - 000000222 _____ C:\Users\PROXIMA\Desktop\HEROES.url
2022-03-29 23:33 - 2022-03-29 23:33 - 000846896 _____ C:\Users\PROXIMA\Desktop\návrh kupní smlouvy - oprava.pdf
2022-03-27 10:01 - 2022-03-27 10:01 - 000000000 ____D C:\Users\PROXIMA\Desktop\POJIŠTĚNÍ
2022-03-27 09:23 - 2022-03-27 09:23 - 000000000 ____D C:\Users\PROXIMA\AppData\Roaming\NVIDIA
2022-03-27 00:38 - 2022-03-27 00:38 - 000023146 _____ C:\Users\PROXIMA\Documents\registry 26.03.2022.reg
2022-03-26 23:45 - 2022-03-26 23:45 - 000000000 ____D C:\WINDOWS\system32\lxss
2022-03-26 23:45 - 2022-03-26 23:45 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2022-03-26 23:43 - 2022-03-17 18:33 - 000134832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2022-03-26 23:43 - 2022-03-17 18:33 - 000047792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2022-03-26 23:36 - 2022-03-18 07:43 - 001905904 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-03-26 23:36 - 2022-03-18 07:43 - 001905904 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-03-26 23:36 - 2022-03-18 07:43 - 001478392 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-03-26 23:36 - 2022-03-18 07:43 - 001478392 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-03-26 23:36 - 2022-03-18 07:43 - 001467840 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-03-26 23:36 - 2022-03-18 07:43 - 001432312 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-03-26 23:36 - 2022-03-18 07:43 - 001432312 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-03-26 23:36 - 2022-03-18 07:43 - 001209400 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-03-26 23:36 - 2022-03-18 07:43 - 001145584 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-03-26 23:36 - 2022-03-18 07:43 - 001145584 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-03-26 23:36 - 2022-03-18 07:40 - 000795704 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-03-26 23:36 - 2022-03-18 07:40 - 000715944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-03-26 23:36 - 2022-03-18 07:40 - 000636480 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-03-26 23:36 - 2022-03-18 07:39 - 002121688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-03-26 23:36 - 2022-03-18 07:39 - 001600680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-03-26 23:36 - 2022-03-18 07:39 - 001529936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-03-26 23:36 - 2022-03-18 07:39 - 001175696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-03-26 23:36 - 2022-03-18 07:39 - 000981648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-03-26 23:36 - 2022-03-18 07:39 - 000792208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-03-26 23:36 - 2022-03-18 07:39 - 000712664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-03-26 23:36 - 2022-03-18 07:38 - 008610472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-03-26 23:36 - 2022-03-18 07:38 - 007713872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-03-26 23:36 - 2022-03-18 07:38 - 005729752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-03-26 23:36 - 2022-03-18 07:38 - 005101528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-03-26 23:36 - 2022-03-18 07:38 - 002931856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-03-26 23:36 - 2022-03-18 07:38 - 000456872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-03-26 23:36 - 2022-03-18 07:36 - 000850088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-03-26 23:36 - 2022-03-18 07:35 - 007611808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2022-03-26 23:36 - 2022-03-18 07:35 - 006458872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-03-26 23:36 - 2022-03-17 18:33 - 000089337 _____ C:\WINDOWS\system32\nvinfo.pb
2022-03-23 20:51 - 2022-03-23 20:51 - 000000000 ____D C:\Users\PROXIMA\AppData\LocalLow\NVIDIA
2022-03-21 18:34 - 2022-03-21 18:34 - 000000050 _____ C:\Users\PROXIMA\Desktop\čísla účtů.txt
2022-03-16 00:10 - 2022-03-27 00:00 - 000001585 _____ C:\Users\Public\Desktop\NORTON.lnk
2022-03-15 15:15 - 2022-04-10 01:04 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton 360
2022-03-15 15:10 - 2022-03-16 00:10 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2022-03-15 15:10 - 2022-03-15 15:10 - 000003376 _____ C:\WINDOWS\system32\Tasks\Norton WSC Integration
2022-03-11 16:58 - 2022-03-11 16:58 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-03-11 16:58 - 2022-03-11 16:58 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2022-03-11 16:58 - 2022-03-11 16:58 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
2022-03-11 16:58 - 2022-03-11 16:58 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-03-11 16:58 - 2022-03-11 16:58 - 000195584 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2022-03-11 16:58 - 2022-03-11 16:58 - 000011911 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-04-10 13:34 - 2022-02-15 17:43 - 000000000 ____D C:\Users\PROXIMA\Documents\Soubory aplikace Outlook
2022-04-10 13:29 - 2020-11-13 17:37 - 000000000 ____D C:\Program Files (x86)\Steam
2022-04-10 13:19 - 2020-11-13 17:47 - 000000000 ____D C:\Users\PROXIMA\AppData\Roaming\Discord
2022-04-10 13:19 - 2020-01-27 05:47 - 000000000 ____D C:\Program Files (x86)\Google
2022-04-10 12:55 - 2020-11-13 17:51 - 000000000 ____D C:\Users\PROXIMA\AppData\Local\Discord
2022-04-10 12:25 - 2022-01-16 15:27 - 000000000 ____D C:\ProgramData\NVIDIA
2022-04-10 12:07 - 2020-05-29 22:13 - 000000000 ____D C:\Users\PROXIMA\AppData\Roaming\vlc
2022-04-10 11:55 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-04-10 10:49 - 2020-01-29 23:33 - 000000000 ____D C:\Program Files\CCleaner
2022-04-10 10:47 - 2021-02-13 17:04 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6dd2c7584dd01
2022-04-10 10:47 - 2020-12-28 17:18 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-04-10 10:46 - 2021-09-25 23:32 - 000000000 ____D C:\Users\PROXIMA\AppData\Roaming\Origin
2022-04-10 10:46 - 2020-12-28 17:12 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-04-10 01:24 - 2020-01-29 03:36 - 000000000 ____D C:\Users\PROXIMA\AppData\Local\CrashDumps
2022-04-09 18:04 - 2022-01-16 15:26 - 000000000 ____D C:\Users\PROXIMA\AppData\Local\D3DSCache
2022-04-09 15:24 - 2020-11-13 17:49 - 000000000 ____D C:\Users\PROXIMA\AppData\Roaming\HeroineRumble
2022-04-09 15:17 - 2021-09-25 23:33 - 000000000 ____D C:\Program Files (x86)\Origin
2022-04-09 14:08 - 2022-01-16 15:49 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2022-04-09 13:00 - 2020-12-28 17:21 - 001974168 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-04-09 13:00 - 2020-12-28 17:18 - 000000000 ____D C:\WINDOWS\system32\Tasks\ASUS
2022-04-09 13:00 - 2020-01-28 20:22 - 000000000 ____D C:\ProgramData\Package Cache
2022-04-09 13:00 - 2019-12-07 16:43 - 000824218 _____ C:\WINDOWS\system32\perfh005.dat
2022-04-09 13:00 - 2019-12-07 16:43 - 000187320 _____ C:\WINDOWS\system32\perfc005.dat
2022-04-09 13:00 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-04-09 12:55 - 2021-09-25 23:33 - 000000000 ____D C:\Program Files (x86)\Origin Games
2022-04-09 12:55 - 2021-09-25 23:32 - 000000000 ____D C:\Users\PROXIMA\AppData\Local\Origin
2022-04-09 12:55 - 2021-09-25 23:32 - 000000000 ____D C:\ProgramData\Origin
2022-04-09 12:55 - 2020-11-13 17:53 - 000000000 ____D C:\Users\PROXIMA\AppData\Local\Ubisoft Game Launcher
2022-04-09 12:53 - 2022-02-15 17:42 - 000008192 ___SH C:\DumpStack.log.tmp
2022-04-09 12:53 - 2020-12-28 17:18 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-04-09 12:52 - 2022-01-16 16:09 - 000003130 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner
2022-04-09 12:52 - 2019-12-07 11:03 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2022-04-09 12:50 - 2020-02-03 19:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2022-04-09 11:53 - 2020-06-11 00:30 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-04-09 11:53 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-04-09 11:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-04-08 14:48 - 2020-09-30 02:41 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-04-07 04:54 - 2020-03-29 00:21 - 000002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-04-07 04:53 - 2020-05-11 17:41 - 000000000 ____D C:\Program Files\Microsoft Office
2022-04-03 21:11 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-04-03 21:09 - 2020-09-09 14:13 - 000002044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-04-03 21:08 - 2021-09-09 23:34 - 000223688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-04-03 21:08 - 2020-01-28 20:36 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-04-03 21:08 - 2020-01-28 20:32 - 000000000 ____D C:\Program Files\Malwarebytes
2022-04-03 00:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-03-28 16:50 - 2020-01-30 23:17 - 000000000 ____D C:\Users\PROXIMA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iStripper
2022-03-27 07:53 - 2022-01-16 15:28 - 000000000 ____D C:\Users\PROXIMA\AppData\Local\NVIDIA
2022-03-27 00:35 - 2020-12-29 11:42 - 000000000 ____D C:\WINDOWS\Minidump
2022-03-27 00:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-03-26 23:45 - 2022-01-16 15:27 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-03-25 17:16 - 2020-12-28 17:18 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-03-23 21:13 - 2020-09-30 02:41 - 000601432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2022-03-23 21:12 - 2020-09-30 02:41 - 000483664 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2022-03-23 20:43 - 2021-10-23 00:49 - 000002084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-03-23 20:43 - 2020-12-28 17:18 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-03-22 17:52 - 2021-05-17 06:56 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2022-03-22 17:52 - 2021-05-17 06:56 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2022-03-22 00:30 - 2020-01-27 05:44 - 000000000 ____D C:\Users\PROXIMA\AppData\Local\Packages
2022-03-18 00:29 - 2020-12-28 17:13 - 000000000 ____D C:\Users\PROXIMA
2022-03-15 15:43 - 2020-01-28 20:11 - 000000000 ____D C:\Program Files\Common Files\AV
2022-03-15 15:10 - 2020-01-28 19:45 - 000000000 ____D C:\WINDOWS\system32\Drivers\NGCx64
2022-03-12 16:34 - 2020-12-28 17:12 - 000437000 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-03-12 16:32 - 2019-12-07 16:47 - 000000000 ___SD C:\WINDOWS\system32\AppV
2022-03-12 16:32 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-03-12 16:32 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-03-12 16:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-03-12 16:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-03-12 16:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-03-12 16:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-03-12 16:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-03-12 16:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-03-12 16:32 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2022-03-11 17:01 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-03-11 16:58 - 2020-12-28 17:16 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-03-11 16:50 - 2020-01-27 05:54 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-03-11 16:48 - 2020-01-27 05:54 - 145666720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Files in the root of some directories ========
2021-05-15 20:11 - 2021-05-26 19:50 - 000000134 _____ () C:\Users\PROXIMA\AppData\Roaming\CSharpAnalytics-MeasurementQueue
2021-05-15 19:38 - 2021-05-26 19:50 - 000000443 _____ () C:\Users\PROXIMA\AppData\Roaming\CSharpAnalytics-MeasurementSession
2022-02-22 18:35 - 2022-02-22 18:35 - 000007895 _____ () C:\Users\PROXIMA\AppData\Local\recently-used.xbel
2020-06-11 01:49 - 2020-12-21 03:49 - 000007602 _____ () C:\Users\PROXIMA\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-04-2022
Ran by PROXIMA (10-04-2022 13:34:21)
Running from D:\STAHOVÁNÍ
Microsoft Windows 10 Pro Version 21H2 19044.1586 (X64) (2020-12-28 15:18:21)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2060847573-491222334-2049653053-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2060847573-491222334-2049653053-503 - Limited - Disabled)
Guest (S-1-5-21-2060847573-491222334-2049653053-501 - Limited - Disabled)
PROXIMA (S-1-5-21-2060847573-491222334-2049653053-1001 - Administrator - Enabled) => C:\Users\PROXIMA
WDAGUtilityAccount (S-1-5-21-2060847573-491222334-2049653053-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton 360 (Enabled - Up to date) {1122B19A-E671-38EC-8EAC-87048FD4528D}
AV: Norton 360 (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton 360 (Enabled - Up to date) {AECE2126-F4E7-6909-11F2-1B69D1FBCBD0}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Norton 360 (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A}
FW: Norton 360 (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}
FW: Norton 360 (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1}
FW: Norton 360 (Enabled) {96F5A003-BE88-6851-3AAD-B25C2F288CAB}
FW: Norton 360 (Enabled) {291930BF-AC1E-39B4-A5F3-2E31710715F6}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
@BIOS (HKLM-x32\...\{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 4.19.0917.1 - GIGABYTE) Hidden
@BIOS (HKLM-x32\...\InstallShield_{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 4.19.0917.1 - GIGABYTE)
64 Bit HP CIO Components Installer (HKLM\...\{5737101A-27C4-408A-8A57-D1DC78DF84B4}) (Version: 8.2.1 - Hewlett-Packard) Hidden
7-Zip 21.07 (x64) (HKLM\...\7-Zip) (Version: 21.07 - Igor Pavlov)
Acronis Cyber Protect Home Office (HKLM-x32\...\{E1FEA3C4-5790-465E-ADDD-6FF1E9FDCAB4}) (Version: 26.1.39703 - Acronis) Hidden
Acronis Cyber Protect Home Office (HKLM-x32\...\{E1FEA3C4-5790-465E-ADDD-6FF1E9FDCAB4}Visible) (Version: 26.1.39703 - Acronis)
Acronis Drivers (HKLM\...\{C5293FA2-D7C1-4445-9DC9-3E34349D59AF}) (Version: 26.1.39703 - Acronis) Hidden
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.001.20085 - Adobe)
AIDA64 Extreme v6.33 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 6.33 - FinalWire Ltd.)
AMD Ryzen Master SDK (HKLM\...\{DBD50508-5F75-416B-995D-C42433A00944}) (Version: 2.7.0.1725 - Advanced Micro Devices, Inc.)
Application Compatibility Toolkit (HKLM\...\{97AA1749-3B8B-55AB-C963-8AEBFB17DB67}) (Version: 10.1.17763.1 - Microsoft) Hidden
Appman Auto Sequencer (HKLM-x32\...\{63475AEF-75DB-C472-9BC9-48CFA944F6C2}) (Version: 10.1.17763.1 - Microsoft) Hidden
Appman Sequencer on amd64 (HKLM\...\{0DAD4350-0168-50CC-7701-7ACAA7F59A6A}) (Version: 10.1.17763.1 - Microsoft) Hidden
ARMOURY CRATE Lite Service (HKLM\...\{EF3944FF-2501-4568-B15C-5701E726719E}) (Version: 5.0.8 - ASUS)
Assessments on Client (HKLM-x32\...\{AB7B2E42-DBB1-3CF3-7EA7-6F96F6731BA9}) (Version: 10.1.17763.1 - Microsoft) Hidden
ASUS AIOFan HAL (HKLM\...\{EAE80DED-1A39-41C5-9F60-87CC947F6454}) (Version: 1.1.43.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AIOFan HAL (HKLM-x32\...\{2e3d34f7-20ec-4a4a-bfb6-2c74633e412d}) (Version: 1.1.43.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM\...\{237E1CAC-1708-4940-AC34-DF15C079AB70}) (Version: 1.1.0.13 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{c398adfb-d090-4897-8845-baca53f7ecde}) (Version: 1.1.0.13 - ASUSTeK COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.04.11 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.4.3 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA VGA Component (HKLM-x32\...\{7a0d5159-cb5e-4f66-91f8-bab46f864f14}) (Version: 0.0.4.3 - ASUSTek COMPUTER INC. ) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{3507c756-a80f-4b0e-8475-975d8b432176}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{5960FD0F-BB3B-49AF-B175-F77DC91E995A}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.107.69 - ASUSTeK Computer Inc.) Hidden
AURA DRAM Component (HKLM\...\{9AFE5429-866B-457D-A864-80BCF7672EE8}) (Version: 1.1.16 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{41a78792-5489-400c-a567-b78d40b8c878}) (Version: 1.1.16 - ASUS) Hidden
AURA lighting effect add-on (HKLM-x32\...\{1E2EA04B-FCA7-457E-B6F4-F33E1858E859}) (Version: 0.0.21 - ASUS)
AURA lighting effect add-on x64 (HKLM\...\{C5A4A164-4428-4931-B728-96EEF0FA3C44}) (Version: 0.0.21 - ASUS)
AURA Service (HKLM-x32\...\{0E536061-3B55-4D45-BF58-0BDA261C94B0}) (Version: 3.05.29 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{abff099e-96f5-4bf4-9c6e-6f435f9f6c55}) (Version: 3.05.29 - ASUSTeK Computer Inc.)
Authy Desktop (HKU\S-1-5-21-2060847573-491222334-2049653053-1001\...\authy) (Version: 1.8.4 - Twilio Inc.)
AutoHotkey 1.1.33.04 (HKLM\...\AutoHotkey) (Version: 1.1.33.04 - Lexikos)
CCleaner (HKLM\...\CCleaner) (Version: 5.91 - Piriform)
cFosSpeed 12.01 (HKLM\...\cFosSpeed) (Version: 12.01 - cFos Software GmbH, Bonn)
Command & Conquer™: Generals and Zero Hour (HKLM-x32\...\{609F6FD5-4B22-4D7A-AD30-8C9DD480D5BE}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Data Lifeguard Diagnostic version 1.36 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version: - Western Digital Corporation)
Discord (HKU\S-1-5-21-2060847573-491222334-2049653053-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
ENE RGB HAL (HKLM\...\{E050E98C-5524-4AFB-9E53-97700BEF2C02}) (Version: 1.1.39.5 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{09239bb1-d62b-4710-991f-f8cf987be42b}) (Version: 1.1.39.5 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.3.31 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{cb8809b0-c2ad-40f3-80c7-8ebf6c6f8f63}) (Version: 1.0.3.31 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.9.7 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{aeca6fd4-1d77-499a-b01c-d4521a6b7bff}) (Version: 1.0.9.7 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_X-JMI_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.5.1 - ENE Tech) Hidden
ENE_X-JMI_HAL (HKLM-x32\...\{50ec3a07-291b-463e-be86-487eb8cbb71c}) (Version: 1.0.5.1 - ENE Tech) Hidden
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Futuremark SystemInfo (HKLM-x32\...\{63C33A87-484C-4D23-BAA4-5658DD908D8E}) (Version: 5.45.1044.0 - Futuremark)
Geeks3D FurMark 1.29.0.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: 1.29.0.0 - Geeks3D)
GIMP 2.10.30 (HKU\S-1-5-21-2060847573-491222334-2049653053-1001\...\GIMP-2_is1) (Version: 2.10.30 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 100.0.4896.75 - Google LLC)
HD Tune Pro 5.75 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
Image Resizer for Windows (64 bit) (HKLM\...\{6026BD89-5CCA-4A47-8012-08FDA0EF935A}) (Version: 3.1.2.0 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{0903AF19-2041-4EBB-81CB-7A1506EC9868}) (Version: 3.1.2.0 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{e798dcc8-a5a5-424e-9f9a-8148e824ab13}) (Version: 3.1.2.0 - Brice Lambson)
Imaging And Configuration Designer (HKLM-x32\...\{4E1BAC0C-0BF2-4A6B-E837-A368AC6BF20D}) (Version: 10.1.17763.1 - Microsoft) Hidden
Imaging Designer (HKLM-x32\...\{949093A4-14B4-E19A-CCE8-1FE1D3527EFD}) (Version: 10.1.17763.1 - Microsoft) Hidden
Imaging Tools Support (HKLM-x32\...\{A8D1FB0D-D923-75CE-F7CF-5C6C498C2038}) (Version: 10.1.17763.1 - Microsoft) Hidden
KeyDominator2 (HKLM-x32\...\BloodyKeyboard) (Version: 20.01.0002 - Bloody)
Kingston AURA DRAM Component (HKLM\...\{965CDF5F-901C-476F-B3A8-7396701B1129}) (Version: 1.1.12 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{2237a879-7fa4-4e21-ae3b-00f6a649b9d9}) (Version: 1.1.12 - KINGSTON COMPONENTS INC.) Hidden
Kits Configuration Installer (HKLM-x32\...\{B0D8CD97-2DD5-E313-D77D-C737FEC323F3}) (Version: 10.1.17763.1 - Microsoft) Hidden
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech Gaming Software 9.02 (HKLM\...\Logitech Gaming Software) (Version: 9.02.65 - Logitech Inc.)
Malwarebytes version 4.5.7.186 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.7.186 - Malwarebytes)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.15028.20160 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 100.0.1185.36 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 100.0.1185.36 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29913 (HKLM-x32\...\{03d1453c-7d5c-479c-afea-8482f406e036}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MSI Afterburner 4.6.4 (HKLM-x32\...\Afterburner) (Version: 4.6.4 - MSI Co., LTD)
MSI SDK (HKLM-x32\...\{EE7D557C-3AE7-4348-8DCA-3A89790D0002}}_is1) (Version: 2.2021.1227.01 - MSI)
Norton 360 (HKLM-x32\...\NGC) (Version: 22.22.2.10 - Symantec Corporation)
NVIDIA FrameView SDK 1.2.7321.30900954 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.7321.30900954 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.25.0.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.25.0.84 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.39.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.3 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 512.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 512.15 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
O&O Defrag Professional (HKLM\...\{D295063F-D1BB-4631-A189-B0892705843D}) (Version: 23.5.5019 - O&O Software GmbH)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15028.20050 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15028.20160 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.111.50299 - Electronic Arts, Inc.)
Patriot Viper DRAM RGB (HKLM\...\{1F9C282E-CCB4-4D8E-A5CB-7B74DFCD8C95}) (Version: 1.0.9.2 - Patriot Memory) Hidden
Patriot Viper DRAM RGB (HKLM-x32\...\{fdc098ce-d76c-4e2e-a0a6-01a24e9a1f7d}) (Version: 1.0.9.2 - Patriot Memory)
Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.0.6.5 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{387596e5-692e-4baf-bec2-3338d555df7a}) (Version: 1.0.6.5 - Patriot Memory)
PHISON HAL (HKLM\...\{966E33F0-6786-4B38-AA29-C1B3F6C1955D}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden
PHISON HAL (HKLM-x32\...\{549da357-1b81-456b-83f2-dcc47c41dfff}) (Version: 1.0.9.0 - PHISON Electronics Corp.) Hidden
REDlauncher (HKU\S-1-5-21-2060847573-491222334-2049653053-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - GOG.com)
Revo Uninstaller Pro 4.5.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.5.5 - VS Revo Group, Ltd.)
RivaTuner Statistics Server 7.3.3 (HKLM-x32\...\RTSS) (Version: 7.3.3 - Unwinder)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.45.416 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.8.9 - Rockstar Games)
ROG Live Service (HKLM-x32\...\{2D87BFB6-C184-4A59-9BBE-3E20CE797631}) (Version: 1.3.10.0 - ASUSTek COMPUTER INC.)
ROG Ryujin (HKLM-x32\...\{5da85431-3e0b-4f6f-a887-99db97a0b618}) (Version: 3.00.05 - ASUSTek Computer Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Toolkit Documentation (HKLM-x32\...\{2610C547-A3EC-2F50-41CB-6A509C16AAE5}) (Version: 10.1.17763.1 - Microsoft) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22a - Ghisler Software GmbH)
TreeSize Free V4.5.1 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.5.1 - JAM Software)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 53.0 - Ubisoft)
UEV Tools on amd64 (HKLM\...\{FD70DA2C-E6E3-0E51-0377-FFA3AFC69A96}) (Version: 10.1.17763.1 - Microsoft) Hidden
Universal Holtek RGB DRAM (HKLM\...\{826388E4-E31F-4514-948B-3BB954FB3EAF}) (Version: 1.0.0.2 - PD) Hidden
Universal Holtek RGB DRAM (HKLM-x32\...\{6870588f-9f28-488b-a169-cf548ad6b393}) (Version: 1.0.0.2 - PD)
User State Migration Tool (HKLM-x32\...\{F5044029-8613-6685-8CE1-6D401324614E}) (Version: 10.1.17763.1 - Microsoft) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{e42c5874-37b0-4977-9e8d-70bf006e1f76}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
Windows Assessment and Deployment Kit - Windows 10 (HKLM-x32\...\{3dec9467-d9ad-42df-8e84-888057bac8f1}) (Version: 10.1.17763.1 - Microsoft Corporation)
Windows Assessment and Deployment Kit Windows Preinstallation Environment Add-ons - Windows 10 (HKLM-x32\...\{d5163028-7863-4874-9e37-2284427b76fb}) (Version: 10.1.17763.1 - Microsoft Corporation)
WPT Redistributables (HKLM-x32\...\{1D8348E1-F258-06C3-1562-8DC2AEFF9F72}) (Version: 10.1.17763.1 - Microsoft) Hidden
WPTx64 (HKLM-x32\...\{7C3818E5-0654-A08A-C701-95B459B78C31}) (Version: 10.1.17763.1 - Microsoft) Hidden
Packages:
=========
ARMOURY CRATE -> C:\Program Files\WindowsApps\B9ECED6F.ArmouryCrate_5.0.11.0_x64__qmba6cd70vzyy [2022-01-16] (ASUSTeK COMPUTER INC.)
DragonCenter -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.123.0_x64__kzh8wxbdkxb8p [2022-01-16] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_135.1.385.0_x64__v10z8vjag6ke6 [2022-03-21] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-29] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-03-26] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.27.252.0_x64__dt26b99r8h8gj [2021-08-01] (Realtek Semiconductor Corp)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files (x86)\Acronis\CyberProtectHomeOffice\tishell64_26_1_39703.dll [2021-10-22] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\CyberProtectHomeOffice\tishell64_26_1_39703.dll [2021-10-22] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\CyberProtectHomeOffice\tishell64_26_1_39703.dll [2021-10-22] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\CyberProtectHomeOffice\tishell64_26_1_39703.dll [2021-10-22] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.22.2.10\buShell.dll [2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.22.2.10\buShell.dll [2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.22.2.10\buShell.dll [2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.22.2.10\buShell.dll [2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.22.2.10\buShell.dll [2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.22.2.10\buShell.dll [2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.22.2.10\buShell.dll [2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [Image Resizer] -> {51B4D7E5-7568-4234-B4BB-47FB3C016A69} => C:\Program Files\Image Resizer for Windows\ShellExtensions.dll [2019-12-23] (Open Source Developer, Brice Lambson -> Brice Lambson)
ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.22.2.10\NavShExt.dll [2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2020-06-11] (O&O Software GmbH -> O&O Software GmbH)
ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.22.2.10\NavShExt.dll [2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers2: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2020-06-11] (O&O Software GmbH -> O&O Software GmbH)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-01-28] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c0e159863e7afdde\nvshext.dll [2022-03-18] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-12-26] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.22.2.10\buShell.dll [2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-01-28] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.22.2.10\NavShExt.dll [2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2020-06-11] (O&O Software GmbH -> O&O Software GmbH)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2020-09-28] (VS Revo Group Ltd. -> VS Revo Group)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.RTV1] => c:\windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\PROXIMA\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2022-01-21 00:49 - 2021-12-10 18:55 - 000093184 _____ () [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\zlibwapi.dll
2021-12-03 15:36 - 2021-12-03 15:36 - 000232960 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2021-12-03 15:36 - 2021-12-03 15:36 - 000057344 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2021-12-03 15:36 - 2021-12-03 15:36 - 000668672 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2021-12-03 15:36 - 2021-12-03 15:36 - 000074240 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2021-12-03 15:36 - 2021-12-03 15:36 - 000371712 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2021-09-25 23:33 - 2021-09-25 23:33 - 000015360 _____ () [File not signed] C:\Program Files (x86)\Origin\libEGL.DLL
2021-09-25 23:33 - 2021-09-25 23:33 - 003090944 _____ () [File not signed] C:\Program Files (x86)\Origin\libGLESv2.dll
2020-02-13 16:53 - 2022-01-28 00:05 - 126964224 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2020-02-13 16:53 - 2021-11-17 13:38 - 000384000 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2020-02-13 16:53 - 2021-11-17 13:38 - 008006656 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2018-03-23 13:00 - 2021-08-01 01:17 - 131129344 _____ () [File not signed] C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\libcef.dll
2021-08-01 12:09 - 2021-08-01 01:17 - 000332288 _____ () [File not signed] C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\libegl.dll
2021-08-01 12:09 - 2021-08-01 01:17 - 005855232 _____ () [File not signed] C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\libglesv2.dll
2020-08-01 14:38 - 2020-08-01 14:38 - 000043520 _____ () [File not signed] C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\libUbiCustomEvent.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 006982158 _____ () [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\ffmpeg\avcodec-55.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000904718 _____ () [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\ffmpeg\avformat-55.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000242190 _____ () [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\ffmpeg\avutil-52.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000408590 _____ () [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\ffmpeg\swscale-2.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000052836 _____ () [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\ffmpeg\zlib1.dll
2020-05-26 18:08 - 2020-05-26 18:08 - 002831360 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\LightingService\log4cxx.dll
2021-12-27 10:04 - 2021-12-27 10:04 - 000047104 _____ (CTI) [File not signed] C:\Program Files\ENE\Aac_ENE RGB HAL\x86\MsIo32_ENE.dll
2022-01-16 16:41 - 2018-11-15 15:08 - 002200784 _____ (Dexin Corp -> MICRO-STAR INTERNATIONAL) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\IcMSIDll.dll
2022-01-16 16:39 - 2022-01-16 16:39 - 002972368 _____ (Dexin Corp -> MICRO-STAR INTERNATIONAL) [File not signed] C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.123.0_x64__kzh8wxbdkxb8p\DCv2\Device\GM6070\IcMSIDll.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000135168 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\mediaservice\wmfengine.dll
2021-08-01 12:16 - 2021-08-01 12:16 - 000242176 _____ (Fortemedia) [File not signed] C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.27.252.0_x64__dt26b99r8h8gj\FMAPOCTL.dll
2009-09-16 19:44 - 2009-09-16 19:44 - 000153088 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hptcpmib.dll
2009-09-16 19:45 - 2009-09-16 19:45 - 000331264 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\HpTcpMon.dll
2009-09-16 12:44 - 2009-09-16 12:44 - 000132096 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hpzjrd01.dll
2022-01-16 01:53 - 2021-12-26 16:00 - 000093696 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2009-09-16 19:45 - 2009-09-16 19:45 - 000317440 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\HPTcpMUI.dll
2020-05-11 17:41 - 2020-05-11 17:41 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2020-05-11 17:41 - 2020-05-11 17:41 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2022-01-16 16:41 - 2018-08-31 08:26 - 000053760 _____ (MS) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\MsIo32_Galax.dll
2020-01-27 05:44 - 2020-01-27 05:44 - 000023040 _____ (Synaptics Incorporated.) [File not signed] C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.27.252.0_x64__dt26b99r8h8gj\SynAudSrvDll.dll
2020-02-13 16:53 - 2022-01-28 00:05 - 000983552 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\chrome_elf.dll
2018-03-23 13:00 - 2021-08-01 01:17 - 000952320 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\chrome_elf.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 000002560 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Origin\icudt58.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 001252864 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Origin\icuuc58.dll
2022-01-21 00:49 - 2021-12-10 18:55 - 003394560 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libcrypto-1_1-x64.dll
2022-01-21 00:49 - 2021-12-10 18:55 - 000679424 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\libssl-1_1-x64.dll
2021-09-25 23:33 - 2021-09-25 23:33 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2021-09-25 23:33 - 2021-09-25 23:33 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2018-04-06 20:29 - 2018-04-06 20:29 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\LIBEAY32.dll
2018-04-06 20:29 - 2018-04-06 20:29 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\ssleay32.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 001276928 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\LIBEAY32.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000276992 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\ssleay32.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qgif.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 000032768 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qico.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 000256512 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 000026112 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qtga.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 000305152 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2021-09-25 23:33 - 2021-09-25 23:33 - 000278016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\mediaservice\dsengine.dll
2021-09-25 23:33 - 2021-09-25 23:33 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 000709120 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Multimedia.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 000207360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Positioning.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 000310272 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5PrintSupport.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 003513344 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Qml.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 003390976 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Quick.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 000068096 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5QuickWidgets.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 000045568 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5TextToSpeech.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 054071296 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebEngineCore.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 000211456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebEngineWidgets.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 000116224 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebChannel.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2022-03-12 16:37 - 2021-09-25 23:33 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000047104 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\audio\qtaudio_windows.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000038400 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\bearer\qgenericbearer.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000025600 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\imageformats\qgif.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000034816 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\imageformats\qicns.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000025600 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\imageformats\qico.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000364032 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\imageformats\qjpeg.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000021504 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\imageformats\qsvg.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000019968 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\imageformats\qtga.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000331776 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\imageformats\qtiff.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000019456 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\imageformats\qwbmp.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000414720 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\imageformats\qwebp.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 001192960 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\platforms\qwindows.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\Qt5Concurrent.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 005087232 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\Qt5Core.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 005353984 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\Qt5Gui.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000576512 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\Qt5Multimedia.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 001042944 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\Qt5Network.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000260096 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\Qt5Positioning.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000267776 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\Qt5PrintSupport.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 003359232 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\Qt5Qml.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 003181056 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\Qt5Quick.dll
2021-12-21 17:05 - 2022-01-10 16:33 - 000059904 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\Qt5QuickWidgets.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000265728 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\Qt5Svg.dll
2021-12-21 17:05 - 2022-01-10 16:33 - 059392000 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\Qt5WebEngineCore.dll
2021-12-21 17:05 - 2022-01-10 16:33 - 000187904 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\Qt5WebEngineWidgets.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\Qt5WebChannel.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000125440 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\Qt5WebSockets.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 004532224 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\Qt5Widgets.dll
2020-01-30 23:17 - 2022-01-10 16:33 - 000147456 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\Qt5Xml.dll
2021-12-21 17:05 - 2022-01-10 16:33 - 000122880 _____ (The Qt Company Ltd.) [File not signed] C:\Users\PROXIMA\AppData\Local\vghd\bin\styles\qwindowsvistastyle.dll
2022-01-16 16:41 - 2016-10-04 05:43 - 000399872 _____ (TODO: <公司名稱>) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Lib\SDKDLL.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\01546352.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\10428605.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\01546352.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\10428605.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-2060847573-491222334-2049653053-1001\Software\Classes\.scr: DWGTrueViewScriptFile => C:\WINDOWS\system32\notepad.exe "%1"
==================== Internet Explorer (Whitelisted) ==========
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.22.2.10\coIEPlg.dll [2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-03-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine32\22.22.2.10\coIEPlg.dll [2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.22.2.10\coIEPlg.dll [2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.22.2.10\coIEPlg.dll [2022-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-04-06] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 06:49 - 2019-03-19 06:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2060847573-491222334-2049653053-1001\Control Panel\Desktop\\Wallpaper -> D:\OBRÁZKY\BACKGROUNDS\wallhaven-965qzx.jpg
DNS Servers: 86.49.5.221 - 86.49.5.222
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet 2: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)
Ethernet: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run32: => "Discord"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKU\S-1-5-21-2060847573-491222334-2049653053-1001\...\StartupApproved\StartupFolder: => "DesktopVideoPlayer.lnk"
HKU\S-1-5-21-2060847573-491222334-2049653053-1001\...\StartupApproved\StartupFolder: => "Poslat do aplikace OneNote.lnk"
HKU\S-1-5-21-2060847573-491222334-2049653053-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2060847573-491222334-2049653053-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2060847573-491222334-2049653053-1001\...\StartupApproved\Run: => "SurfEasy"
HKU\S-1-5-21-2060847573-491222334-2049653053-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2060847573-491222334-2049653053-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B784FE21-701F-4BFB-9F84-E474C3E255F0}] => (Allow) D:\HRY\steamapps\common\Far Cry New Dawn\bin\FarCryNewDawn.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{58790B5A-82F4-4201-BE6F-E6F74E01AB60}] => (Allow) D:\HRY\steamapps\common\Far Cry New Dawn\bin\FarCryNewDawn.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{8F294AD7-C20F-41D8-BEB6-59FD2AC17F36}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{60EEF22F-3B77-4CAE-A702-625C27C3F97F}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe => No File
FirewallRules: [{0C35891E-CC97-4E60-80F6-76821D8425A0}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{903707C3-5A7E-43CF-9C03-F01365A07421}] => (Allow) D:\HRY\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com)
FirewallRules: [{62959DEE-BA12-4A72-BE16-A216C79F0608}] => (Allow) D:\HRY\steamapps\common\Cyberpunk 2077\REDprelauncher.exe (GOG Sp. z o.o. -> GOG.com)
FirewallRules: [{4A1CB351-EF6A-40E3-B6DE-0FC7A24207A4}] => (Allow) D:\HRY\steamapps\common\LastEvil\LastEvil.exe () [File not signed]
FirewallRules: [{146918A2-FE4C-4937-9EED-AD08A5A87ABA}] => (Allow) D:\HRY\steamapps\common\LastEvil\LastEvil.exe () [File not signed]
FirewallRules: [{1FC6714A-772C-4778-8C7A-3A129EF131F8}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{4211B7C9-D40A-4E38-96A9-ACC0D4589378}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{C41B0838-85DF-4E16-97E5-D50161F907F6}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{91C1E9AA-1630-4A24-8EBF-2F889B90ADEA}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{151244F0-B71F-442A-A391-FA4693447F74}] => (Allow) D:\HRY\steamapps\common\Far Cry 4\bin\IGE_WPF64.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{2094F646-0D1B-4F2A-BA58-F4F9AE9884FC}] => (Allow) D:\HRY\steamapps\common\Far Cry 4\bin\IGE_WPF64.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{62A45BD7-60EA-494F-BBA5-F1DD6971E06E}] => (Allow) D:\HRY\steamapps\common\Far Cry 4\bin\FarCry4.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{697BF95A-87E7-418B-8BCF-0D44410B2595}] => (Allow) D:\HRY\steamapps\common\Far Cry 4\bin\FarCry4.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{0F44197A-723C-4A35-901E-5991A71B6EC8}] => (Allow) C:\Program Files\Acronis\CyberProtect\cyber-protect-service.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{0EC73DA9-E7C7-4F66-AE90-2BECA2CA660E}] => (Allow) C:\Program Files (x86)\Acronis\Agent\aakore.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{916F5D4F-08DB-43F8-A8C0-2CB5B14C44C5}] => (Allow) D:\HRY\steamapps\common\Far Cry 3\bin\farcry3_d3d11.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{CC6FF476-6359-4438-B9F0-FB57F2A13FCF}] => (Allow) D:\HRY\steamapps\common\Far Cry 3\bin\farcry3_d3d11.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{DDB9457E-FF4B-4465-B7AD-99C71205C52C}] => (Allow) D:\HRY\steamapps\common\Far Cry 3\bin\farcry3.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{A9D40703-9D66-4536-8917-84CA67DA7852}] => (Allow) D:\HRY\steamapps\common\Far Cry 3\bin\farcry3.exe (Ubisoft Entertainment -> Ubisoft Entertainment)
FirewallRules: [{B0EAB618-0AC8-4466-8225-8D889DC2FC30}] => (Allow) D:\HRY\steamapps\common\FarCry5\bin\FarCry5.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{4ACCE089-B880-4521-9D3F-EF4F16E46394}] => (Allow) D:\HRY\steamapps\common\FarCry5\bin\FarCry5.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{488B3B31-5121-489D-95BD-FD7591BB6B41}] => (Allow) D:\HRY\steamapps\common\Metro Exodus\MetroExodus.exe (4A Games) [File not signed]
FirewallRules: [{A0ED29B6-9D94-4039-95D9-8998E60D5396}] => (Allow) D:\HRY\steamapps\common\Metro Exodus\MetroExodus.exe (4A Games) [File not signed]
FirewallRules: [{30E15B77-C99A-4432-952D-43FE18849EFE}] => (Allow) D:\HRY\steamapps\common\Metro Last Light Redux\metro.exe (Koch Media GmbH -> 4A Games)
FirewallRules: [{BBF8565B-D036-49B9-AB45-EEBF5D867994}] => (Allow) D:\HRY\steamapps\common\Metro Last Light Redux\metro.exe (Koch Media GmbH -> 4A Games)
FirewallRules: [{A93D0B15-6938-48EB-A896-3D44E2BFB133}] => (Allow) D:\HRY\steamapps\common\Metro 2033 Redux\metro.exe (Koch Media GmbH -> 4A Games)
FirewallRules: [{94E9C275-D01D-4FF0-BB7A-9802E9625825}] => (Allow) D:\HRY\steamapps\common\Metro 2033 Redux\metro.exe (Koch Media GmbH -> 4A Games)
FirewallRules: [{3DF5AB67-5C2E-4CFD-BA1E-FE12C76A3854}] => (Allow) D:\HRY\steamapps\common\Far Cry 2\bin\FC2ServerLauncher.exe (Ubisoft Entertainment) [File not signed]
FirewallRules: [{1C0E9D67-47F9-4DC5-900E-E746D312DFE9}] => (Allow) D:\HRY\steamapps\common\Far Cry 2\bin\FC2ServerLauncher.exe (Ubisoft Entertainment) [File not signed]
FirewallRules: [{7B189CEB-7B64-47C4-B77D-A1440B0E2FD7}] => (Allow) D:\HRY\steamapps\common\Far Cry 2\bin\FC2BenchmarkTool.exe (Ubisoft Entertainment) [File not signed]
FirewallRules: [{806D0DB1-4938-4377-B9CC-5EBCA1D0FD6F}] => (Allow) D:\HRY\steamapps\common\Far Cry 2\bin\FC2BenchmarkTool.exe (Ubisoft Entertainment) [File not signed]
FirewallRules: [{2F6B4C81-1DEF-45E5-8ADA-C61F5CDA35E2}] => (Allow) D:\HRY\steamapps\common\Far Cry 2\bin\FC2Editor.exe (Ubisoft Entertainment) [File not signed]
FirewallRules: [{8B873CD6-002E-4401-9B18-DB0E48D62D0F}] => (Allow) D:\HRY\steamapps\common\Far Cry 2\bin\FC2Editor.exe (Ubisoft Entertainment) [File not signed]
FirewallRules: [{CB1036EF-F0B5-4DE8-88F5-37030BE26056}] => (Allow) D:\HRY\steamapps\common\Far Cry 2\bin\FarCry2.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{AEA8DE10-6412-4C4E-BE15-B08E4517F91A}] => (Allow) D:\HRY\steamapps\common\Far Cry 2\bin\FarCry2.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{A75691EE-201D-4AAE-AC52-8323AFD1B0D5}] => (Allow) D:\HRY\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{C445DD13-E87D-4115-A74B-12A624421575}] => (Allow) D:\HRY\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{C3568898-163C-49A3-892D-7C9ABBCB05D8}] => (Allow) D:\HRY\steamapps\common\Command and Conquer Red Alert 3\runme.exe () [File not signed]
FirewallRules: [{860E0A68-A332-4650-9D5D-0C7C8C040D1D}] => (Allow) D:\HRY\steamapps\common\Command and Conquer Red Alert 3\runme.exe () [File not signed]
FirewallRules: [{18C31DC6-2EA1-415E-8E04-B35525AF123B}] => (Allow) D:\HRY\steamapps\common\Command and Conquer 3 - Kane's Wrath\CNC3EP1.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{D47AF13C-2D10-47BF-8C5C-765EE8B278CC}] => (Allow) D:\HRY\steamapps\common\Command and Conquer 3 - Kane's Wrath\CNC3EP1.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{D4D7CF2C-7BC0-41A0-809C-FD4F3B7A571A}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe (Acronis International GmbH -> )
FirewallRules: [{E9F2A250-033A-4B7C-B6B2-41ED4E02104D}] => (Allow) D:\HRY\steamapps\common\Star Wars Empire at War\runme2.exe (Disney Interactive Studios Inc -> )
FirewallRules: [{6AD2E3D7-000D-497E-829F-4B5F50EE66BD}] => (Allow) D:\HRY\steamapps\common\Star Wars Empire at War\runme2.exe (Disney Interactive Studios Inc -> )
FirewallRules: [{9FA944DC-6CD5-4C83-A3B5-DF91AF5D2692}] => (Allow) D:\HRY\steamapps\common\Star Wars Empire at War\runme.exe (Disney Interactive Studios Inc -> )
FirewallRules: [{DE840D14-2892-45BF-B7C6-D7073EF6796C}] => (Allow) D:\HRY\steamapps\common\Star Wars Empire at War\runme.exe (Disney Interactive Studios Inc -> )
FirewallRules: [{41415005-63DD-4A2D-A9BE-B7B0311CEF61}] => (Allow) D:\HRY\steamapps\common\Quake 3 Arena\quake3.exe () [File not signed]
FirewallRules: [{DF31E89E-CF8F-4C51-9949-82972F69E155}] => (Allow) D:\HRY\steamapps\common\Quake 3 Arena\quake3.exe () [File not signed]
FirewallRules: [{4F88C9BB-1A26-480A-A58A-0D6F2B674EF2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{434EA81D-48F2-49FB-97E1-62FA364C2C6C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{81E9C241-D9D0-4542-88A9-2DBBEFFAA844}] => (Allow) D:\HRY\steamapps\common\Cinderella Escape! R12\CinderellaEscape!_R12.exe () [File not signed]
FirewallRules: [{82710235-2331-417D-BC51-63FAA49D6026}] => (Allow) D:\HRY\steamapps\common\Cinderella Escape! R12\CinderellaEscape!_R12.exe () [File not signed]
FirewallRules: [{C9B5DD00-8028-4C1D-A8CC-7C69A3BCA6D0}] => (Allow) C:\Users\PROXIMA\AppData\Local\vghd\bin\vghd.exe (Totem Core Limited) [File not signed]
FirewallRules: [{90243407-4E72-4748-88C5-036CCE40A8BD}] => (Allow) C:\Users\PROXIMA\AppData\Local\vghd\bin\vghd.exe (Totem Core Limited) [File not signed]
FirewallRules: [{E22E0740-9C27-4F25-BFBC-5563391A6899}] => (Allow) D:\HRY\steamapps\common\Torchlight II\ModLauncher.exe (Runic Games, Inc. -> Runic Games, Inc.)
FirewallRules: [{51233C75-A6BE-41EF-89FD-25D88E695215}] => (Allow) D:\HRY\steamapps\common\Torchlight II\ModLauncher.exe (Runic Games, Inc. -> Runic Games, Inc.)
FirewallRules: [{27B2A585-63D1-433B-9B31-0C199A13770F}] => (Allow) D:\HRY\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{26CDAF47-8EFD-48EE-99BF-5EF7F204C302}] => (Allow) D:\HRY\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [UDP Query User{4375D644-7889-4999-914D-95C9D30107FB}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{CEEBEABA-B53C-4FE6-8A36-7666E08D232A}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [{719B9DD9-EBC7-4576-AE1F-E800D5EFA0E8}] => (Allow) D:\HRY\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Take-Two Interactive Software, Inc. -> Gearbox Software)
FirewallRules: [{17AA2BF1-BE96-41A0-8477-72F5F8F0C307}] => (Allow) D:\HRY\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe (Take-Two Interactive Software, Inc. -> Gearbox Software)
FirewallRules: [{51910EBB-08FA-4478-8DBB-96E123464130}] => (Allow) D:\HRY\steamapps\common\Star Trek Online\Star Trek Online.exe (CRYPTIC STUDIOS, INC -> )
FirewallRules: [{FD31F164-015B-47E0-9A21-8E2417BCE774}] => (Allow) D:\HRY\steamapps\common\Star Trek Online\Star Trek Online.exe (CRYPTIC STUDIOS, INC -> )
FirewallRules: [{6F51060A-B286-4AD3-A215-59880613CDB1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{74934010-C151-4D6A-B0A8-0311964D660B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{8871A495-E9A5-47E2-8C97-F928723CF8DF}] => (Block) C:\program files (x86)\gigabyte\@bios\flashbios.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
FirewallRules: [{18DB614F-0F6C-4436-BB95-23F489B6A696}] => (Block) C:\program files (x86)\gigabyte\@bios\flashbios.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
FirewallRules: [UDP Query User{DC771EBE-AB50-4652-A965-22157807F4CD}C:\program files (x86)\gigabyte\@bios\flashbios.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\flashbios.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
FirewallRules: [TCP Query User{A6978883-5BEE-4DDC-A206-15CD0E9DD984}C:\program files (x86)\gigabyte\@bios\flashbios.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\flashbios.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
FirewallRules: [{0528BF92-05EC-4343-9707-1494AEB63DD4}] => (Allow) D:\HRY\steamapps\common\3DMark\3DMarkLauncher.exe (FUTUREMARK INC -> Futuremark)
FirewallRules: [{DAD0B92F-E400-41EF-9C95-743193D4ABE0}] => (Allow) D:\HRY\steamapps\common\3DMark\3DMarkLauncher.exe (FUTUREMARK INC -> Futuremark)
FirewallRules: [{6119D93F-9075-4B95-BD8A-210AC9F77178}] => (Allow) D:\HRY\steamapps\common\BorderlandsGOTYEnhanced\Binaries\Win64\Launcher.exe (Gearbox Software) [File not signed]
FirewallRules: [{702E434C-84DC-4D01-B1FE-845F8BCA20D7}] => (Allow) D:\HRY\steamapps\common\BorderlandsGOTYEnhanced\Binaries\Win64\Launcher.exe (Gearbox Software) [File not signed]
FirewallRules: [{9C946168-E388-443B-8428-5CE7E50CA255}] => (Allow) D:\HRY\steamapps\common\FarCry5\bin\FarCry5.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{157299C5-0231-40A8-8F40-5E01C6AB209D}] => (Allow) D:\HRY\steamapps\common\FarCry5\bin\FarCry5.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{7C7E6AB4-977A-4213-A920-CA4089667966}] => (Allow) D:\HRY\steamapps\common\FarCry5\bin\ArcadeEditor64.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{65C6065B-2736-4384-8A6F-B030F86C8DCB}] => (Allow) D:\HRY\steamapps\common\FarCry5\bin\ArcadeEditor64.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{3C594074-EDFF-4423-A278-F877C1CA0218}] => (Allow) D:\HRY\steamapps\common\She Will Punish Them\She Will Punish Them.exe () [File not signed]
FirewallRules: [{35536CA6-93D6-412F-A4FD-09A52DCBBA42}] => (Allow) D:\HRY\steamapps\common\She Will Punish Them\She Will Punish Them.exe () [File not signed]
FirewallRules: [{C8F800AC-39F3-41EE-9100-C0E27B33BB83}] => (Allow) D:\HRY\steamapps\common\Naval Action\Client.exe () [File not signed]
FirewallRules: [{76700009-64E5-4067-B9E0-C7C9BE16D4B1}] => (Allow) D:\HRY\steamapps\common\Naval Action\Client.exe () [File not signed]
FirewallRules: [{01EDE943-BA62-49AC-968D-F6F69B00937D}] => (Allow) D:\HRY\steamapps\common\Naval Action\NavalActionCrashSender.exe (Game Labs, Inc. -> )
FirewallRules: [{393411BC-F844-45E2-9092-A58B7446BC1F}] => (Allow) D:\HRY\steamapps\common\Naval Action\NavalActionCrashSender.exe (Game Labs, Inc. -> )
FirewallRules: [{24B364F7-3D0E-4A23-A996-7CC2E716AC3F}] => (Allow) D:\HRY\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{BE4C8F11-00C2-45E4-889B-E9EC10B86A22}] => (Allow) D:\HRY\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft)
FirewallRules: [{849E7A2D-CF0A-459D-B641-77BB32DE329A}] => (Allow) D:\HRY\steamapps\common\OpenTTD\openttd.exe (OpenTTD Distribution LTD -> OpenTTD Development Team)
FirewallRules: [{AAB8A78C-0B1F-4BF7-9E74-D00AAFBA03DC}] => (Allow) D:\HRY\steamapps\common\OpenTTD\openttd.exe (OpenTTD Distribution LTD -> OpenTTD Development Team)
FirewallRules: [{7140E622-BF05-424F-A7B7-7EDF5E67AB4F}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis International GmbH -> )
FirewallRules: [{F2D80B9F-5FCF-4EF5-A333-09D3923D5E19}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{AD231456-18F5-498D-85AD-C79DE93CC958}] => (Allow) C:\Program Files (x86)\Acronis\CyberProtectHomeOffice\CyberProtectHomeOffice.exe (Acronis International GmbH -> )
FirewallRules: [{86EEF5F9-59A7-4E11-8E07-AD4E85A8F091}] => (Allow) C:\Program Files (x86)\Acronis\CyberProtectHomeOffice\CyberProtectHomeOfficeMonitor.exe (Acronis International GmbH -> )
FirewallRules: [{A1F198A9-76B1-42C0-BCE0-45979C375133}] => (Allow) C:\Program Files (x86)\Acronis\CyberProtectHomeOffice\CyberProtectHomeOfficeTools.exe (Acronis International GmbH -> )
FirewallRules: [{D0B00939-1C32-4278-A2AF-DB1E86F7C5B2}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\CyberProtectHomeOffice\CyberProtectHomeOfficeService.exe (Acronis International GmbH -> )
FirewallRules: [{B3D6A000-4675-40D7-90CD-018BA450F317}] => (Allow) C:\Program Files (x86)\Acronis\CyberProtectHomeOffice\MediaBuilder.exe (Acronis International GmbH -> )
FirewallRules: [{19F568FC-95BC-445B-9DAD-7F76CB203604}] => (Allow) C:\Program Files (x86)\Acronis\CyberProtectHomeOffice\SystemReport.exe (Acronis International GmbH -> )
FirewallRules: [{5E0C90E7-CCA5-4BF6-9027-0C19F6EF5A82}] => (Allow) C:\Program Files (x86)\Acronis\CyberProtectHomeOffice\acronis_drive.exe (Acronis International GmbH -> )
FirewallRules: [{44AF784D-9E2D-4892-A655-06CFA0ECA25D}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{4CF82429-BCBF-4152-A8D0-53CB922FEDBB}] => (Allow) C:\Program Files (x86)\Acronis\CyberProtectHomeOffice\mobile_backup_status_server.exe (Acronis International GmbH -> )
FirewallRules: [{A617C266-AA25-483E-9F5D-BA7876AED69C}] => (Allow) C:\Program Files (x86)\Acronis\CyberProtectHomeOffice\ga_service.exe (Acronis International GmbH -> )
FirewallRules: [{2395C823-0877-44C0-ACB2-3A7CA6911837}] => (Allow) C:\Program Files (x86)\Acronis\CyberProtectHomeOffice\LicenseActivator.exe (Acronis International GmbH -> )
FirewallRules: [{143D187F-B65B-4EEF-96A7-CE88A657CF05}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Home\report_sender.exe (Acronis International GmbH -> )
FirewallRules: [{EFCA75C9-873A-4FA5-879C-65144555FC3A}] => (Allow) C:\Program Files (x86)\Acronis\Agent\bin\bckp_amgr.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{0C95293D-8859-45CC-902D-BDE925129677}] => (Allow) C:\Program Files (x86)\Acronis\Agent\bin\task-manager.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{668B9E8D-0E79-4B67-A620-7FC73571791A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4ECB65AC-3753-42A0-ABA7-4D670632CDEC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{22310D04-1BD7-458E-A488-77E9E8082F07}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{B752E2E7-2F30-49D4-8286-7F848E82645A}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{BF8B9150-614D-4776-9D14-CB75EE88031D}] => (Allow) C:\Program Files (x86)\ASUS\ROG Live Service\ROGLiveService.exe (ASUSTeK COMPUTER INC. -> ASUSTek COMPUTER INC.)
FirewallRules: [{7B5CA7B9-4E23-4C83-B5B6-21C3412FC6B5}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmourySocketServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{8DB2492D-C9DA-4EA4-B309-626385BC972D}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ArmourySocketServer\ArmouryHtmlDebugServer.exe (ASUSTeK Computer Inc. -> ASUS)
FirewallRules: [{13CFF836-93ED-49CD-B9F2-07AD25A432EC}] => (Allow) C:\Program Files (x86)\ASUS\ArmouryDevice\asus_framework.exe => No File
FirewallRules: [{AF0F3A20-DE32-4F46-A0E7-772CCBCCEA6E}] => (Allow) D:\HRY\steamapps\common\Bedroom Blackjack\Bedroom Blackjack\Bedroom Blackjack.exe () [File not signed]
FirewallRules: [{C82E8AED-B4DE-4865-8450-DA2F75AB84B4}] => (Allow) D:\HRY\steamapps\common\Bedroom Blackjack\Bedroom Blackjack\Bedroom Blackjack.exe () [File not signed]
FirewallRules: [{0E1DCD8A-82BD-4F5B-B0CF-57D87FAC1499}] => (Allow) D:\HRY\steamapps\common\Far Cry New Dawn\bin\FarCryNewDawn.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{75A04994-29CB-43B5-A825-8018F0364364}] => (Allow) D:\HRY\steamapps\common\Far Cry New Dawn\bin\FarCryNewDawn.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{8471746B-FF4D-4810-B968-04A47D5C7496}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{CA995243-BD7E-44C8-BE51-84A475856111}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{D69904E0-8BE2-45FC-B9D5-9D0165E505A4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{597069C1-B701-4606-A434-5FD8DE9B0101}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{8D96A1E7-0DAA-4106-8A39-159A6094970A}] => (Allow) D:\HRY\steamapps\common\Heroes of Might & Magic III - HD Edition\HOMM3Launcher.exe () [File not signed]
FirewallRules: [{FF47E219-4105-4C37-A165-99189437B95E}] => (Allow) D:\HRY\steamapps\common\Heroes of Might & Magic III - HD Edition\HOMM3Launcher.exe () [File not signed]
FirewallRules: [{FA87B405-A051-40CA-BC0B-FD36515304ED}] => (Allow) D:\HRY\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{7F02FE15-55E6-4D60-AFBF-CAB01F60F1F3}] => (Allow) D:\HRY\steamapps\common\Grand Theft Auto IV\GTAIV\PlayGTAIV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{D0272A6E-8885-4C6E-96CD-B1134A0746F6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{61A79B85-6946-4005-89BB-BBBF49C18AAA}] => (Allow) D:\HRY\steamapps\common\3DMark\bin\x86\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{3F7CF548-987A-4115-8E55-3C40E02A9D92}] => (Allow) D:\HRY\steamapps\common\3DMark\bin\x86\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{E5F44B89-E382-47CB-B51C-C508CEF3D333}] => (Allow) D:\HRY\steamapps\common\3DMark\bin\x64\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{12928AC8-71B7-444A-9FF2-8F5DAC2F770E}] => (Allow) D:\HRY\steamapps\common\3DMark\bin\x64\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{27E8171C-6978-4E31-B6CA-B3CAEE9908DA}] => (Allow) LPort=32682
FirewallRules: [{3A020870-4E8C-4716-889A-EEA16DCAF076}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.36\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:952.79 GB) (Free:773.42 GB) (81%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (04/10/2022 01:24:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AcPowerNotification.exe, verze: 1.0.3.5, časové razítko: 0xf18935db
Název chybujícího modulu: clr.dll, verze: 4.8.4470.0, časové razítko: 0x61b731cd
Kód výjimky: 0xc00000fd
Posun chyby: 0x004d556a
ID chybujícího procesu: 0x2b18
Čas spuštění chybující aplikace: 0x01d84c000c397c00
Cesta k chybující aplikaci: C:\Program Files (x86)\ASUS\ArmouryDevice\dll\AcPowerNotification\AcPowerNotification.exe
Cesta k chybujícímu modulu: C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
ID zprávy: b965c67a-755f-4a80-b4cb-a5afc118ff1b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (04/10/2022 12:10:56 AM) (Source: Acronis Scheduler) (EventID: 1) (User: PROXIMA)
Description: Scheduler failed to run task with GUID '35CD6FD7-EB08-40BF-9D7B-33B0535CBF1B' because of error 3 (Systém nemůže nalézt uvedenou cestu).
Error: (04/09/2022 12:52:29 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (04/09/2022 12:52:29 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (04/09/2022 12:42:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbam.exe, verze: 4.0.0.1290, časové razítko: 0x622f1bce
Název chybujícího modulu: Qt5Core.dll, verze: 5.15.8.0, časové razítko: 0x620c5b61
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000002abf8
ID chybujícího procesu: 0x6de0
Čas spuštění chybující aplikace: 0x01d84bfe8b61d3b6
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Cesta k chybujícímu modulu: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
ID zprávy: aa045449-1ab4-42ec-a6bf-3c747ca53f7d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (04/09/2022 12:42:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbam.exe, verze: 4.0.0.1290, časové razítko: 0x622f1bce
Název chybujícího modulu: Qt5Core.dll, verze: 5.15.8.0, časové razítko: 0x620c5b61
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000005000
ID chybujícího procesu: 0x6de0
Čas spuštění chybující aplikace: 0x01d84bfe8b61d3b6
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Cesta k chybujícímu modulu: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
ID zprávy: 06c723e1-315d-4113-ad46-000e47684b2a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (04/08/2022 11:00:25 PM) (Source: Acronis Scheduler) (EventID: 1) (User: PROXIMA)
Description: Scheduler failed to run task with GUID '35CD6FD7-EB08-40BF-9D7B-33B0535CBF1B' because of error 3 (Systém nemůže nalézt uvedenou cestu).
Error: (04/08/2022 10:59:00 PM) (Source: Acronis Scheduler) (EventID: 1) (User: PROXIMA)
Description: Scheduler failed to run task with GUID '1A7779C8-8294-4740-8160-E7D888EB3738' because of error 3 (Systém nemůže nalézt uvedenou cestu).
System errors:
=============
Error: (04/09/2022 12:47:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ASUS Com Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (04/04/2022 04:29:02 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.
Error: (03/27/2022 12:37:42 AM) (Source: DCOM) (EventID: 10000) (User: PROXIMA)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (03/27/2022 12:35:27 AM) (Source: DCOM) (EventID: 10000) (User: PROXIMA)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (03/26/2022 11:45:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (03/26/2022 11:45:25 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba NVIDIA LocalSystem Container byla ukončena s následující chybou:
Obecný spustitelný příkaz vrátil výsledek označující selhání.
Error: (03/17/2022 03:26:47 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (14:22:52, 17.03.2022) bylo neočekávané.
Error: (03/17/2022 12:23:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
CodeIntegrity:
===============
Date: 2022-04-10 12:48:13
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume2\Program Files\Norton Security\Engine\22.22.2.10\symamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. F30 09/15/2020
Motherboard: Gigabyte Technology Co., Ltd. X570 AORUS PRO
Processor: AMD Ryzen 7 3700X 8-Core Processor
Percentage of memory in use: 22%
Total physical RAM: 65481.91 MB
Available physical RAM: 51074.65 MB
Total Virtual: 75209.91 MB
Available Virtual: 55862.12 MB
==================== Drives ================================
Drive c: (01 - SYSTEM) (Fixed) (Total:952.79 GB) (Free:773.42 GB) NTFS
Drive d: (02 - DATA) (Fixed) (Total:3726.01 GB) (Free:1682.52 GB) NTFS
Drive e: (03 - ZÁLOHA) (Fixed) (Total:1863.01 GB) (Free:1494.8 GB) NTFS
Drive f: (04 - ZÁLOHA) (Fixed) (Total:13038.98 GB) (Free:664.87 GB) NTFS
Drive g: (05 - ACRONI) (Removable) (Total:7.31 GB) (Free:6.73 GB) FAT32
\\?\Volume{e94febca-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.57 GB) (Free:0.13 GB) NTFS
\\?\Volume{e94febca-0000-0000-0000-d056ee000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 13039 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: EA22F96F)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 953.9 GB) (Disk ID: E94FEBCA)
Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=952.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=524 MB) - (Type=27)
==========================================================
Disk: 3 (Protective MBR) (Size: 3726 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 5 (MBR Code: Windows 7/8/10) (Size: 7.3 GB) (Disk ID: 7D307545)
Partition 1: (Active) - (Size=7.3 GB) - (Type=0C)
==================== End of Addition.txt =======================
