Rád bych poprosil o kontrolu logů:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-07-2023
Ran by kvask (administrator) on WARMACHINE (08-07-2023 20:35:40)
Running from C:\Users\kvask\Downloads\FRST64.exe
Loaded Profiles: kvask
Platform: Microsoft Windows 11 Pro Version 22H2 22621.1848 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <3>
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <6>
(C:\Program Files\Alienware\Alienware Command Center\AWCC.Service.exe ->) (Dell Inc -> Dell Technologies) C:\Program Files\Alienware\Alienware Command Center\AWCC.Background.Server.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (VideoLAN -> VideoLAN) C:\Program Files\VideoLAN\VLC\vlc.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_23153.2000.2140.6533_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\114.0.1823.67\msedgewebview2.exe <7>
(cmd.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(D:\Games\Riot Games\Riot Client\RiotClientServices.exe ->) () [File not signed] D:\Games\Riot Games\Riot Client\RiotClientCrashHandler.exe
(DriverStore\FileRepository\u0392410.inf_amd64_db8e7eec2f31b31d\B392251\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0392410.inf_amd64_db8e7eec2f31b31d\B392251\atieclxx.exe
(explorer.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\AMD\ANR\AMDNoiseSuppression.exe
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <32>
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) D:\Games\Riot Games\Riot Client\RiotClientServices.exe
(explorer.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\spool\drivers\x64\3\E_YATIY1E.EXE
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPDU.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0392410.inf_amd64_db8e7eec2f31b31d\B392251\atiesrxx.exe
(services.exe ->) (A-Volute -> Nahimic) C:\Windows\System32\AWHeadsetService.exe
(services.exe ->) (CORP\jserup.ext -> Jabra) [File not signed] C:\Program Files\Alienware\AWHeadsetCenter\AW988HWControl\MainController\MainControllerService.exe
(services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Inc -> Dell Technologies) C:\Program Files\Alienware\Alienware Command Center\AWCC.Service.exe
(services.exe ->) (Intel(R) INTELND1820 -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\NisSrv.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(sihost.exe ->) (F005DA31-7CE1-4D3E-ABEE-08A4AFF4F592 -> Dell Technologies) C:\Program Files\WindowsApps\DellInc.AlienwareCommandCenter_5.5.49.0_x64__htrsf667h5kn2\GameLibrary\GameLibraryAppService.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2325.5.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe
(svchost.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
(svchost.exe ->) (A-Volute -> Nahimic) C:\Windows\System32\AWHeadsetSvc64.exe
(svchost.exe ->) (A-Volute -> Nahimic) C:\Windows\SysWOW64\AWHeadsetSvc32.exe
(svchost.exe ->) (F005DA31-7CE1-4D3E-ABEE-08A4AFF4F592 -> Dell Technologies) C:\Program Files\WindowsApps\DellInc.AlienwareCommandCenter_5.5.49.0_x64__htrsf667h5kn2\AWCC.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.3261.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.3261.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.13900.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\Update\OneDriveSetup.exe" (No File)
HKLM\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-492486965-1052166103-1122767365-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4371816 2023-06-22] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-492486965-1052166103-1122767365-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [37027792 2023-06-28] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-492486965-1052166103-1122767365-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3542032 2022-11-07] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-492486965-1052166103-1122767365-1001\...\Run: [AMDNoiseSuppression] => C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe [155544 2022-08-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-492486965-1052166103-1122767365-1001\...\Run: [RiotClient] => D:\Games\Riot Games\Riot Client\RiotClientServices.exe [70738344 2023-07-01] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-492486965-1052166103-1122767365-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIY1E.EXE [485976 2020-09-11] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EPSON L1210 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBY1E.DLL [187392 2018-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\114.0.5735.199\Installer\chrmstp.exe [2023-06-29] (Google LLC -> Google LLC)
IFEO\osppsvc.exe: [VerifierDlls] SppExtComObjHook.dll
IFEO\SppExtComObj.Exe: [VerifierDlls] SppExtComObjHook.dll
BootExecute: autocheck autochk /m /P \Device\HarddiskVolume8autocheck autochk *
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {CA0C01BF-83D5-4747-8EC6-C0A0A223764B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {AD0352BE-7ABB-4B56-ABF5-66A9B7FC7EB8} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1024440 2023-05-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {AA30CD1C-4078-4679-8554-BD840A69A90A} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1024440 2023-05-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {92B5929D-49F5-40C0-B24B-2CD40896E3D1} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [183736 2023-05-23] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {EFFDCE56-0919-43D1-8468-6C492F63BE9E} - System32\Tasks\AWCC\Update => C:\Program Files (x86)\InstallShield Installation Information\{D2DA930B-CB5D-4DD6-BF62-BE6C310A353D}\Update\IMSilentUpdate.exe [19888 2023-04-07] (Dell Inc -> )
Task: {1F1DC2D8-C9E2-4581-8F72-2B5156D8D4A7} - System32\Tasks\AWHeadsetSvc32Run => C:\Windows\SysWOW64\AWHeadsetSvc32.exe [795648 2020-05-15] (A-Volute -> Nahimic)
Task: {E6EFE124-D127-4C0E-809E-15649AF5C840} - System32\Tasks\AWHeadsetSvc64Run => C:\Windows\System32\AWHeadsetSvc64.exe [1068536 2020-05-15] (A-Volute -> Nahimic)
Task: {FDAA5321-2DC7-4634-A18D-DAA5E4DBDECC} - System32\Tasks\AWHeadsetTask32 => C:\WINDOWS\System32\..\SysWOW64\AWHeadsetSvc32.exe [795648 ] (A-Volute -> Nahimic)
Task: {65390C6A-5DA6-4E39-ACD5-0649D0606D71} - System32\Tasks\AWHeadsetTask64 => C:\WINDOWS\System32\.\AWHeadsetSvc64.exe [1068536 ] (A-Volute -> Nahimic)
Task: {26D65BC6-C5B7-4544-85D8-8DCEB406B7D5} - System32\Tasks\EPSON L1210 Series Update {A77A9350-BADD-4D9E-9801-B739B3C59009} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSY1E.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {035CCE93-3D3C-4F9F-B7F3-7FE08A5FC1F8} - System32\Tasks\GoogleUpdateTaskMachineCore{FE65FB47-39AF-49AF-A8C4-A312FC745FA7} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-08-21] (Google LLC -> Google LLC)
Task: {639F9AD9-9465-4161-8656-3CB6B1ED6263} - System32\Tasks\GoogleUpdateTaskMachineUA{7DF1299A-21C4-4864-A890-FDF5F84BEEC1} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-08-21] (Google LLC -> Google LLC)
Task: {C87411BC-6B57-4CDF-932D-F23E02A173F4} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21864920 2023-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {33325DF8-3512-4156-85E1-AAF16577F568} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21864920 2023-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {4C507DF7-CB65-4EF2-81D2-2532E1B6694B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141248 2023-06-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {02E194FE-F950-4C0A-9304-117726B404E9} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141248 2023-06-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {2C8E3668-ABF4-498F-ACE0-75372257028B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4BB3EFCB-2E57-4AC0-A720-EDB802B7A9E1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7D41A74D-480B-40D4-BA89-BBECCF5FE845} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {22231A9F-6C32-44AA-84F5-5A4646AF1E96} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {577374F2-B214-4939-AE5A-D0DF3163F660} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1024440 2023-05-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {75CF7FCD-877B-4531-BCB7-5A3EC4C6A032} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4125576 2023-07-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {B7D31002-C82D-4DB9-9044-659566A4CEB6} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-492486965-1052166103-1122767365-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4125576 2023-07-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {B5D9B43D-D9BC-4C10-8D72-EF059B781DD8} - System32\Tasks\StartAUEP => C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe [710584 2023-05-23] (Advanced Micro Devices Inc. -> AMD)
Task: {5EB74C52-FCE8-4935-A4CE-E00FD753452F} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe [59832 2023-05-23] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\EPSON L1210 Series Update {A77A9350-BADD-4D9E-9801-B739B3C59009}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSY1E.EXE:/EXE:{A77A9350-BADD-4D9E-9801-B739B3C59009} /F:UpdateWORKGROUP\WARMACHINE$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 91.221.212.18 8.8.8.8
Tcpip\..\Interfaces\{bfb62ba8-09e4-4d19-a0df-5173a861ee8c}: [DhcpNameServer] 91.221.212.18 8.8.8.8
Edge:
=======
Edge Profile: C:\Users\kvask\AppData\Local\Microsoft\Edge\User Data\Default [2023-06-03]
Edge Extension: (Edge relevant text changes) - C:\Users\kvask\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-04-24]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-06-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-18] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\kvask\AppData\Local\Google\Chrome\User Data\Default [2023-07-08]
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://www.trotux.com ... 90&type=hp"
CHR Extension: (Honey: Automatic Coupons & Rewards) - C:\Users\kvask\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2023-07-02]
CHR Extension: (MyJDownloader Browser Extension) - C:\Users\kvask\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2023-05-14]
CHR Extension: (Google Docs Offline) - C:\Users\kvask\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-23]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\kvask\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-06-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\kvask\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-08-21]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AAErrorPort; C:\Users\kvask\AppData\Local\Temp\ActiveAnticheat\aaerrport.exe [226992 2023-07-07] (Private trade unitary enterprise LST -> Active Anticheat) <==== ATTENTION
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
S3 AntiCheatExpert Service; C:\Program Files\AntiCheatExpert\SGuard\x64\SGuardSvc64.exe [2688544 2022-08-21] (PUBG CORPORATION -> )
R2 AUEPLauncher; C:\Program Files\AMD\CIM\..\Performance Profile Client\AUEPDU.exe [509880 ] (Advanced Micro Devices Inc. -> AMD)
R2 AW988 Service; C:\Program Files\Alienware\AWHeadsetCenter\AW988HWControl\MainController\MainControllerService.exe [7616 2020-05-15] (CORP\jserup.ext -> Jabra) [File not signed]
R2 AWCCService; C:\Program Files\Alienware\Alienware Command Center\AWCC.Service.exe [20904 2023-06-14] (Dell Inc -> Dell Technologies)
R2 AWHeadsetService; C:\WINDOWS\System32\AWHeadsetService.exe [1310712 2020-05-15] (A-Volute -> Nahimic)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [9880840 2022-12-22] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9200592 2023-05-29] (Microsoft Corporation -> Microsoft Corporation)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [47320 2022-11-18] (Dell Inc -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1135648 2023-06-12] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2022-03-03] (Epic Games Inc. -> Epic Games, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncHelper.exe [3447176 2023-07-08] (Microsoft Corporation -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.127.0618.0001\OneDriveUpdaterService.exe [3783048 2023-07-08] (Microsoft Corporation -> Microsoft Corporation)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [254224 2021-11-16] (Razer USA Ltd. -> Razer Inc)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [537912 2022-10-24] (Razer USA Ltd. -> Razer Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [336144 2023-06-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SmrtService; C:\ProgramData\SmartGuard\lineage2\smrt3d\release\Data\347092d3ef610c635a2d70752b622a3474a15881\smrtsvc64.exe [13988696 2023-07-07] (Eikonect Software SL -> )
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [20713784 2023-06-27] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\Wellbia.com\ucldr_battlegrounds_gl.exe [5950504 2022-11-17] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\NisSrv.exe [3232576 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe [133592 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [10334280 2022-11-17] (PUBG CORPORATION -> KRAFTON, Inc)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACE-BASE; C:\Windows\system32\drivers\ACE-BASE.sys [2189952 2022-08-25] (PUBG CORPORATION -> ANTICHEATEXPERT.COM)
S3 ACE-GAME; C:\Windows\system32\drivers\ACE-GAME.sys [917616 2022-08-25] (PUBG CORPORATION -> ANTICHEATEXPERT.COM)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [25560 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R2 AMDRyzenMasterDriverV20; C:\WINDOWS\system32\AMDRyzenMasterDriver.sys [48328 2023-05-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_1a1a381a2c0e293c\amdsafd.sys [113056 2022-08-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0392410.inf_amd64_db8e7eec2f31b31d\B392251\amdkmdag.sys [100296080 2023-05-31] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [59920 2022-05-31] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 atvi-brynhildr; C:\ProgramData\Battle.net_components\brynhildr_odin\brynhildr.sys [2336008 2023-03-27] (Activision Publishing Inc -> Activision Blizzard, Inc.)
S3 atvi-randgrid_sr; D:\SteamLibrary\steamapps\common\Call of Duty HQ\randgrid.sys [2986792 2023-06-15] (Activision Publishing Inc -> Activision Blizzard, Inc.)
R3 AWCCDriver; C:\WINDOWS\System32\drivers\AWCCDriver.sys [42448 2022-08-22] (IndiLogic LLC -> Dell Inc.)
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
S3 MpKsl502b673b; C:\WINDOWS\system32\MpEngineStore\MpKslDrv.sys [228632 2022-11-07] (Microsoft Windows -> Microsoft Corporation)
R2 NPF; C:\Program Files (x86)\iVMS-4200 Site\Drivers\npf64.sys [36600 2023-03-31] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 PRProt; C:\Users\kvask\AppData\Local\Temp\ActiveAnticheat\1223564\active64.sys [6362680 2023-07-07] (Microsoft Windows Hardware Compatibility Publisher -> ) <==== ATTENTION
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [64168 2022-08-18] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0083; C:\WINDOWS\System32\drivers\RzDev_0083.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
S3 smrtkrnl64; C:\WINDOWS\System32\Drivers\smrtkrnl64.sys [5606784 2023-07-07] (Eikonect Software SL -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2023-06-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [498944 2023-06-13] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99568 2023-06-13] (Microsoft Windows -> Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [1445920 2022-11-17] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
S3 wtbt; \??\d:\steamlibrary\steamapps\common\super people\engine\binaries\thirdparty\wondertrust\wtdrv64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-07-08 20:35 - 2023-07-08 20:36 - 000026180 _____ C:\Users\kvask\Downloads\FRST.txt
2023-07-08 20:35 - 2023-07-08 20:35 - 000000000 ____D C:\FRST
2023-07-08 20:33 - 2023-07-08 20:34 - 002383872 _____ (Farbar) C:\Users\kvask\Downloads\FRST64.exe
2023-07-08 20:32 - 2023-07-08 20:32 - 006573192 _____ (Avira Operations GmbH) C:\Users\kvask\Downloads\avira_en_sptl1_1029007760-1688841148__ws-spotlightbrowsernew-control.exe
2023-07-08 19:31 - 2023-07-08 19:34 - 1509364765 _____ C:\Users\kvask\Downloads\Gotham 1080p CZ titulky S03E21-E22 - Volání osudu, Těžkášpinaváduše.mkv
2023-07-08 19:01 - 2023-07-08 19:24 - 419409920 _____ C:\Users\kvask\Downloads\Gotham S03E20 - CZ TIT..avi
2023-07-08 03:11 - 2023-07-08 03:11 - 000729994 _____ C:\WINDOWS\system32\perfh005.dat
2023-07-08 03:11 - 2023-07-08 03:11 - 000155090 _____ C:\WINDOWS\system32\perfc005.dat
2023-07-08 01:20 - 2020-11-19 03:38 - 093296288 _____ C:\Users\kvask\Downloads\Rafael Interface.rar
2023-07-07 23:59 - 2023-07-07 23:59 - 005606784 ____N C:\WINDOWS\system32\Drivers\smrtkrnl64.sys
2023-07-07 23:42 - 2023-07-07 23:42 - 000000000 ____D C:\ProgramData\SmartGuard
2023-07-07 23:09 - 2023-07-07 23:09 - 000000000 ____D C:\Users\kvask\AppData\Local\UpNova.ru
2023-07-07 05:14 - 2023-07-07 05:37 - 419424256 _____ C:\Users\kvask\Downloads\Gotham S03E19 - CZ TIT..avi
2023-07-06 19:56 - 2023-07-06 19:56 - 000053792 _____ C:\Users\kvask\Downloads\Vyplatni_listek_-_05_2023.pdf
2023-07-06 19:56 - 2023-07-06 19:56 - 000053772 _____ C:\Users\kvask\Downloads\Vyplatni_listek_-_04_2023.pdf
2023-07-06 19:23 - 2023-07-06 19:28 - 000000000 ____D C:\Users\kvask\Downloads\Crysis_3_Remastered-FLT
2023-07-06 03:31 - 2023-07-07 02:00 - 000001006 _____ C:\Users\Public\Desktop\Heroes of Might and Magic 4 Complete.lnk
2023-07-06 03:31 - 2023-07-06 03:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of Might and Magic 4 Complete [GOG.com]
2023-07-06 03:29 - 2023-07-06 03:30 - 000000000 ____D C:\Users\kvask\Downloads\Heroes.of.Might.and.Magic.4.Complete.v2.0.0.12.GOG
2023-07-06 03:15 - 2023-07-06 03:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2023-07-06 03:15 - 2023-07-06 03:15 - 000000000 ____D C:\Program Files\qBittorrent
2023-07-03 17:12 - 2023-07-06 02:20 - 000000941 _____ C:\WINDOWS\Tasks\EPSON L1210 Series Update {A77A9350-BADD-4D9E-9801-B739B3C59009}.job
2023-07-03 17:12 - 2023-07-03 17:12 - 000004136 _____ C:\WINDOWS\system32\Tasks\EPSON L1210 Series Update {A77A9350-BADD-4D9E-9801-B739B3C59009}
2023-07-03 17:12 - 2023-07-03 17:12 - 000000000 ____D C:\Program Files\Common Files\EPSON
2023-07-03 17:11 - 2023-07-03 18:12 - 000000000 ____D C:\ProgramData\EPSON
2023-07-03 14:09 - 2023-07-03 14:09 - 000047354 _____ C:\Users\kvask\Downloads\Výsledovka.pdf
2023-07-03 14:08 - 2023-07-03 14:08 - 000048066 _____ C:\Users\kvask\Downloads\Výsledovka-2.pdf
2023-07-02 14:25 - 2023-07-02 14:29 - 058352138 _____ C:\Users\kvask\Downloads\06.Clefairy a Měsíční kámen.mkv
2023-07-01 14:23 - 2023-07-01 14:30 - 140793976 _____ C:\Users\kvask\Downloads\Pokémon 001 - Pokémone, volím si tebe!.mp4
2023-07-01 14:17 - 2023-07-01 14:23 - 141108850 _____ C:\Users\kvask\Downloads\Pokémon 002 - Nemocnice pro pokémony.mp4
2023-07-01 14:10 - 2023-07-01 14:17 - 132749598 _____ C:\Users\kvask\Downloads\Pokémon 004 - Souboj se Samurajem.mp4
2023-07-01 14:04 - 2023-07-01 14:10 - 135767310 _____ C:\Users\kvask\Downloads\Pokémon 005 - Zápas v Cínovém městě.mp4
2023-07-01 13:45 - 2023-07-01 13:45 - 073929150 _____ C:\Users\kvask\Downloads\Pokémon 006 - Clefairy And The Moon Stone.mp4
2023-07-01 13:43 - 2023-07-01 13:43 - 058839898 _____ C:\Users\kvask\Downloads\Pokémon 003 - První chycený Pokémon.mp4
2023-06-27 23:04 - 2023-06-27 23:04 - 000000000 ____D C:\Users\kvask\AppData\Roaming\Valve Corporation
2023-06-20 07:59 - 2023-06-29 23:07 - 000000000 ____D C:\Users\kvask\AppData\Roaming\Game
2023-06-20 07:40 - 2023-06-20 07:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crash Bandicoot N Sane Trilogy
2023-06-18 17:19 - 2023-06-18 18:18 - 1125266645 _____ C:\Users\kvask\Downloads\Why.Women.Kill.S01E01.720p.WEB.x264-LiGATE.mkv
2023-06-18 15:06 - 2023-06-18 15:06 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2023-06-15 00:52 - 2023-06-15 00:52 - 000000000 ____D C:\Users\kvask\AppData\Roaming\Albion
2023-06-14 21:33 - 2023-06-14 21:33 - 000046504 _____ (Alienware) C:\WINDOWS\system32\LightFX.dll
2023-06-14 21:33 - 2023-06-14 21:33 - 000040368 _____ C:\WINDOWS\SysWOW64\LightFX.dll
2023-06-14 06:59 - 2023-06-14 06:59 - 000000000 ___HD C:\$WinREAgent
2023-06-13 23:49 - 2023-06-13 23:49 - 000003302 _____ C:\WINDOWS\system32\Tasks\StartCNBM
2023-06-13 23:49 - 2023-06-13 23:49 - 000003192 _____ C:\WINDOWS\system32\Tasks\StartAUEP
2023-06-13 23:49 - 2023-06-13 23:49 - 000000000 ____D C:\Users\kvask\AppData\LocalLow\AMD
2023-06-13 23:48 - 2023-07-08 09:41 - 000003108 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2023-06-13 23:45 - 2023-06-13 23:45 - 000002620 _____ C:\WINDOWS\system32\Tasks\AMDRyzenMasterSDKTask
2023-06-13 23:45 - 2023-06-13 23:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Software꞉ Adrenalin Edition
2023-06-13 23:45 - 2023-06-13 23:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Bug Report Tool
2023-06-13 22:30 - 2023-05-31 21:36 - 002185152 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2023-06-13 22:30 - 2023-05-31 21:36 - 002185152 _____ C:\WINDOWS\system32\vulkaninfo.exe
2023-06-13 22:30 - 2023-05-31 21:35 - 001619392 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-06-13 22:30 - 2023-05-31 21:35 - 001619392 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2023-06-13 22:30 - 2023-05-31 21:35 - 001500328 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2023-06-13 22:30 - 2023-05-31 21:35 - 001500328 _____ C:\WINDOWS\system32\vulkan-1.dll
2023-06-13 22:30 - 2023-05-31 21:35 - 001231488 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2023-06-13 22:30 - 2023-05-31 21:35 - 001231488 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2023-06-13 22:30 - 2023-05-31 21:35 - 000791488 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2023-06-13 22:30 - 2023-05-31 21:35 - 000721304 _____ C:\WINDOWS\system32\hiprt0200064.dll
2023-06-13 22:30 - 2023-05-31 21:35 - 000668608 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2023-06-13 22:30 - 2023-05-31 21:35 - 000596368 _____ C:\WINDOWS\system32\GameManager64.dll
2023-06-13 22:30 - 2023-05-31 21:35 - 000538048 _____ C:\WINDOWS\system32\libsmi_guest.dll
2023-06-13 22:30 - 2023-05-31 21:35 - 000532368 _____ C:\WINDOWS\system32\dgtrayicon.exe
2023-06-13 22:30 - 2023-05-31 21:35 - 000531352 _____ C:\WINDOWS\system32\libsmi_host.dll
2023-06-13 22:30 - 2023-05-31 21:35 - 000492432 _____ C:\WINDOWS\system32\EEURestart.exe
2023-06-13 22:30 - 2023-05-31 21:35 - 000351120 _____ C:\WINDOWS\system32\clinfo.exe
2023-06-13 22:30 - 2023-05-31 21:35 - 000196496 _____ C:\WINDOWS\system32\mantle64.dll
2023-06-13 22:30 - 2023-05-31 21:35 - 000176016 _____ C:\WINDOWS\system32\mantleaxl64.dll
2023-06-13 22:30 - 2023-05-31 21:35 - 000173968 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2023-06-13 22:30 - 2023-05-31 21:35 - 000153488 _____ C:\WINDOWS\SysWOW64\mantle32.dll
2023-06-13 22:30 - 2023-05-31 21:35 - 000137616 _____ C:\WINDOWS\SysWOW64\mantleaxl32.dll
2023-06-13 22:30 - 2023-05-31 21:35 - 000137112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2023-06-13 22:30 - 2023-05-31 21:35 - 000041408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2023-06-13 22:30 - 2023-05-31 21:35 - 000038288 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2023-06-13 22:30 - 2023-05-31 21:34 - 100644800 _____ C:\WINDOWS\system32\amd_comgr.dll
2023-06-13 22:30 - 2023-05-31 21:34 - 084656576 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2023-06-13 22:30 - 2023-05-31 21:34 - 001537984 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2023-06-13 22:30 - 2023-05-31 21:34 - 001537984 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2023-06-13 22:30 - 2023-05-31 21:34 - 000938384 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2023-06-13 22:30 - 2023-05-31 21:34 - 000525712 _____ C:\WINDOWS\system32\atieah64.exe
2023-06-13 22:30 - 2023-05-31 21:34 - 000514496 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2023-06-13 22:30 - 2023-05-31 21:34 - 000463296 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2023-06-13 22:30 - 2023-05-31 21:34 - 000394688 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2023-06-13 22:30 - 2023-05-31 21:34 - 000379840 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2023-06-13 22:30 - 2023-05-31 21:34 - 000256400 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2023-06-13 22:30 - 2023-05-31 21:34 - 000216976 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2023-06-13 22:30 - 2023-05-31 21:34 - 000200432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2023-06-13 22:30 - 2023-05-31 21:34 - 000186256 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2023-06-13 22:30 - 2023-05-31 21:34 - 000163328 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2023-06-13 22:30 - 2023-05-31 21:34 - 000128448 _____ C:\WINDOWS\system32\amdxc64.dll
2023-06-13 22:30 - 2023-05-31 21:34 - 000103872 _____ C:\WINDOWS\SysWOW64\amdxc32.dll
2023-06-13 22:30 - 2023-05-31 21:34 - 000064960 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2023-06-13 22:30 - 2023-05-31 21:33 - 016164752 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll
2023-06-13 22:30 - 2023-05-31 21:33 - 007190496 _____ C:\WINDOWS\system32\amdsmi.exe
2023-06-13 22:30 - 2023-05-31 21:33 - 002257344 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdsasrv64.dll
2023-06-13 22:30 - 2023-05-31 21:33 - 001310656 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdsacli64.dll
2023-06-13 22:30 - 2023-05-31 21:33 - 001039256 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdsacli32.dll
2023-06-13 22:30 - 2023-05-31 21:33 - 000933264 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2023-06-13 22:30 - 2023-05-31 21:33 - 000761232 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2023-06-13 22:30 - 2023-05-31 21:33 - 000558480 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2023-06-13 22:30 - 2023-05-31 21:33 - 000461248 _____ C:\WINDOWS\system32\amdlogum.exe
2023-06-13 22:30 - 2023-05-31 21:33 - 000422288 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2023-06-13 22:30 - 2023-05-31 21:33 - 000155936 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2023-06-13 22:30 - 2023-05-31 21:33 - 000125704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2023-06-13 22:30 - 2023-05-31 21:32 - 004354496 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdadlx64.dll
2023-06-13 22:30 - 2023-05-31 21:32 - 004160400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdadlx32.dll
2023-06-13 22:30 - 2023-05-31 21:32 - 001701008 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll
2023-06-13 22:30 - 2023-05-31 21:32 - 001378312 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2023-06-13 22:30 - 2023-05-31 21:32 - 000553256 _____ C:\WINDOWS\system32\amdmiracast.dll
2023-06-13 22:30 - 2023-05-31 21:32 - 000165832 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2023-06-13 22:30 - 2023-05-31 21:32 - 000155984 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2023-06-13 22:30 - 2023-05-31 21:32 - 000145520 _____ C:\WINDOWS\system32\atidxx64.dll
2023-06-13 22:30 - 2023-05-31 21:32 - 000140264 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2023-06-13 22:30 - 2023-05-31 21:32 - 000125744 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2023-06-13 22:30 - 2023-05-31 21:32 - 000118968 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2023-06-13 22:30 - 2023-05-31 16:42 - 095242336 _____ C:\WINDOWS\system32\amdxc64.so
2023-06-13 13:35 - 2023-07-07 23:54 - 000000000 ____D C:\Users\kvask\AppData\Roaming\qBittorrent
2023-06-13 13:35 - 2023-06-13 13:35 - 000000000 ____D C:\Users\kvask\AppData\Local\qBittorrent
2023-06-12 17:25 - 2023-06-12 17:25 - 000000000 ____D C:\Users\kvask\AppData\LocalLow\Sandbox Interactive GmbH
2023-06-12 14:51 - 2023-06-12 14:51 - 000000000 ____D C:\Users\kvask\AppData\Local\Sandbox Interactive GmbH
2023-06-12 14:51 - 2023-06-12 14:51 - 000000000 ____D C:\Users\kvask\.QtWebEngineProcess
2023-06-12 14:51 - 2023-06-12 14:51 - 000000000 ____D C:\Users\kvask\.Albion Online Launcher
2023-06-12 13:48 - 2023-06-12 13:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Albion Online
2023-06-11 16:45 - 2023-06-11 16:45 - 000000000 ____D C:\Users\kvask\AppData\Roaming\.1911
2023-06-11 00:05 - 2023-06-11 05:33 - 000000000 ____D C:\Users\kvask\Downloads\Mario
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-07-08 20:29 - 2022-08-21 00:37 - 000000000 ____D C:\Program Files (x86)\Steam
2023-07-08 20:23 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-07-08 20:03 - 2022-08-22 23:29 - 000000000 ____D C:\Users\kvask\AppData\Roaming\vlc
2023-07-08 19:51 - 2022-08-21 00:35 - 000000000 ____D C:\Program Files (x86)\Google
2023-07-08 19:51 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-07-08 18:02 - 2022-09-21 04:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-07-08 17:41 - 2022-11-20 21:37 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-07-08 17:41 - 2022-11-18 14:39 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-07-08 17:41 - 2022-11-18 14:39 - 000002132 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-07-08 17:41 - 2022-09-21 04:21 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-492486965-1052166103-1122767365-1001
2023-07-08 17:41 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-07-08 17:41 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-07-08 09:41 - 2023-05-16 06:30 - 000003100 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2023-07-08 09:41 - 2022-09-21 04:21 - 000003124 _____ C:\WINDOWS\system32\Tasks\AWHeadsetTask32
2023-07-08 09:41 - 2022-09-21 04:21 - 000003104 _____ C:\WINDOWS\system32\Tasks\AWHeadsetTask64
2023-07-08 03:11 - 2022-09-21 04:27 - 001718028 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-07-08 03:11 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF
2023-07-08 03:07 - 2022-09-21 04:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-07-08 03:07 - 2022-08-22 00:03 - 000000000 ____D C:\Program Files\TeamViewer
2023-07-08 03:07 - 2022-08-21 01:18 - 000012288 ___SH C:\DumpStack.log.tmp
2023-07-08 02:58 - 2022-05-07 07:17 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-07-08 02:36 - 2022-08-22 19:14 - 000000000 ____D C:\Users\kvask\AppData\Local\CrashDumps
2023-07-07 23:53 - 2022-09-21 04:21 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-07-07 23:53 - 2022-09-21 04:21 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-07-07 20:35 - 2022-08-21 01:08 - 000000000 ____D C:\ProgramData\Riot Games
2023-07-07 07:00 - 2022-09-21 01:40 - 000000000 ____D C:\Users\kvask
2023-07-07 04:31 - 2022-08-22 23:29 - 000000000 ____D C:\Users\kvask\AppData\Local\ElevatedDiagnostics
2023-07-07 01:59 - 2022-09-04 09:21 - 000000000 ____D C:\Users\kvask\AppData\Local\AMD_Common
2023-07-07 01:47 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-07-05 20:29 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2023-07-05 15:33 - 2022-08-21 04:02 - 000000000 ____D C:\Users\kvask\AppData\Roaming\discord
2023-07-05 15:32 - 2022-08-21 04:02 - 000000000 ____D C:\Users\kvask\AppData\Local\Discord
2023-07-05 15:11 - 2022-09-21 01:33 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2023-07-04 13:46 - 2022-11-18 18:14 - 000000000 ____D C:\Users\kvask\AppData\Roaming\Microsoft\Word
2023-07-04 13:46 - 2022-11-18 18:14 - 000000000 ____D C:\Users\kvask\AppData\Roaming\Microsoft\Office
2023-07-03 16:41 - 2023-05-15 15:53 - 000002386 ____H C:\Users\kvask\OneDrive\Documents\Default.rdp
2023-07-03 14:07 - 2022-08-21 00:30 - 000000000 ____D C:\Users\kvask\AppData\Local\D3DSCache
2023-07-01 08:57 - 2022-08-21 01:19 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-06-30 21:04 - 2022-09-21 04:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\AWCC
2023-06-30 21:04 - 2022-08-22 09:02 - 000000000 ____D C:\Program Files (x86)\Dell
2023-06-30 21:04 - 2022-08-21 00:31 - 000000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2023-06-29 06:29 - 2022-08-21 00:35 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-06-29 06:29 - 2022-08-21 00:35 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-06-27 22:57 - 2022-08-21 01:03 - 000000000 ____D C:\Users\kvask\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2023-06-23 16:33 - 2022-10-13 20:52 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-06-23 16:33 - 2022-10-13 20:52 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-06-23 16:33 - 2022-09-21 04:21 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-06-23 09:24 - 2022-08-21 00:39 - 000000000 ____D C:\Users\kvask\AppData\Local\Steam
2023-06-21 23:18 - 2022-09-24 12:29 - 000000000 ____D C:\Users\kvask\AppData\Roaming\PrusaSlicer
2023-06-21 09:56 - 2023-03-04 21:23 - 000000000 ____D C:\Program Files\AMD
2023-06-19 14:09 - 2022-11-18 14:33 - 000000000 ____D C:\Program Files\Microsoft Office
2023-06-16 09:24 - 2023-01-09 22:15 - 000000000 ____D C:\ProgramData\Battle.net_components
2023-06-16 09:24 - 2023-01-09 22:14 - 000000000 ____D C:\Program Files (x86)\Battle.net
2023-06-16 01:46 - 2022-09-21 04:21 - 000003790 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{7DF1299A-21C4-4864-A890-FDF5F84BEEC1}
2023-06-16 01:46 - 2022-09-21 04:21 - 000003666 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{FE65FB47-39AF-49AF-A8C4-A312FC745FA7}
2023-06-16 01:28 - 2022-08-21 00:28 - 000000000 ____D C:\ProgramData\Package Cache
2023-06-14 18:00 - 2023-03-09 19:38 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2023-06-14 15:22 - 2022-09-21 04:17 - 000473176 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-06-14 15:21 - 2022-05-07 12:16 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-06-14 15:21 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-06-14 15:21 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\WUModels
2023-06-14 15:21 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\UUS
2023-06-14 15:21 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-06-14 15:21 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-06-14 15:21 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemResources
2023-06-14 15:21 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-06-14 15:21 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-06-14 15:21 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-06-14 15:21 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-06-14 15:21 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\servicing
2023-06-14 07:03 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-06-14 07:01 - 2022-09-21 04:18 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-06-14 00:21 - 2022-11-09 22:55 - 000000000 ____D C:\Users\kvask\AppData\Local\AMD
2023-06-14 00:18 - 2022-08-21 00:40 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-06-14 00:16 - 2022-08-21 00:40 - 170078616 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-06-13 23:59 - 2022-08-21 01:19 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-06-13 23:48 - 2022-08-21 00:49 - 000000000 ____D C:\AMD
2023-06-13 23:45 - 2023-03-04 21:25 - 000003484 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2023-06-13 23:45 - 2022-08-21 00:30 - 000000000 ____D C:\Users\kvask\AppData\Local\Packages
2023-06-13 23:45 - 2022-08-21 00:30 - 000000000 ____D C:\ProgramData\Packages
2023-06-11 15:00 - 2022-12-12 04:40 - 000000000 ____D C:\Users\kvask\AppData\Roaming\Microsoft\Excel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pořád vyskakuje okno na opravu driverů
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Pořád vyskakuje okno na opravu driverů
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-07-2023
Ran by kvask (08-07-2023 20:36:41)
Running from C:\Users\kvask\Downloads
Microsoft Windows 11 Pro Version 22H2 22621.1848 (X64) (2022-09-21 02:21:56)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-492486965-1052166103-1122767365-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-492486965-1052166103-1122767365-503 - Limited - Disabled)
Guest (S-1-5-21-492486965-1052166103-1122767365-501 - Limited - Disabled)
kvask (S-1-5-21-492486965-1052166103-1122767365-1001 - Administrator - Enabled) => C:\Users\kvask
WDAGUtilityAccount (S-1-5-21-492486965-1052166103-1122767365-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 23.003.20215 - Adobe)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_2_2) (Version: 21.2.2.289 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Alienware Command Center Package Manager (HKLM-x32\...\{D2DA930B-CB5D-4DD6-BF62-BE6C310A353D}) (Version: 5.5.49.0 - Dell Inc.)
Alienware Command Center Suite (HKLM\...\{6DD143CB-274F-4FB2-A73E-87971A890A3C}) (Version: 5.5.49.0 - Dell Inc.) Hidden
Alienware Command Center Suite (HKLM-x32\...\InstallShield_{6DD143CB-274F-4FB2-A73E-87971A890A3C}) (Version: 5.5.49.0 - Dell Inc.) Hidden
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 3.10.22.706 - Advanced Micro Devices, Inc.)
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.83 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.17.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 7.0.4.4 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 23.5.2 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{cf77cf6b-71ff-4a71-802d-43adb9b271b7}) (Version: 3.10.22.706 - Advanced Micro Devices, Inc.) Hidden
Autodesk Fusion 360 (HKU\S-1-5-21-492486965-1052166103-1122767365-1001\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.16265 - Autodesk, Inc.)
AW988 HW Control (HKLM-x32\...\{27f62ca6-f3b1-463e-a2ff-fdcb721925d6}) (Version: 2.1.2 - Alienware) Hidden
AWHeadsetDriverInstallerSetup (HKLM\...\{BBB8F580-EB0A-406D-814B-9BF985985B9B}) (Version: 2.1.201 - Alienware) Hidden
BinaryHWControlSetup (HKLM\...\{24E299BF-3A14-4834-94B2-FDCDD54817EA}) (Version: 2.1.201 - Alienware) Hidden
Branding64 (HKLM\...\{2A677A6A-43E8-4FE3-A273-07B0E27DADAE}) (Version: 1.00.0008 - Advanced Micro Devices, Inc.) Hidden
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment)
Crash Bandicoot N Sane Trilogy (HKLM-x32\...\Crash Bandicoot N Sane Trilogy_is1) (Version: - )
Discord (HKU\S-1-5-21-492486965-1052166103-1122767365-1001\...\Discord) (Version: 1.0.9006 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{FAC47927-1A6A-4C6E-AD7D-E9756794A4BC}) (Version: 1.3.23.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{758842D2-1538-4008-A8E3-66F65A061C52}) (Version: 2.0.33.0 - Epic Games, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 114.0.5735.199 - Google LLC)
Heroes of Might and Magic 4 Complete (HKLM-x32\...\GOGPACKHOMM4COMPLETE_is1) (Version: 2.0.0.12 - GOG.com)
Intel(R) Network Connections 23.5.2.0 (HKLM\...\{A19B2B3C-60C7-43AF-814D-3B95DE6374AB}) (Version: 23.5.2.0 - Intel) Hidden
Intel(R) Network Connections 23.5.2.0 (HKLM\...\PROSetDX) (Version: 23.5.2.0 - Intel)
iVMS-4200 (HKLM-x32\...\{CE2F96D0-63D2-4B9C-A8D6-0D1A60840BD8}) (Version: 3.9.1.4 - Hangzhou Hikvision Digital Technology Co., Ltd.)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0.1 - AppWork GmbH)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-492486965-1052166103-1122767365-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 114.0.1823.67 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 114.0.1823.67 - Microsoft Corporation)
Microsoft Office LTSC Standard 2021 - cs-cz (HKLM\...\Standard2021Volume - cs-cz) (Version: 16.0.14332.20517 - Microsoft Corporation)
Microsoft Office LTSC Standard 2021 - en-us (HKLM\...\Standard2021Volume - en-us) (Version: 16.0.14332.20517 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.127.0618.0001 - Microsoft Corporation)
Microsoft Project Professional 2021 - cs-cz (HKLM\...\ProjectPro2021Volume - cs-cz) (Version: 16.0.14332.20517 - Microsoft Corporation)
Microsoft Project Professional 2021 - en-us (HKLM\...\ProjectPro2021Volume - en-us) (Version: 16.0.14332.20517 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{43D501A5-E5E3-46EC-8F33-9E15D2A2CBD5}) (Version: 5.70.0.0 - Microsoft Corporation)
Microsoft Visio LTSC Professional 2021 - cs-cz (HKLM\...\VisioPro2021Volume - cs-cz) (Version: 16.0.14332.20517 - Microsoft Corporation)
Microsoft Visio LTSC Professional 2021 - en-us (HKLM\...\VisioPro2021Volume - en-us) (Version: 16.0.14332.20517 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{56F27690-F6EA-3356-980A-02BA379506EE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
MSVCRT Redists (HKLM\...\{24DB3A5E-0BC8-11E5-9A27-F04DA23A5C58}) (Version: 1.0 - Sony Creative Software Inc.) Hidden
Odinstalace tiskárny EPSON L1210 Series (HKLM\...\EPSON L1210 Series) (Version: - Seiko Epson Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20517 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20517 - Microsoft Corporation) Hidden
PrusaSlicer 2.5.2 (HKLM\...\{FBE73AF1-3C76-43E6-98E8-0AAAD6465229}) (Version: 2.5.2 - Prusa Research) Hidden
PrusaSlicer 2.5.2 (HKLM\...\PrusaSlicer 2.5.2 2.5.2) (Version: 2.5.2 - Prusa Research)
qBittorrent (HKLM-x32\...\qBittorrent) (Version: 4.5.3 - The qBittorrent project)
RyzenMasterSDK (HKLM\...\{3F1B6C48-F2DB-408F-8A66-BEF55D241D10}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden
SmartGuard Anti-Cheat (HKLM\...\SmartGuardAntiCheat) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak (HKLM\...\{0019729D-4C8C-4626-8457-7FF210E1BE19}) (Version: 5.0.0 - TeamSpeak)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.43.6 - TeamViewer)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 87.0 - Ubisoft)
Vegas Pro 13.0 (64-bit) (HKLM\...\{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 - Sony)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.17.4 - VideoLAN)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Packages:
=========
Alienware Command Center -> C:\Program Files\WindowsApps\DellInc.AlienwareCommandCenter_5.5.49.0_x64__htrsf667h5kn2 [2023-06-29] (Dell Inc)
Alienware Sound Center -> C:\Program Files\WindowsApps\DellInc.AlienwareSoundCenter_1.5.13.0_x64__htrsf667h5kn2 [2023-06-29] (Dell Inc)
AMD Radeon Software -> C:\Program Files\AMD\CNext\CNext [2023-06-13] (0)
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.55.2.0_x64__6rarf9sa4v8jt [2023-06-22] (Disney)
ms-resource:app_name_ms_todo -> C:\Program Files\WindowsApps\Microsoft.Todos_2.97.61391.0_x64__8wekyb3d8bbwe [2023-05-30] (Microsoft Corporation) [Startup Task]
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.60961.0_x64__8wekyb3d8bbwe [2023-05-11] (Microsoft Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-03-19] (Microsoft Studios) [MS Ad]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2325.5.0_x64__cv1g1gvanyjgm [2023-07-07] (WhatsApp Inc.) [Startup Task]
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.851.1712.0_x64__8wekyb3d8bbwe [2023-06-08] (Microsoft Corporation)
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.851.1712.0_x86__8wekyb3d8bbwe [2023-06-08] (Microsoft Corporation)
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.882.2207.0_x64__8wekyb3d8bbwe [2023-06-27] (Microsoft Corporation)
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.882.2207.0_x86__8wekyb3d8bbwe [2023-06-27] (Microsoft Corporation)
WinRAR -> C:\Program Files\WinRAR [2022-08-21] (0)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-492486965-1052166103-1122767365-1001_Classes\CLSID\{5C4D8D77-5B87-40CA-884E-F56858227E5C}\localserver32 -> C:\Program Files\TeamSpeak\notification_helper.exe => No File
CustomCLSID: HKU\S-1-5-21-492486965-1052166103-1122767365-1001_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\kvask\AppData\Local\Autodesk\webdeploy\production\a025d29cc566c591e9a766a22ab936c55abdd11a\NPreview10.dll (Autodesk, Inc. -> )
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-07-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-07-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-07-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-07-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-07-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-07-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-07-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-07-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-07-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-07-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-07-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-07-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-07-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-07-08] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-07-08] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-07-08] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-07-08] (Microsoft Corporation -> Microsoft Corporation)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-05-15 18:12 - 2020-05-15 18:12 - 000217600 _____ () [File not signed] [File is in use] C:\Program Files\Alienware\AWHeadsetCenter\AW988HWControl\MainController\Gaming.IPC.RpcServer.dll
2018-12-20 12:49 - 2018-12-20 12:49 - 000372736 _____ (Intel(R) Corporation) [File not signed] C:\Windows\system32\NCS2Setp.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\kvask\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\kvask\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-11-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-11-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-11-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-11-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-11-18] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2021-06-05 14:08 - 2021-06-05 14:08 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-492486965-1052166103-1122767365-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 91.221.212.18 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "SecurityHealth"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{0F0F06F6-7B19-4FB7-BC7E-AC1F910A4791}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{4739B94C-109C-4BDA-9C5E-4B2936BC7751}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{B448B0DA-C05F-472A-B294-3E07D838E289}C:\program files (x86)\steam\steamapps\common\super people\bravohotelgame\binaries\win64\bravohotelclient-win64-shipping.protected.exe] => (Block) C:\program files (x86)\steam\steamapps\common\super people\bravohotelgame\binaries\win64\bravohotelclient-win64-shipping.protected.exe => No File
FirewallRules: [UDP Query User{7B965F70-100F-42B8-8847-E2AA3179E0AC}C:\program files (x86)\steam\steamapps\common\super people\bravohotelgame\binaries\win64\bravohotelclient-win64-shipping.protected.exe] => (Block) C:\program files (x86)\steam\steamapps\common\super people\bravohotelgame\binaries\win64\bravohotelclient-win64-shipping.protected.exe => No File
FirewallRules: [TCP Query User{D8078E22-5863-47A7-926A-5F933C09C85C}D:\games\riot games\riot client\riotclientservices.exe] => (Allow) D:\games\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{FE6422A1-4CA0-488F-98B6-DB796EC2B1B7}D:\games\riot games\riot client\riotclientservices.exe] => (Allow) D:\games\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{19475691-19F4-44FB-9A7E-12911FCA7405}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A06752D5-1991-4D8D-9E6B-A08983785B55}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{36FFC81D-34BC-4C68-9D43-8A08502603A8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{569C2463-EAA7-4020-BCD5-C5BBA7CF9170}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{0B87C289-E5E3-41D9-9DBF-4C6EB045D0DB}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{387C5CDC-69CD-47D6-B745-794A4084207F}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{C390F220-4762-4774-8FD7-EF5AD3375059}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [UDP Query User{86BE9DA8-BE91-4ABD-9CDD-9C22E88F80A5}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [{FEFBCB8D-8F25-4928-9D37-7989DD7E95A8}] => (Allow) D:\SteamLibrary\steamapps\common\SUPER PEOPLE\geegeerun.exe => No File
FirewallRules: [{09E1F6DB-88E6-49DE-A246-7750070AD566}] => (Allow) D:\SteamLibrary\steamapps\common\SUPER PEOPLE\geegeerun.exe => No File
FirewallRules: [TCP Query User{0A64EF73-8581-47CA-A9BE-7560ED10135E}D:\steamlibrary\steamapps\common\super people\bravohotelgame\binaries\win64\bravohotelclient-win64-shipping.protected.exe] => (Allow) D:\steamlibrary\steamapps\common\super people\bravohotelgame\binaries\win64\bravohotelclient-win64-shipping.protected.exe => No File
FirewallRules: [UDP Query User{D00886F4-D8EA-4E90-B1A6-814E960AB237}D:\steamlibrary\steamapps\common\super people\bravohotelgame\binaries\win64\bravohotelclient-win64-shipping.protected.exe] => (Allow) D:\steamlibrary\steamapps\common\super people\bravohotelgame\binaries\win64\bravohotelclient-win64-shipping.protected.exe => No File
FirewallRules: [{982ADA10-5CC2-43AD-AB8A-50C5DB01FEF0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{4F1BAC71-F6B2-445E-AB18-F0D9D5DFBA98}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [UDP Query User{F23DFFB9-8E4C-445B-AF35-AC72DA420359}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{CFFCFEFB-F89F-47C7-B55B-DDB5A2795455}] => (Allow) LPort=1688
FirewallRules: [TCP Query User{BEE906F5-8345-491B-84D8-4D5BDF8B9638}D:\games\call of duty\_retail_\cod.exe] => (Allow) D:\games\call of duty\_retail_\cod.exe => No File
FirewallRules: [UDP Query User{32E08901-ADAA-4336-B603-97E616B05C3A}D:\games\call of duty\_retail_\cod.exe] => (Allow) D:\games\call of duty\_retail_\cod.exe => No File
FirewallRules: [{9DC9FFA5-9025-4285-8A5B-F71DD966CFC9}] => (Allow) D:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client.exe () [File not signed]
FirewallRules: [{1EAECC0D-3D07-4C33-9A63-DAB0615BB44E}] => (Allow) D:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client.exe () [File not signed]
FirewallRules: [TCP Query User{8F2109BB-C685-49AF-BA85-2537C265F112}D:\games\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\games\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{3D5CD87C-2709-4BFE-9620-C75BD825E116}D:\games\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\games\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [TCP Query User{CAF71E84-15F0-4308-8C28-D59E51EB0CE0}D:\steamlibrary\steamapps\common\naraka bladepoint\narakabladepoint.exe] => (Allow) D:\steamlibrary\steamapps\common\naraka bladepoint\narakabladepoint.exe => No File
FirewallRules: [UDP Query User{0EB69D7F-3154-4E76-B648-150CE4A07E08}D:\steamlibrary\steamapps\common\naraka bladepoint\narakabladepoint.exe] => (Allow) D:\steamlibrary\steamapps\common\naraka bladepoint\narakabladepoint.exe => No File
FirewallRules: [TCP Query User{FAAB5450-6907-4DCF-869F-69ED7C602D80}C:\users\kvask\onedrive\desktop\winbox64.exe] => (Allow) C:\users\kvask\onedrive\desktop\winbox64.exe => No File
FirewallRules: [UDP Query User{2310A3D2-B620-4897-9FF7-76B02A666771}C:\users\kvask\onedrive\desktop\winbox64.exe] => (Allow) C:\users\kvask\onedrive\desktop\winbox64.exe => No File
FirewallRules: [TCP Query User{C7C85CD6-FD40-463C-B167-BC7D35DB8929}C:\program files (x86)\ivms-4200 site\ivms-4200 client\server\ivms-4200.topology.s\ivms-4200.topology.s.exe] => (Allow) C:\program files (x86)\ivms-4200 site\ivms-4200 client\server\ivms-4200.topology.s\ivms-4200.topology.s.exe (Hangzhou Hikvision Digital Tech.Co.,Ltd -> )
FirewallRules: [UDP Query User{42EA792D-9072-42B8-9B65-C08E9068841B}C:\program files (x86)\ivms-4200 site\ivms-4200 client\server\ivms-4200.topology.s\ivms-4200.topology.s.exe] => (Allow) C:\program files (x86)\ivms-4200 site\ivms-4200 client\server\ivms-4200.topology.s\ivms-4200.topology.s.exe (Hangzhou Hikvision Digital Tech.Co.,Ltd -> )
FirewallRules: [TCP Query User{85DC1F7C-3198-4BB5-B078-B81D1462821C}C:\program files (x86)\ivms-4200 site\ivms-4200 client\client\ivms-4200.devicemanagement.c\ivms-4200.devicemanagement.c.exe] => (Allow) C:\program files (x86)\ivms-4200 site\ivms-4200 client\client\ivms-4200.devicemanagement.c\ivms-4200.devicemanagement.c.exe (Hangzhou Hikvision Digital Tech.Co.,Ltd -> )
FirewallRules: [UDP Query User{085858B0-3AFF-4FBD-97F6-AA3BB27AF27B}C:\program files (x86)\ivms-4200 site\ivms-4200 client\client\ivms-4200.devicemanagement.c\ivms-4200.devicemanagement.c.exe] => (Allow) C:\program files (x86)\ivms-4200 site\ivms-4200 client\client\ivms-4200.devicemanagement.c\ivms-4200.devicemanagement.c.exe (Hangzhou Hikvision Digital Tech.Co.,Ltd -> )
FirewallRules: [TCP Query User{70AEABBF-74AA-4C0C-AC34-F5C50CB5C0AA}C:\users\kvask\appdata\local\discord\app-1.0.9013\discord.exe] => (Allow) C:\users\kvask\appdata\local\discord\app-1.0.9013\discord.exe (Discord Inc. -> Discord Inc.)
FirewallRules: [UDP Query User{DDF044CF-042D-4E44-8DF4-6C66DF1ADB10}C:\users\kvask\appdata\local\discord\app-1.0.9013\discord.exe] => (Allow) C:\users\kvask\appdata\local\discord\app-1.0.9013\discord.exe (Discord Inc. -> Discord Inc.)
FirewallRules: [{E1819D44-7FC6-4CBC-A410-B73E2BC38C84}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty HQ\cod.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{9AA9D748-8E17-4694-8134-9E97F3B5118A}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty HQ\cod.exe (Activision Publishing Inc -> Activision)
FirewallRules: [TCP Query User{5B774C6C-3E1C-4861-89DC-854EF4789E8C}D:\games\call of duty modern warfare\call of duty\_retail_\cod.exe] => (Allow) D:\games\call of duty modern warfare\call of duty\_retail_\cod.exe => No File
FirewallRules: [UDP Query User{B218A039-6EA2-4F8B-B2C3-8B31E9C5AE40}D:\games\call of duty modern warfare\call of duty\_retail_\cod.exe] => (Allow) D:\games\call of duty modern warfare\call of duty\_retail_\cod.exe => No File
FirewallRules: [TCP Query User{AA83DD20-38D4-467A-AC10-CC6DB6763C13}D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Allow) D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe (Activision Publishing Inc -> ) [File not signed]
FirewallRules: [UDP Query User{92C9287F-4BF4-4A2E-8D10-CB9622D5FB72}D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Allow) D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe (Activision Publishing Inc -> ) [File not signed]
FirewallRules: [{9C200AC9-BF6B-49B9-9285-691DCBC20EE9}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23153.2000.2140.6533_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7098B7C1-818B-4473-86E2-4150D598917B}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23153.2000.2140.6533_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{029CE8CA-9A50-4AAA-95E1-65AFF3CDE7A7}] => (Allow) D:\SteamLibrary\steamapps\common\PICO_PARK\pico_park.exe () [File not signed]
FirewallRules: [{A0320EDB-3CDB-46FC-AEC8-D65752DF518B}] => (Allow) D:\SteamLibrary\steamapps\common\PICO_PARK\pico_park.exe () [File not signed]
FirewallRules: [{BA9B4889-A472-499A-8796-51E7D3F951E0}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E9B8B9A5-AD83-4962-A1CE-7B04655A67B8}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E53B8A70-D748-4114-ABE1-790F95B389A0}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6E472BD3-36C3-40D1-906F-1C1641C9804F}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C45B1CCE-856B-4F66-A522-E388D31EC04A}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{39175AE6-932C-4C52-A87F-4673486CF382}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\114.0.1823.67\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D9EC6DAD-807A-46FE-BCDB-646EFB7E8C43}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{B6952FD2-3F2F-4739-A83C-68EA3AB017EC}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
==================== Restore Points =========================
27-06-2023 09:57:46 Scheduled Checkpoint
30-06-2023 21:02:56 Installed Alienware Command Center Suite
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (07/08/2023 09:41:55 AM) (Source: Application Error) (EventID: 1000) (User: WARMACHINE)
Description: Faulting application name: Razer Synapse 3.exe, version: 3.1.627.5, time stamp: 0xb4cdc427
Faulting module name: KERNELBASE.dll, version: 10.0.22621.1778, time stamp: 0x11df5af5
Exception code: 0xe0434352
Fault offset: 0x00148462
Faulting process ID: 0x0x2f94
Faulting application start time: 0x0x1d9b16faad3ccfa
Faulting application path: C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report ID: a65d03f5-d786-4ec6-93e9-4230728eab04
Faulting package full name:
Faulting package-relative application ID:
Error: (07/08/2023 09:41:55 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Razer Synapse 3.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.BadImageFormatException
at Razer.Synapse3.App..cctor()
Exception Info: System.TypeInitializationException
at Razer.Synapse3.App+<>c.<.ctor>b__27_0(System.ServiceProcess.ServiceController)
at System.Linq.Enumerable.FirstOrDefault[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.Collections.Generic.IEnumerable`1<System.__Canon>, System.Func`2<System.__Canon,Boolean>)
at Razer.Synapse3.App..ctor()
at Razer.Synapse3.App.Main()
Error: (07/08/2023 03:07:37 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\WARMACHINE$ via https://AMD-KeyId-907d65e9b562315997dd5 ... s/Aik/scep failed:
GetCACaps
Method: GET(0ms)
Stage: GetCACaps
The server name or address could not be resolved 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)
Error: (07/08/2023 03:07:37 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for Local system via https://AMD-KeyId-907d65e9b562315997dd5 ... s/Aik/scep failed:
GetCACaps
Method: GET(47ms)
Stage: GetCACaps
The server name or address could not be resolved 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)
Error: (07/08/2023 02:37:04 AM) (Source: Application Error) (EventID: 1000) (User: WARMACHINE)
Description: Faulting application name: Razer Synapse 3.exe, version: 3.1.627.5, time stamp: 0xb4cdc427
Faulting module name: KERNELBASE.dll, version: 10.0.22621.1778, time stamp: 0x11df5af5
Exception code: 0xe0434352
Fault offset: 0x00148462
Faulting process ID: 0x0x2d40
Faulting application start time: 0x0x1d9b13451250a6b
Faulting application path: C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report ID: 600e8954-7fe9-4909-be23-1ee30ed03e3d
Faulting package full name:
Faulting package-relative application ID:
Error: (07/08/2023 02:37:04 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Razer Synapse 3.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.BadImageFormatException
at Razer.Synapse3.App..cctor()
Exception Info: System.TypeInitializationException
at Razer.Synapse3.App+<>c.<.ctor>b__27_0(System.ServiceProcess.ServiceController)
at System.Linq.Enumerable.FirstOrDefault[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.Collections.Generic.IEnumerable`1<System.__Canon>, System.Func`2<System.__Canon,Boolean>)
at Razer.Synapse3.App..ctor()
at Razer.Synapse3.App.Main()
Error: (07/08/2023 02:36:57 AM) (Source: Application Error) (EventID: 1000) (User: WARMACHINE)
Description: Faulting application name: AWCC.exe, version: 5.5.49.0, time stamp: 0x6489dd39
Faulting module name: twinapi.appcore.dll, version: 10.0.22621.1778, time stamp: 0x8a05c015
Exception code: 0xc000027b
Fault offset: 0x00000000000c07f3
Faulting process ID: 0x0x24ac
Faulting application start time: 0x0x1d9b1344b6edf7f
Faulting application path: C:\Program Files\WindowsApps\DellInc.AlienwareCommandCenter_5.5.49.0_x64__htrsf667h5kn2\AWCC.exe
Faulting module path: C:\WINDOWS\SYSTEM32\twinapi.appcore.dll
Report ID: 5f5c9166-a548-4f4a-8ccd-05c751137baf
Faulting package full name: DellInc.AlienwareCommandCenter_5.5.49.0_x64__htrsf667h5kn2
Faulting package-relative application ID: App
Error: (07/08/2023 02:36:58 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\WARMACHINE$ via https://AMD-KeyId-907d65e9b562315997dd5 ... s/Aik/scep failed:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sat, 08 Jul 2023 00:36:59 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: f5faf2c1-5ec7-4701-918b-c9b2d568d25b
Method: GET(640ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
System errors:
=============
Error: (07/08/2023 08:33:27 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume E:.
A bad cluster was discovered while accessing file data. The file reference number is 0x2000000000002. The name of the file is "<unable to determine file name>". The extent containing the bad cluster is located at Vcn 0x24, Lcn 0xba306.
Error: (07/08/2023 08:33:27 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume E:.
A bad cluster was discovered while accessing file data. The file reference number is 0x2000000000002. The name of the file is "<unable to determine file name>". The extent containing the bad cluster is located at Vcn 0x23, Lcn 0xba305.
Error: (07/08/2023 08:33:27 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume E:.
A bad cluster was discovered while accessing file data. The file reference number is 0x2000000000002. The name of the file is "<unable to determine file name>". The extent containing the bad cluster is located at Vcn 0x3, Lcn 0xba2e5.
Error: (07/08/2023 08:33:27 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume E:.
A bad cluster was discovered while accessing file data. The file reference number is 0x2000000000002. The name of the file is "<unable to determine file name>". The extent containing the bad cluster is located at Vcn 0x13, Lcn 0xba2f5.
Error: (07/08/2023 08:33:27 PM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT AUTHORITY)
Description: E:\Device\HarddiskVolume83
Error: (07/08/2023 08:33:26 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR5, has a bad block.
Error: (07/08/2023 08:33:19 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR5, has a bad block.
Error: (07/08/2023 08:33:12 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR5, has a bad block.
Windows Defender:
================
Date: 2023-07-08 01:39:36
Description:
Řízený přístup ke složkám zablokoval pro C:\Users\kvask\Downloads\Infinite Elmore\Infinite Elmore\system\L2.bin provádění změn v paměti.
Čas detekce: 2023-07-07T23:39:36.060Z
Uživatel: WarMachine\kvask
Cesta: \Device\Harddisk0\DR5
Název procesu: C:\Users\kvask\Downloads\Infinite Elmore\Infinite Elmore\system\L2.bin
Verze bezpečnostních informací: 1.391.3856.0
Verze modulu: 1.1.23050.3
Verze produktu: 4.18.23050.5
Date: 2023-07-08 00:00:37
Description:
Řízený přístup ke složkám zablokoval pro C:\Users\kvask\Downloads\Infinite Elmore\Infinite Elmore\system\L2.bin provádění změn v paměti.
Čas detekce: 2023-07-07T22:00:37.977Z
Uživatel: WarMachine\kvask
Cesta: \Device\Harddisk0\DR5
Název procesu: C:\Users\kvask\Downloads\Infinite Elmore\Infinite Elmore\system\L2.bin
Verze bezpečnostních informací: 1.391.3856.0
Verze modulu: 1.1.23050.3
Verze produktu: 4.18.23050.5
Date: 2023-07-07 00:50:41
Description:
Prohledávání Microsoft Defender Antivirus bylo zastaveno před dokončením.
ID prohledávání: {39989CC1-5193-4024-B92D-60C8E72FE436}
Typ prohledávání: Antimalware
Parametry prohledávání: Quick Scan
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-07-06 19:23:04
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files\qBittorrent\qbittorrent.exe možnost upravit %userprofile%\Favorites.
Čas detekce: 2023-07-06T17:23:04.923Z
Uživatel: WarMachine\kvask
Cesta: %userprofile%\Favorites
Název procesu: C:\Program Files\qBittorrent\qbittorrent.exe
Verze bezpečnostních informací: 1.391.3726.0
Verze modulu: 1.1.23050.3
Verze produktu: 4.18.23050.5
Date: 2023-07-06 00:10:47
Description:
Prohledávání Microsoft Defender Antivirus bylo zastaveno před dokončením.
ID prohledávání: {19FE0481-08A6-4B41-82FC-5BAFC9FC8995}
Typ prohledávání: Antimalware
Parametry prohledávání: Quick Scan
Uživatel: NT AUTHORITY\SYSTEM
CodeIntegrity:
===============
Date: 2023-07-08 03:19:32
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-07-08 03:07:35
Description:
Code Integrity determined that a process (System) attempted to load \Device\HarddiskVolume3\Windows\System32\drivers\iqvw64e.sys that did not meet the Authenticode signing level requirements or violated code integrity policy (Policy ID:{d2bda982-ccf6-4344-ac5b-0b44427b6816}).
Date: 2023-07-08 03:07:35
Description:
The driver \Device\HarddiskVolume3\Windows\System32\drivers\iqvw64e.sys is blocked from loading as the driver has been revoked by Microsoft.
Date: 2023-07-07 23:21:54
Description:
Code Integrity determined that a process (System) attempted to load \Device\HarddiskVolume3\Users\kvask\AppData\Local\Temp\ActiveAnticheat\1223564\active64.sys that is not compatible with hypervisor enforcement. Failure bitmap 0x8. Status 0xC000004E.
==================== Memory info ===========================
BIOS: American Megatrends Inc. P3.50 04/15/2021
Motherboard: ASRock X570M Pro4
Processor: AMD Ryzen 7 3700X 8-Core Processor
Percentage of memory in use: 31%
Total physical RAM: 32693.11 MB
Available physical RAM: 22337.98 MB
Total Virtual: 38537.11 MB
Available Virtual: 23934.43 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:476.23 GB) (Free:163.55 GB) (Model: KBG40ZNV512G KIOXIA) NTFS
Drive d: () (Fixed) (Total:476.94 GB) (Free:199.18 GB) (Model: SAMSUNG MZVLW512HMJP-00000) NTFS
Drive e: (1TB) (Fixed) (Total:931.51 GB) (Free:810.45 GB) (Model: WDC WD1002FBYS-02A6B0) NTFS
Drive f: () (Fixed) (Total:2794.52 GB) (Free:2651.23 GB) (Model: WDC WD3003FZEX-00Z4SA0) NTFS
Drive g: () (Removable) (Total:0 GB) (Free:0 GB)
\\?\Volume{f1b6381c-1acc-4a5a-9b2c-40f66a1c565b}\ () (Fixed) (Total:0.6 GB) (Free:0.08 GB) NTFS
\\?\Volume{82ae0585-a009-462d-a45e-7a2e5065e0f9}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0008473D)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (Size: 2794.5 GB) (Disk ID: 07A5BF4A)
Partition: GPT.
==========================================================
Disk: 2 (Size: 476.9 GB) (Disk ID: C211CCFF)
Partition: GPT.
==========================================================
Disk: 3 (Size: 476.9 GB) (Disk ID: 73D9D171)
Partition: GPT.
==================== End of Addition.txt =======================
Ran by kvask (08-07-2023 20:36:41)
Running from C:\Users\kvask\Downloads
Microsoft Windows 11 Pro Version 22H2 22621.1848 (X64) (2022-09-21 02:21:56)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-492486965-1052166103-1122767365-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-492486965-1052166103-1122767365-503 - Limited - Disabled)
Guest (S-1-5-21-492486965-1052166103-1122767365-501 - Limited - Disabled)
kvask (S-1-5-21-492486965-1052166103-1122767365-1001 - Administrator - Enabled) => C:\Users\kvask
WDAGUtilityAccount (S-1-5-21-492486965-1052166103-1122767365-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 23.003.20215 - Adobe)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_2_2) (Version: 21.2.2.289 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Alienware Command Center Package Manager (HKLM-x32\...\{D2DA930B-CB5D-4DD6-BF62-BE6C310A353D}) (Version: 5.5.49.0 - Dell Inc.)
Alienware Command Center Suite (HKLM\...\{6DD143CB-274F-4FB2-A73E-87971A890A3C}) (Version: 5.5.49.0 - Dell Inc.) Hidden
Alienware Command Center Suite (HKLM-x32\...\InstallShield_{6DD143CB-274F-4FB2-A73E-87971A890A3C}) (Version: 5.5.49.0 - Dell Inc.) Hidden
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 3.10.22.706 - Advanced Micro Devices, Inc.)
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.83 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.17.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 7.0.4.4 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 23.5.2 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{cf77cf6b-71ff-4a71-802d-43adb9b271b7}) (Version: 3.10.22.706 - Advanced Micro Devices, Inc.) Hidden
Autodesk Fusion 360 (HKU\S-1-5-21-492486965-1052166103-1122767365-1001\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.16265 - Autodesk, Inc.)
AW988 HW Control (HKLM-x32\...\{27f62ca6-f3b1-463e-a2ff-fdcb721925d6}) (Version: 2.1.2 - Alienware) Hidden
AWHeadsetDriverInstallerSetup (HKLM\...\{BBB8F580-EB0A-406D-814B-9BF985985B9B}) (Version: 2.1.201 - Alienware) Hidden
BinaryHWControlSetup (HKLM\...\{24E299BF-3A14-4834-94B2-FDCDD54817EA}) (Version: 2.1.201 - Alienware) Hidden
Branding64 (HKLM\...\{2A677A6A-43E8-4FE3-A273-07B0E27DADAE}) (Version: 1.00.0008 - Advanced Micro Devices, Inc.) Hidden
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment)
Crash Bandicoot N Sane Trilogy (HKLM-x32\...\Crash Bandicoot N Sane Trilogy_is1) (Version: - )
Discord (HKU\S-1-5-21-492486965-1052166103-1122767365-1001\...\Discord) (Version: 1.0.9006 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{FAC47927-1A6A-4C6E-AD7D-E9756794A4BC}) (Version: 1.3.23.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{758842D2-1538-4008-A8E3-66F65A061C52}) (Version: 2.0.33.0 - Epic Games, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 114.0.5735.199 - Google LLC)
Heroes of Might and Magic 4 Complete (HKLM-x32\...\GOGPACKHOMM4COMPLETE_is1) (Version: 2.0.0.12 - GOG.com)
Intel(R) Network Connections 23.5.2.0 (HKLM\...\{A19B2B3C-60C7-43AF-814D-3B95DE6374AB}) (Version: 23.5.2.0 - Intel) Hidden
Intel(R) Network Connections 23.5.2.0 (HKLM\...\PROSetDX) (Version: 23.5.2.0 - Intel)
iVMS-4200 (HKLM-x32\...\{CE2F96D0-63D2-4B9C-A8D6-0D1A60840BD8}) (Version: 3.9.1.4 - Hangzhou Hikvision Digital Technology Co., Ltd.)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0.1 - AppWork GmbH)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-492486965-1052166103-1122767365-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 114.0.1823.67 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 114.0.1823.67 - Microsoft Corporation)
Microsoft Office LTSC Standard 2021 - cs-cz (HKLM\...\Standard2021Volume - cs-cz) (Version: 16.0.14332.20517 - Microsoft Corporation)
Microsoft Office LTSC Standard 2021 - en-us (HKLM\...\Standard2021Volume - en-us) (Version: 16.0.14332.20517 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 23.127.0618.0001 - Microsoft Corporation)
Microsoft Project Professional 2021 - cs-cz (HKLM\...\ProjectPro2021Volume - cs-cz) (Version: 16.0.14332.20517 - Microsoft Corporation)
Microsoft Project Professional 2021 - en-us (HKLM\...\ProjectPro2021Volume - en-us) (Version: 16.0.14332.20517 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{43D501A5-E5E3-46EC-8F33-9E15D2A2CBD5}) (Version: 5.70.0.0 - Microsoft Corporation)
Microsoft Visio LTSC Professional 2021 - cs-cz (HKLM\...\VisioPro2021Volume - cs-cz) (Version: 16.0.14332.20517 - Microsoft Corporation)
Microsoft Visio LTSC Professional 2021 - en-us (HKLM\...\VisioPro2021Volume - en-us) (Version: 16.0.14332.20517 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{56F27690-F6EA-3356-980A-02BA379506EE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
MSVCRT Redists (HKLM\...\{24DB3A5E-0BC8-11E5-9A27-F04DA23A5C58}) (Version: 1.0 - Sony Creative Software Inc.) Hidden
Odinstalace tiskárny EPSON L1210 Series (HKLM\...\EPSON L1210 Series) (Version: - Seiko Epson Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20517 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14332.20517 - Microsoft Corporation) Hidden
PrusaSlicer 2.5.2 (HKLM\...\{FBE73AF1-3C76-43E6-98E8-0AAAD6465229}) (Version: 2.5.2 - Prusa Research) Hidden
PrusaSlicer 2.5.2 (HKLM\...\PrusaSlicer 2.5.2 2.5.2) (Version: 2.5.2 - Prusa Research)
qBittorrent (HKLM-x32\...\qBittorrent) (Version: 4.5.3 - The qBittorrent project)
RyzenMasterSDK (HKLM\...\{3F1B6C48-F2DB-408F-8A66-BEF55D241D10}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden
SmartGuard Anti-Cheat (HKLM\...\SmartGuardAntiCheat) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak (HKLM\...\{0019729D-4C8C-4626-8457-7FF210E1BE19}) (Version: 5.0.0 - TeamSpeak)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.43.6 - TeamViewer)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 87.0 - Ubisoft)
Vegas Pro 13.0 (64-bit) (HKLM\...\{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 - Sony)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.17.4 - VideoLAN)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Packages:
=========
Alienware Command Center -> C:\Program Files\WindowsApps\DellInc.AlienwareCommandCenter_5.5.49.0_x64__htrsf667h5kn2 [2023-06-29] (Dell Inc)
Alienware Sound Center -> C:\Program Files\WindowsApps\DellInc.AlienwareSoundCenter_1.5.13.0_x64__htrsf667h5kn2 [2023-06-29] (Dell Inc)
AMD Radeon Software -> C:\Program Files\AMD\CNext\CNext [2023-06-13] (0)
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.55.2.0_x64__6rarf9sa4v8jt [2023-06-22] (Disney)
ms-resource:app_name_ms_todo -> C:\Program Files\WindowsApps\Microsoft.Todos_2.97.61391.0_x64__8wekyb3d8bbwe [2023-05-30] (Microsoft Corporation) [Startup Task]
ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.60961.0_x64__8wekyb3d8bbwe [2023-05-11] (Microsoft Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-03-19] (Microsoft Studios) [MS Ad]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2325.5.0_x64__cv1g1gvanyjgm [2023-07-07] (WhatsApp Inc.) [Startup Task]
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.851.1712.0_x64__8wekyb3d8bbwe [2023-06-08] (Microsoft Corporation)
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.851.1712.0_x86__8wekyb3d8bbwe [2023-06-08] (Microsoft Corporation)
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.882.2207.0_x64__8wekyb3d8bbwe [2023-06-27] (Microsoft Corporation)
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.882.2207.0_x86__8wekyb3d8bbwe [2023-06-27] (Microsoft Corporation)
WinRAR -> C:\Program Files\WinRAR [2022-08-21] (0)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-492486965-1052166103-1122767365-1001_Classes\CLSID\{5C4D8D77-5B87-40CA-884E-F56858227E5C}\localserver32 -> C:\Program Files\TeamSpeak\notification_helper.exe => No File
CustomCLSID: HKU\S-1-5-21-492486965-1052166103-1122767365-1001_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\kvask\AppData\Local\Autodesk\webdeploy\production\a025d29cc566c591e9a766a22ab936c55abdd11a\NPreview10.dll (Autodesk, Inc. -> )
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-07-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-07-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-07-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-07-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-07-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-07-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-07-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-07-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-07-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-07-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-07-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-07-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-07-08] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-07-08] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-07-08] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-07-08] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\23.127.0618.0001\FileSyncShell64.dll [2023-07-08] (Microsoft Corporation -> Microsoft Corporation)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-05-15 18:12 - 2020-05-15 18:12 - 000217600 _____ () [File not signed] [File is in use] C:\Program Files\Alienware\AWHeadsetCenter\AW988HWControl\MainController\Gaming.IPC.RpcServer.dll
2018-12-20 12:49 - 2018-12-20 12:49 - 000372736 _____ (Intel(R) Corporation) [File not signed] C:\Windows\system32\NCS2Setp.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\kvask\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\kvask\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-11-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-11-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-11-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-11-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-11-18] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2021-06-05 14:08 - 2021-06-05 14:08 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-492486965-1052166103-1122767365-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 91.221.212.18 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "SecurityHealth"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{0F0F06F6-7B19-4FB7-BC7E-AC1F910A4791}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{4739B94C-109C-4BDA-9C5E-4B2936BC7751}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{B448B0DA-C05F-472A-B294-3E07D838E289}C:\program files (x86)\steam\steamapps\common\super people\bravohotelgame\binaries\win64\bravohotelclient-win64-shipping.protected.exe] => (Block) C:\program files (x86)\steam\steamapps\common\super people\bravohotelgame\binaries\win64\bravohotelclient-win64-shipping.protected.exe => No File
FirewallRules: [UDP Query User{7B965F70-100F-42B8-8847-E2AA3179E0AC}C:\program files (x86)\steam\steamapps\common\super people\bravohotelgame\binaries\win64\bravohotelclient-win64-shipping.protected.exe] => (Block) C:\program files (x86)\steam\steamapps\common\super people\bravohotelgame\binaries\win64\bravohotelclient-win64-shipping.protected.exe => No File
FirewallRules: [TCP Query User{D8078E22-5863-47A7-926A-5F933C09C85C}D:\games\riot games\riot client\riotclientservices.exe] => (Allow) D:\games\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{FE6422A1-4CA0-488F-98B6-DB796EC2B1B7}D:\games\riot games\riot client\riotclientservices.exe] => (Allow) D:\games\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{19475691-19F4-44FB-9A7E-12911FCA7405}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A06752D5-1991-4D8D-9E6B-A08983785B55}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{36FFC81D-34BC-4C68-9D43-8A08502603A8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{569C2463-EAA7-4020-BCD5-C5BBA7CF9170}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{0B87C289-E5E3-41D9-9DBF-4C6EB045D0DB}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{387C5CDC-69CD-47D6-B745-794A4084207F}C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) C:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{C390F220-4762-4774-8FD7-EF5AD3375059}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [UDP Query User{86BE9DA8-BE91-4ABD-9CDD-9C22E88F80A5}D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steamlibrary\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [{FEFBCB8D-8F25-4928-9D37-7989DD7E95A8}] => (Allow) D:\SteamLibrary\steamapps\common\SUPER PEOPLE\geegeerun.exe => No File
FirewallRules: [{09E1F6DB-88E6-49DE-A246-7750070AD566}] => (Allow) D:\SteamLibrary\steamapps\common\SUPER PEOPLE\geegeerun.exe => No File
FirewallRules: [TCP Query User{0A64EF73-8581-47CA-A9BE-7560ED10135E}D:\steamlibrary\steamapps\common\super people\bravohotelgame\binaries\win64\bravohotelclient-win64-shipping.protected.exe] => (Allow) D:\steamlibrary\steamapps\common\super people\bravohotelgame\binaries\win64\bravohotelclient-win64-shipping.protected.exe => No File
FirewallRules: [UDP Query User{D00886F4-D8EA-4E90-B1A6-814E960AB237}D:\steamlibrary\steamapps\common\super people\bravohotelgame\binaries\win64\bravohotelclient-win64-shipping.protected.exe] => (Allow) D:\steamlibrary\steamapps\common\super people\bravohotelgame\binaries\win64\bravohotelclient-win64-shipping.protected.exe => No File
FirewallRules: [{982ADA10-5CC2-43AD-AB8A-50C5DB01FEF0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{4F1BAC71-F6B2-445E-AB18-F0D9D5DFBA98}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [UDP Query User{F23DFFB9-8E4C-445B-AF35-AC72DA420359}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{CFFCFEFB-F89F-47C7-B55B-DDB5A2795455}] => (Allow) LPort=1688
FirewallRules: [TCP Query User{BEE906F5-8345-491B-84D8-4D5BDF8B9638}D:\games\call of duty\_retail_\cod.exe] => (Allow) D:\games\call of duty\_retail_\cod.exe => No File
FirewallRules: [UDP Query User{32E08901-ADAA-4336-B603-97E616B05C3A}D:\games\call of duty\_retail_\cod.exe] => (Allow) D:\games\call of duty\_retail_\cod.exe => No File
FirewallRules: [{9DC9FFA5-9025-4285-8A5B-F71DD966CFC9}] => (Allow) D:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client.exe () [File not signed]
FirewallRules: [{1EAECC0D-3D07-4C33-9A63-DAB0615BB44E}] => (Allow) D:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client.exe () [File not signed]
FirewallRules: [TCP Query User{8F2109BB-C685-49AF-BA85-2537C265F112}D:\games\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\games\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{3D5CD87C-2709-4BFE-9620-C75BD825E116}D:\games\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\games\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [TCP Query User{CAF71E84-15F0-4308-8C28-D59E51EB0CE0}D:\steamlibrary\steamapps\common\naraka bladepoint\narakabladepoint.exe] => (Allow) D:\steamlibrary\steamapps\common\naraka bladepoint\narakabladepoint.exe => No File
FirewallRules: [UDP Query User{0EB69D7F-3154-4E76-B648-150CE4A07E08}D:\steamlibrary\steamapps\common\naraka bladepoint\narakabladepoint.exe] => (Allow) D:\steamlibrary\steamapps\common\naraka bladepoint\narakabladepoint.exe => No File
FirewallRules: [TCP Query User{FAAB5450-6907-4DCF-869F-69ED7C602D80}C:\users\kvask\onedrive\desktop\winbox64.exe] => (Allow) C:\users\kvask\onedrive\desktop\winbox64.exe => No File
FirewallRules: [UDP Query User{2310A3D2-B620-4897-9FF7-76B02A666771}C:\users\kvask\onedrive\desktop\winbox64.exe] => (Allow) C:\users\kvask\onedrive\desktop\winbox64.exe => No File
FirewallRules: [TCP Query User{C7C85CD6-FD40-463C-B167-BC7D35DB8929}C:\program files (x86)\ivms-4200 site\ivms-4200 client\server\ivms-4200.topology.s\ivms-4200.topology.s.exe] => (Allow) C:\program files (x86)\ivms-4200 site\ivms-4200 client\server\ivms-4200.topology.s\ivms-4200.topology.s.exe (Hangzhou Hikvision Digital Tech.Co.,Ltd -> )
FirewallRules: [UDP Query User{42EA792D-9072-42B8-9B65-C08E9068841B}C:\program files (x86)\ivms-4200 site\ivms-4200 client\server\ivms-4200.topology.s\ivms-4200.topology.s.exe] => (Allow) C:\program files (x86)\ivms-4200 site\ivms-4200 client\server\ivms-4200.topology.s\ivms-4200.topology.s.exe (Hangzhou Hikvision Digital Tech.Co.,Ltd -> )
FirewallRules: [TCP Query User{85DC1F7C-3198-4BB5-B078-B81D1462821C}C:\program files (x86)\ivms-4200 site\ivms-4200 client\client\ivms-4200.devicemanagement.c\ivms-4200.devicemanagement.c.exe] => (Allow) C:\program files (x86)\ivms-4200 site\ivms-4200 client\client\ivms-4200.devicemanagement.c\ivms-4200.devicemanagement.c.exe (Hangzhou Hikvision Digital Tech.Co.,Ltd -> )
FirewallRules: [UDP Query User{085858B0-3AFF-4FBD-97F6-AA3BB27AF27B}C:\program files (x86)\ivms-4200 site\ivms-4200 client\client\ivms-4200.devicemanagement.c\ivms-4200.devicemanagement.c.exe] => (Allow) C:\program files (x86)\ivms-4200 site\ivms-4200 client\client\ivms-4200.devicemanagement.c\ivms-4200.devicemanagement.c.exe (Hangzhou Hikvision Digital Tech.Co.,Ltd -> )
FirewallRules: [TCP Query User{70AEABBF-74AA-4C0C-AC34-F5C50CB5C0AA}C:\users\kvask\appdata\local\discord\app-1.0.9013\discord.exe] => (Allow) C:\users\kvask\appdata\local\discord\app-1.0.9013\discord.exe (Discord Inc. -> Discord Inc.)
FirewallRules: [UDP Query User{DDF044CF-042D-4E44-8DF4-6C66DF1ADB10}C:\users\kvask\appdata\local\discord\app-1.0.9013\discord.exe] => (Allow) C:\users\kvask\appdata\local\discord\app-1.0.9013\discord.exe (Discord Inc. -> Discord Inc.)
FirewallRules: [{E1819D44-7FC6-4CBC-A410-B73E2BC38C84}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty HQ\cod.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{9AA9D748-8E17-4694-8134-9E97F3B5118A}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty HQ\cod.exe (Activision Publishing Inc -> Activision)
FirewallRules: [TCP Query User{5B774C6C-3E1C-4861-89DC-854EF4789E8C}D:\games\call of duty modern warfare\call of duty\_retail_\cod.exe] => (Allow) D:\games\call of duty modern warfare\call of duty\_retail_\cod.exe => No File
FirewallRules: [UDP Query User{B218A039-6EA2-4F8B-B2C3-8B31E9C5AE40}D:\games\call of duty modern warfare\call of duty\_retail_\cod.exe] => (Allow) D:\games\call of duty modern warfare\call of duty\_retail_\cod.exe => No File
FirewallRules: [TCP Query User{AA83DD20-38D4-467A-AC10-CC6DB6763C13}D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Allow) D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe (Activision Publishing Inc -> ) [File not signed]
FirewallRules: [UDP Query User{92C9287F-4BF4-4A2E-8D10-CB9622D5FB72}D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Allow) D:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe (Activision Publishing Inc -> ) [File not signed]
FirewallRules: [{9C200AC9-BF6B-49B9-9285-691DCBC20EE9}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23153.2000.2140.6533_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7098B7C1-818B-4473-86E2-4150D598917B}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23153.2000.2140.6533_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{029CE8CA-9A50-4AAA-95E1-65AFF3CDE7A7}] => (Allow) D:\SteamLibrary\steamapps\common\PICO_PARK\pico_park.exe () [File not signed]
FirewallRules: [{A0320EDB-3CDB-46FC-AEC8-D65752DF518B}] => (Allow) D:\SteamLibrary\steamapps\common\PICO_PARK\pico_park.exe () [File not signed]
FirewallRules: [{BA9B4889-A472-499A-8796-51E7D3F951E0}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E9B8B9A5-AD83-4962-A1CE-7B04655A67B8}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E53B8A70-D748-4114-ABE1-790F95B389A0}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6E472BD3-36C3-40D1-906F-1C1641C9804F}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C45B1CCE-856B-4F66-A522-E388D31EC04A}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{39175AE6-932C-4C52-A87F-4673486CF382}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\114.0.1823.67\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D9EC6DAD-807A-46FE-BCDB-646EFB7E8C43}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{B6952FD2-3F2F-4739-A83C-68EA3AB017EC}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
==================== Restore Points =========================
27-06-2023 09:57:46 Scheduled Checkpoint
30-06-2023 21:02:56 Installed Alienware Command Center Suite
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (07/08/2023 09:41:55 AM) (Source: Application Error) (EventID: 1000) (User: WARMACHINE)
Description: Faulting application name: Razer Synapse 3.exe, version: 3.1.627.5, time stamp: 0xb4cdc427
Faulting module name: KERNELBASE.dll, version: 10.0.22621.1778, time stamp: 0x11df5af5
Exception code: 0xe0434352
Fault offset: 0x00148462
Faulting process ID: 0x0x2f94
Faulting application start time: 0x0x1d9b16faad3ccfa
Faulting application path: C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report ID: a65d03f5-d786-4ec6-93e9-4230728eab04
Faulting package full name:
Faulting package-relative application ID:
Error: (07/08/2023 09:41:55 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Razer Synapse 3.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.BadImageFormatException
at Razer.Synapse3.App..cctor()
Exception Info: System.TypeInitializationException
at Razer.Synapse3.App+<>c.<.ctor>b__27_0(System.ServiceProcess.ServiceController)
at System.Linq.Enumerable.FirstOrDefault[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.Collections.Generic.IEnumerable`1<System.__Canon>, System.Func`2<System.__Canon,Boolean>)
at Razer.Synapse3.App..ctor()
at Razer.Synapse3.App.Main()
Error: (07/08/2023 03:07:37 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\WARMACHINE$ via https://AMD-KeyId-907d65e9b562315997dd5 ... s/Aik/scep failed:
GetCACaps
Method: GET(0ms)
Stage: GetCACaps
The server name or address could not be resolved 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)
Error: (07/08/2023 03:07:37 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for Local system via https://AMD-KeyId-907d65e9b562315997dd5 ... s/Aik/scep failed:
GetCACaps
Method: GET(47ms)
Stage: GetCACaps
The server name or address could not be resolved 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)
Error: (07/08/2023 02:37:04 AM) (Source: Application Error) (EventID: 1000) (User: WARMACHINE)
Description: Faulting application name: Razer Synapse 3.exe, version: 3.1.627.5, time stamp: 0xb4cdc427
Faulting module name: KERNELBASE.dll, version: 10.0.22621.1778, time stamp: 0x11df5af5
Exception code: 0xe0434352
Fault offset: 0x00148462
Faulting process ID: 0x0x2d40
Faulting application start time: 0x0x1d9b13451250a6b
Faulting application path: C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report ID: 600e8954-7fe9-4909-be23-1ee30ed03e3d
Faulting package full name:
Faulting package-relative application ID:
Error: (07/08/2023 02:37:04 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Razer Synapse 3.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.BadImageFormatException
at Razer.Synapse3.App..cctor()
Exception Info: System.TypeInitializationException
at Razer.Synapse3.App+<>c.<.ctor>b__27_0(System.ServiceProcess.ServiceController)
at System.Linq.Enumerable.FirstOrDefault[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.Collections.Generic.IEnumerable`1<System.__Canon>, System.Func`2<System.__Canon,Boolean>)
at Razer.Synapse3.App..ctor()
at Razer.Synapse3.App.Main()
Error: (07/08/2023 02:36:57 AM) (Source: Application Error) (EventID: 1000) (User: WARMACHINE)
Description: Faulting application name: AWCC.exe, version: 5.5.49.0, time stamp: 0x6489dd39
Faulting module name: twinapi.appcore.dll, version: 10.0.22621.1778, time stamp: 0x8a05c015
Exception code: 0xc000027b
Fault offset: 0x00000000000c07f3
Faulting process ID: 0x0x24ac
Faulting application start time: 0x0x1d9b1344b6edf7f
Faulting application path: C:\Program Files\WindowsApps\DellInc.AlienwareCommandCenter_5.5.49.0_x64__htrsf667h5kn2\AWCC.exe
Faulting module path: C:\WINDOWS\SYSTEM32\twinapi.appcore.dll
Report ID: 5f5c9166-a548-4f4a-8ccd-05c751137baf
Faulting package full name: DellInc.AlienwareCommandCenter_5.5.49.0_x64__htrsf667h5kn2
Faulting package-relative application ID: App
Error: (07/08/2023 02:36:58 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\WARMACHINE$ via https://AMD-KeyId-907d65e9b562315997dd5 ... s/Aik/scep failed:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sat, 08 Jul 2023 00:36:59 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: f5faf2c1-5ec7-4701-918b-c9b2d568d25b
Method: GET(640ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
System errors:
=============
Error: (07/08/2023 08:33:27 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume E:.
A bad cluster was discovered while accessing file data. The file reference number is 0x2000000000002. The name of the file is "<unable to determine file name>". The extent containing the bad cluster is located at Vcn 0x24, Lcn 0xba306.
Error: (07/08/2023 08:33:27 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume E:.
A bad cluster was discovered while accessing file data. The file reference number is 0x2000000000002. The name of the file is "<unable to determine file name>". The extent containing the bad cluster is located at Vcn 0x23, Lcn 0xba305.
Error: (07/08/2023 08:33:27 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume E:.
A bad cluster was discovered while accessing file data. The file reference number is 0x2000000000002. The name of the file is "<unable to determine file name>". The extent containing the bad cluster is located at Vcn 0x3, Lcn 0xba2e5.
Error: (07/08/2023 08:33:27 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume E:.
A bad cluster was discovered while accessing file data. The file reference number is 0x2000000000002. The name of the file is "<unable to determine file name>". The extent containing the bad cluster is located at Vcn 0x13, Lcn 0xba2f5.
Error: (07/08/2023 08:33:27 PM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT AUTHORITY)
Description: E:\Device\HarddiskVolume83
Error: (07/08/2023 08:33:26 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR5, has a bad block.
Error: (07/08/2023 08:33:19 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR5, has a bad block.
Error: (07/08/2023 08:33:12 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR5, has a bad block.
Windows Defender:
================
Date: 2023-07-08 01:39:36
Description:
Řízený přístup ke složkám zablokoval pro C:\Users\kvask\Downloads\Infinite Elmore\Infinite Elmore\system\L2.bin provádění změn v paměti.
Čas detekce: 2023-07-07T23:39:36.060Z
Uživatel: WarMachine\kvask
Cesta: \Device\Harddisk0\DR5
Název procesu: C:\Users\kvask\Downloads\Infinite Elmore\Infinite Elmore\system\L2.bin
Verze bezpečnostních informací: 1.391.3856.0
Verze modulu: 1.1.23050.3
Verze produktu: 4.18.23050.5
Date: 2023-07-08 00:00:37
Description:
Řízený přístup ke složkám zablokoval pro C:\Users\kvask\Downloads\Infinite Elmore\Infinite Elmore\system\L2.bin provádění změn v paměti.
Čas detekce: 2023-07-07T22:00:37.977Z
Uživatel: WarMachine\kvask
Cesta: \Device\Harddisk0\DR5
Název procesu: C:\Users\kvask\Downloads\Infinite Elmore\Infinite Elmore\system\L2.bin
Verze bezpečnostních informací: 1.391.3856.0
Verze modulu: 1.1.23050.3
Verze produktu: 4.18.23050.5
Date: 2023-07-07 00:50:41
Description:
Prohledávání Microsoft Defender Antivirus bylo zastaveno před dokončením.
ID prohledávání: {39989CC1-5193-4024-B92D-60C8E72FE436}
Typ prohledávání: Antimalware
Parametry prohledávání: Quick Scan
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-07-06 19:23:04
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files\qBittorrent\qbittorrent.exe možnost upravit %userprofile%\Favorites.
Čas detekce: 2023-07-06T17:23:04.923Z
Uživatel: WarMachine\kvask
Cesta: %userprofile%\Favorites
Název procesu: C:\Program Files\qBittorrent\qbittorrent.exe
Verze bezpečnostních informací: 1.391.3726.0
Verze modulu: 1.1.23050.3
Verze produktu: 4.18.23050.5
Date: 2023-07-06 00:10:47
Description:
Prohledávání Microsoft Defender Antivirus bylo zastaveno před dokončením.
ID prohledávání: {19FE0481-08A6-4B41-82FC-5BAFC9FC8995}
Typ prohledávání: Antimalware
Parametry prohledávání: Quick Scan
Uživatel: NT AUTHORITY\SYSTEM
CodeIntegrity:
===============
Date: 2023-07-08 03:19:32
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-07-08 03:07:35
Description:
Code Integrity determined that a process (System) attempted to load \Device\HarddiskVolume3\Windows\System32\drivers\iqvw64e.sys that did not meet the Authenticode signing level requirements or violated code integrity policy (Policy ID:{d2bda982-ccf6-4344-ac5b-0b44427b6816}).
Date: 2023-07-08 03:07:35
Description:
The driver \Device\HarddiskVolume3\Windows\System32\drivers\iqvw64e.sys is blocked from loading as the driver has been revoked by Microsoft.
Date: 2023-07-07 23:21:54
Description:
Code Integrity determined that a process (System) attempted to load \Device\HarddiskVolume3\Users\kvask\AppData\Local\Temp\ActiveAnticheat\1223564\active64.sys that is not compatible with hypervisor enforcement. Failure bitmap 0x8. Status 0xC000004E.
==================== Memory info ===========================
BIOS: American Megatrends Inc. P3.50 04/15/2021
Motherboard: ASRock X570M Pro4
Processor: AMD Ryzen 7 3700X 8-Core Processor
Percentage of memory in use: 31%
Total physical RAM: 32693.11 MB
Available physical RAM: 22337.98 MB
Total Virtual: 38537.11 MB
Available Virtual: 23934.43 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:476.23 GB) (Free:163.55 GB) (Model: KBG40ZNV512G KIOXIA) NTFS
Drive d: () (Fixed) (Total:476.94 GB) (Free:199.18 GB) (Model: SAMSUNG MZVLW512HMJP-00000) NTFS
Drive e: (1TB) (Fixed) (Total:931.51 GB) (Free:810.45 GB) (Model: WDC WD1002FBYS-02A6B0) NTFS
Drive f: () (Fixed) (Total:2794.52 GB) (Free:2651.23 GB) (Model: WDC WD3003FZEX-00Z4SA0) NTFS
Drive g: () (Removable) (Total:0 GB) (Free:0 GB)
\\?\Volume{f1b6381c-1acc-4a5a-9b2c-40f66a1c565b}\ () (Fixed) (Total:0.6 GB) (Free:0.08 GB) NTFS
\\?\Volume{82ae0585-a009-462d-a45e-7a2e5065e0f9}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0008473D)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (Size: 2794.5 GB) (Disk ID: 07A5BF4A)
Partition: GPT.
==========================================================
Disk: 2 (Size: 476.9 GB) (Disk ID: C211CCFF)
Partition: GPT.
==========================================================
Disk: 3 (Size: 476.9 GB) (Disk ID: 73D9D171)
Partition: GPT.
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pořád vyskakuje okno na opravu driverů
Zdravím!
Tu hlášku dává systém, nebo nějaký program? Pokud tam máte nějaký program na kontrolu driverů, otevřte správce zařízení a podívejte se, zda jsou vševhny drivery OK, případně, které jsou OK a které ne. Poznáte to tak, že u daného driveru bude výstraha.
Tu hlášku dává systém, nebo nějaký program? Pokud tam máte nějaký program na kontrolu driverů, otevřte správce zařízení a podívejte se, zda jsou vševhny drivery OK, případně, které jsou OK a které ne. Poznáte to tak, že u daného driveru bude výstraha.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pořád vyskakuje okno na opravu driverů
Dobrý den ještě jednou.
Jako mám tam nějaké other devices, což předpokládám, že je mobilní telefon. Každopádně je to z update a security centra. Vždy to chce restart, však teď jsem to restartoval, tak jsem si stihl uvařit puding, dát myčku a ještě zahrát 2 kola hry na mobilním telefonu.
Proto podezřívám, že by v tom mohl být nějaký šotek.
Děkuji pěkně. S pozdravem,
Karel
Jako mám tam nějaké other devices, což předpokládám, že je mobilní telefon. Každopádně je to z update a security centra. Vždy to chce restart, však teď jsem to restartoval, tak jsem si stihl uvařit puding, dát myčku a ještě zahrát 2 kola hry na mobilním telefonu.
Proto podezřívám, že by v tom mohl být nějaký šotek.
Děkuji pěkně. S pozdravem,
Karel
Re: Pořád vyskakuje okno na opravu driverů
Pardon není to driver, teď je to drive errors. Bohužel mám 2 NVME disky, vše je přístupné.
Hrozím se reinstalace jak čert kříže, protože mám nějaké projekty rozdělané
.
Děkuji.
Hrozím se reinstalace jak čert kříže, protože mám nějaké projekty rozdělané
.Děkuji.
Re: Pořád vyskakuje okno na opravu driverů
Device\Harddisk0\DR5, has a bad block.
Skontroluj disk E: - mozno je zrely na vymenu
Skontroluj disk E: - mozno je zrely na vymenu
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Pořád vyskakuje okno na opravu driverů
Už jde ven! Děkuji
Re: Pořád vyskakuje okno na opravu driverů
Je venku, PC se chová líp. Děkuji moc. Mohl jsem počítat ze v tom small form factor case když bude stack 3 disků, že v létě by jim mohlo být horko. Mno nevadí. Pevné plotny už do mého PC nepůjdou 
.
Uvidíme jestli už to je všechno.
.Uvidíme jestli už to je všechno.
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pořád vyskakuje okno na opravu driverů
Jj. Chce to pozorněji číst. Uvidíte sám časem.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pořád vyskakuje okno na opravu driverů
[
Mno, vyřešilo to "hryzání" systému co jsem řešil cca 3 roky. Občas freeznul. Vyměnil jsem NVME, Desku, CPU, Ram, nikdy by mě nenapadlo, že to bude plotna.
Mno, vyřešilo to "hryzání" systému co jsem řešil cca 3 roky. Občas freeznul. Vyměnil jsem NVME, Desku, CPU, Ram, nikdy by mě nenapadlo, že to bude plotna.
Re: Pořád vyskakuje okno na opravu driverů
Ak je problem vyrieseny, tak nas to s Rudym tesi 
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Přispějete na provoz fóra?