Dobrý den, zdravím všechny odborníky. Sám si nevím rady a kamarád mi doporučil pomoc hledat zde. Poslední měsíc mi stále hučí větrák a procesor běží na 100%. PC jsem uvnitř vyčistil od prachu a stále stejný problém,. Už si nevím rady. Děkuji za jakoukoliv radu či pomoc. Předem všem děkuji za váš čas.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25.03.2024
Ran by zelen (administrator) on DESKTOP-2K8AIVB (Micro-Star International Co., Ltd. MAG H410 Infinite S (MS-B933)) (25-03-2024 17:32:29)
Running from C:\Users\zelen\Desktop\FRST64.exe
Loaded Profiles: zelen
Platform: Microsoft Windows 10 Home Version 22H2 19045.4170 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(A225F3B5-240D-4EE9-BCF4-697A07F5E93E -> Micro-Star INT'L CO., LTD.) C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.121.0_x64__kzh8wxbdkxb8p\DCv2\DCv2.exe
(A-Volute SAS -> A-Volute) C:\Users\zelen\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
(C:\Program Files (x86)\MSI\One Dragon Center\MSI.CentralServer.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\One Dragon Center\CC_Engine_x64.exe
(C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI.CentralServer.exe
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.242.1.6\OverwolfHelper.exe
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.242.1.6\OverwolfHelper64.exe
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\0.242.1.6\OverwolfBrowser.exe <4>
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Users\zelen\AppData\Local\Overwolf\ProcessCache\0.242.1.6\ddlhcmnbjcondncokaaocnpbhbmhchohknbhpnbd\MSI companion.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(cmd.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\BrowserPrivacyAndSecurity.exe
(explorer.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\TuneUp\TuneupUI.exe <3>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <46>
(explorer.exe ->) (Logitech Inc -> Logitech) C:\Program Files\Logi\LogiBolt\LogiBolt.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2402.1001.29.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\TuneUp\TuneupSvc.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (cFos Software GmbH -> cFos Software GmbH) C:\Program Files\cFosSpeed\spd.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_e43ec0fd38c7d43c\RstMwService.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(services.exe ->) (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\FoundationService\MSIAPService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\One Dragon Center\Super_Charger\MSI_Super_Charger_Service.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_509c7440ad905b9c\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_550508a90a3c9a47\RtkAudUService64.exe <2>
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(svchost.exe ->) (21E1B422-257A-44A2-9C8F-379165856473 -> ) C:\Program Files\WindowsApps\A-Volute.Nahimic_1.9.22.0_x64__w2gh52qy24etm\Nahimic3.exe
(svchost.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicSvc64.exe
(svchost.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\SysWOW64\NahimicSvc32.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Windows.Media.BackgroundPlayback.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControlEngine.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\One Dragon Center\Voice Boost\ControlVoiceBoost.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_550508a90a3c9a47\RtkAudUService64.exe [1618320 2022-11-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [196264 2024-01-24] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\AVG\TuneUp\TuneupUI.exe [9849280 2024-03-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1690368 2022-07-22] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4384104 2024-03-06] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14916448 2021-03-26] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1789960 2024-03-10] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\Run: [com.messenger] => "C:\Users\zelen\AppData\Local\Programs\Messenger\Messenger.exe" messenger://openAtLogin (No File)
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech)
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\MountPoints2: {2043a99b-d507-11eb-823c-2cf05d80969f} - "F:\startme.exe"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\MountPoints2: {ce4afd11-cabd-11ee-83c5-2cf05d80969f} - "F:\CrossLink.exe"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1002\...\Run: [MicrosoftEdgeAutoLaunch_9D9C8361A4AB7D74294FA7EB59596A99] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4060712 2024-03-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2953557184-4198598645-1749663361-1002\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\122.0.6261.131\Installer\chrmstp.exe [2024-03-21] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\123.1.64.109\Installer\chrmstp.exe [2024-03-20] (Brave Software, Inc. -> Brave Software, Inc.)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0251ccb3-1cd7-46a9-b500-fb733c63a7f5} - no filepath. <==== ATTENTION
Task: {02e2d798-e0e3-40b7-84c4-e48b26eeaf9d} - no filepath. <==== ATTENTION
Task: {08a42eef-a93f-4148-9aad-c83e67deeb5d} - no filepath. <==== ATTENTION
Task: {0a52cd0c-a2a7-4d4b-9ec1-f795027a4b78} - no filepath. <==== ATTENTION
Task: {1e342d9e-bef8-4262-8f82-8a6767b97756} - no filepath. <==== ATTENTION
Task: {4c047d5f-5cba-465e-96d0-533e73d4fc83} - no filepath. <==== ATTENTION
Task: {6245ac21-cb31-4f51-9751-cfd92f12638f} - no filepath. <==== ATTENTION
Task: {67d890a9-9a0c-4fbc-a0e5-90bcb60a93d7} - no filepath. <==== ATTENTION
Task: {9f5cbfec-5b46-44e2-ad39-9d4c1ae2e08c} - no filepath. <==== ATTENTION
Task: {b306eafe-fc6d-48ef-b00f-2cada2f7cc39} - no filepath. <==== ATTENTION
Task: {da77dee6-1414-4f1a-b087-3db1da4ed5d3} - no filepath. <==== ATTENTION
Task: {dc6ad5f1-b019-4536-9280-2fd13c433b12} - no filepath. <==== ATTENTION
Task: {e1ccd1f9-3b3d-4250-b49b-fb6d7c72e035} - no filepath. <==== ATTENTION
Task: {e8a3206a-f36f-4be6-8028-7ee0eead1ee0} - no filepath. <==== ATTENTION
Task: {f77872c3-d259-4237-b6b5-b653e0fceec9} - no filepath. <==== ATTENTION
Task: {BD1E27DE-F9AA-40D1-BD56-F9397F21936B} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe (No File)
Task: {D1133895-E698-40E6-AF19-4AB92230F36A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-02] (Avast Software s.r.o. -> Avast Software)
Task: {35EACF95-4684-497B-9C6B-73B5894268F2} - System32\Tasks\AVG\AVG TuneUp BugReport => C:\Program Files\AVG\TuneUp\AvBugReport.exe [4979128 2024-03-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) -> --send "dumps|report" --silent --product 74 --programpath "C:\Program Files\AVG\TuneUp\Setup\.." --configpath "C:\Program Files\AVG\TuneUp\Setup" --path "C:\ProgramData\AVG\TuneUp\log" --path "C:\ProgramData\AVG\Icarus\Logs" --logpath "C:\ProgramData\AVG\TuneUp\log" --guid 9a95d750-5df1-45af-9069-5 (the data entry has 11 more characters).
Task: {BF749130-D176-4C79-B1B6-3D1A55B54F52} - System32\Tasks\AVG\AVG TuneUp Update => C:\Program Files\Common Files\AVG\Icarus\avg-tu\icarus.exe [7811512 2024-03-14] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {5A137660-8A4E-4D02-9229-8449C1961AAA} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162384 2021-02-05] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {CF408C2F-E0BB-4541-BF7B-B97111114BCB} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162384 2021-02-05] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {BF505F7F-2365-4B38-9E82-DAB2AE064EEF} - System32\Tasks\cFos\Registration Tasks\Open Browser => c:\program files\google\chrome\application\chrome.exe [2772256 2024-03-12] (Google LLC -> Google LLC) -> "hxxp://localhost:1487/cfosspeed/console.htm"
Task: {BE98D0DD-9660-4959-A455-0F69778063CB} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5610344 2024-03-13] (Microsoft Windows -> Microsoft Corporation)
Task: {98074E30-AE19-4820-AB82-C7026512D553} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem124.0.6359.0{D807AB07-F30E-4FC0-A8A8-2A96FD097AC1} => C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC)
Task: {9E27517C-4189-4CA1-BDA7-811F1E3F2A67} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2064744 2021-01-19] (Intel(R) Production Software -> Intel Corporation)
Task: {8997FA2E-6D7D-4CFD-910A-A0F8AB5E66D6} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2113024 2023-06-09] () [File not signed]
Task: {2A298CEE-C204-4B5A-81F5-3E796DC5637D} - System32\Tasks\Meta\Messenger-SL-Helper-S-1-5-21-2953557184-4198598645-1749663361-1001 => C:\Users\zelen\AppData\Local\Programs\Messenger\MessengerHelper.exe [2158328 2023-03-10] (Facebook, Inc. -> Meta Platforms, Inc.)
Task: {FC998AE5-FDD7-4AFC-A20A-71C0D4286589} - System32\Tasks\Meta\Messenger-WSP-Helper-S-1-5-21-2953557184-4198598645-1749663361-1001 => C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_2070.12.228.0_x64__8xx8rvfyw5nnt\app\MessengerHelper.exe [2169080 2024-03-16] (6E08453F-9BA7-4311-999C-D22FBA2FB1B8 -> Meta Platforms, Inc.)
Task: {69BF3700-02D6-4DE7-933D-26D785B12151} - System32\Tasks\MSI Task Host - ControlVoiceBoost => C:\Program Files (x86)\MSI\One Dragon Center\Voice Boost\ControlVoiceBoost.exe [30384 2019-12-20] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {6C5D4572-F19C-46D3-A7DE-B23DF6219C58} - System32\Tasks\MSI Task Host - Detect_Monitor => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [102712 2021-07-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {4C21F9B7-417E-4B30-8EA9-681C24C1B462} - System32\Tasks\MSI Task Host - DisplayID => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [102712 2021-07-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {1C7D70BC-CAE9-4B06-8BCB-9910D12D3C0D} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe [1822824 2023-10-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {5368F08C-AE42-4CAE-ABBD-5FAED2CC7A06} - System32\Tasks\MSISW_Host => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {22CA00AB-FE5F-4529-8968-AFEB662D5535} - System32\Tasks\NahimicSvc32Run => C:\Windows\SysWOW64\NahimicSvc32.exe [1117352 2024-01-01] (A-Volute SAS -> Nahimic)
Task: {A1A9E40D-2563-4DFD-9509-93D22886E5C7} - System32\Tasks\NahimicSvc64Run => C:\Windows\system32\NahimicSvc64.exe [1437352 2024-01-01] (A-Volute SAS -> Nahimic)
Task: {8AC3FE86-AFE9-42B4-949D-9C8AC1D33919} - System32\Tasks\NahimicTask32 => C:\Windows\System32\..\SysWOW64\NahimicSvc32.exe [1117352 ] (A-Volute SAS -> Nahimic)
Task: {39CB973B-C71C-4514-930A-599A98C28E10} - System32\Tasks\NahimicTask64 => C:\Windows\System32\.\NahimicSvc64.exe [1437352 ] (A-Volute SAS -> Nahimic)
Task: {C29C609A-5AC2-42B3-BB2E-AEC20DC6DD93} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {86F38328-B421-41FF-B035-C73C93D4ABC8} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AAE73B7E-F25D-4FF7-A998-CF7F8803FD82} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {40B3AB93-D2CD-4435-9A89-C2BAFF56AE82} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7CC16CD5-9A97-4B53-A03F-98CB08AAB346} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BD74F803-73AA-4D39-A009-A5B3B5E64C8D} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3B96474D-7710-47F9-A1D1-31B4784808ED} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {256FDCB8-8DC5-48A5-87E8-481290ABF7FF} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6AFAF0F7-9648-4E3A-8D9C-840C3BD00E8D} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {24B4EE1E-3100-4B35-A82C-8ADBD3301449} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2953557184-4198598645-1749663361-1002 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {E1A67946-E35F-4CE2-BDD5-76E4FB8ED35C} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2953557184-4198598645-1749663361-1002 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {B8CCCACD-63C3-421C-B272-8BACEC08855F} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2953557184-4198598645-1749663361-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {6675C27F-3096-47DC-A842-6A30CFB9D681} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2642952 2024-03-10] (Overwolf Ltd -> Overwolf LTD) -> C:\Program Files (x86)\Overwolf\/RunningFrom Schedule
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6ecb7c76-c0a4-4ba9-99c4-395c04bd17ff}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6ecb7c76-c0a4-4ba9-99c4-395c04bd17ff}: [DhcpDomain] home
Tcpip\..\Interfaces\{d81f6edf-470e-4b70-942e-4f5b2cae3c47}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d81f6edf-470e-4b70-942e-4f5b2cae3c47}: [DhcpDomain] home
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\zelen\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-03]
Edge Notifications: Default -> hxxps://freebitco.in
Edge Extension: (Avast Online Security & Privacy) - C:\Users\zelen\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdgpikaaheckgdijjmepmdjjkbceakif [2023-06-16]
Edge Extension: (Dokumenty Google offline) - C:\Users\zelen\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-11-07]
Edge Extension: (Edge relevant text changes) - C:\Users\zelen\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-11-07]
Edge Extension: (ESET Browser Privacy & Security) - C:\Users\zelen\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nkapkmklnmidbbgjaipbgpcnbomnaakc [2023-11-30]
Edge HKLM-x32\...\Edge\Extension: [nkapkmklnmidbbgjaipbgpcnbomnaakc]
FireFox:
========
FF DefaultProfile: jyeb1nyy.default
FF ProfilePath: C:\Users\zelen\AppData\Roaming\Mozilla\Firefox\Profiles\jyeb1nyy.default [2021-08-25]
FF ProfilePath: C:\Users\zelen\AppData\Roaming\Mozilla\Firefox\Profiles\o2lcqec9.default-release [2024-03-22]
FF Extension: (Tampermonkey) - C:\Users\zelen\AppData\Roaming\Mozilla\Firefox\Profiles\o2lcqec9.default-release\Extensions\firefox@tampermonkey.net.xpi [2021-12-13]
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.19 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2021-06-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2021-06-27] (Oracle America, Inc. -> Oracle Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2024-03-25]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default [2024-03-25]
CHR Notifications: Default -> hxxps://app.ens.domains; hxxps://drive.google.com; hxxps://freebitco.in; hxxps://mail.google.com; hxxps://twitter.com; hxxps://www.aliexpress.com; hxxps://www.facebook.com; hxxps://www.instagram.com; hxxps://www.lidl.cz; hxxps://www.netflix.com; hxxps://zaletsi.cz
CHR HomePage: Default -> hxxps://www.google.com/
CHR Session Restore: Default -> is enabled.
CHR Extension: (Překladač Google) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-03-22]
CHR Extension: (DuckDuckGo) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2024-03-13]
CHR Extension: (uBlock Origin) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-02-24]
CHR Extension: (Tampermonkey) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2024-01-12]
CHR Extension: (uMatrix development build) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\eckgcipdkhcfghnmincccnhpdmnbefki [2021-02-03]
CHR Extension: (VT4Browsers) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\efbjojhplkelaegfbieplglfidafgoka [2023-11-13]
CHR Extension: (Stylish - Custom themes for any website) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2024-01-15]
CHR Extension: (Wayback Machine) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpnmgdkabkmnadcjpehmlllkndpkmiak [2023-11-22]
CHR Extension: (Authy) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaedmjdfmmahhbjefcbgaolhhanlaolb [2021-02-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-22]
CHR Extension: (Wappalyzer - Technology profiler) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gppongmhjkpfnbhagpmjfkannfbllamg [2024-02-21]
CHR Extension: (feedly) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2021-02-03]
CHR Extension: (Social Fixer for Facebook) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb [2023-09-11]
CHR Extension: (SEMOR) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\igcjcgdkngjanadjligggkimempkknnp [2021-02-03]
CHR Extension: (WavesLiteApp) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfmcaklajknfekomaflnhkjjkcjabogm [2021-02-03]
CHR Extension: (dlvr.it) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnbmafaeknhpeabpppkieambfcnlcipb [2022-05-30]
CHR Extension: (Morpheon Dark) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad [2024-03-13]
CHR Extension: (Ghostery Tracker Ad Blocker - Privacy AdBlock) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2024-03-10]
CHR Extension: (MetaMask) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2024-03-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-03]
CHR Extension: (AMP Validator) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmoffdblmcmgeicmolmhobpoocbbmknc [2024-01-18]
CHR Extension: (Instant Data Scraper) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofaokhiedipichpaobibbnahnkdoiiah [2024-01-31]
CHR Extension: (Web Server for Chrome) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofhbbkphhbklhfoeikjpcbhemlocgigb [2021-04-07]
CHR Extension: (ESET Browser Privacy & Security) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\oombnmpbbhbakfpfgdflaajkhicgfaam [2024-02-13]
CHR Extension: (Amino: Live CSS Editor) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcpfbcibpcbfbmddogfhcijfpboeaaf [2023-11-13]
CHR Extension: (Hlídač Shopů) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlonggbfebcjelncogcnclagkmkikk [2023-11-15]
CHR Profile: C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-03-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-15]
CHR Extension: (ESET Browser Privacy & Security) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oombnmpbbhbakfpfgdflaajkhicgfaam [2024-02-12]
CHR Profile: C:\Users\zelen\AppData\Local\Google\Chrome\User Data\System Profile [2024-03-25]
CHR HKLM-x32\...\Chrome\Extension: [oombnmpbbhbakfpfgdflaajkhicgfaam]
Brave:
=======
BRA DefaultProfile: Default
BRA Profile: C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-11-10]
BRA Extension: (Překladač Google) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-11-10]
BRA Extension: (Authenticator) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\bhghoamapcdpbohphigoooaddinpkbai [2023-11-10]
BRA Extension: (Adblock Plus - free ad blocker) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-11-10]
BRA Extension: (Pushbullet) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2023-11-10]
BRA Extension: (Plasma Integration) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cimiefiiaegbelhefglklhhakcgmhkai [2023-11-10]
BRA Extension: (Simple Auto Scroll) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\dccjkemhmffnljlnnoffljpkhkfpldff [2021-02-05]
BRA Extension: (Tampermonkey) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2023-11-10]
BRA Extension: (uMatrix development build) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\eckgcipdkhcfghnmincccnhpdmnbefki [2021-02-05]
BRA Extension: (VT4Browsers) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\efbjojhplkelaegfbieplglfidafgoka [2023-11-10]
BRA Extension: (Dark Reader) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2023-11-10]
BRA Extension: (Stylish - Custom themes for any website) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2023-11-10]
BRA Extension: (Social Fixer for Facebook) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb [2023-11-10]
BRA Extension: (SEMOR) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\igcjcgdkngjanadjligggkimempkknnp [2021-02-05]
BRA Extension: (Bandzone Downloader) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\kdolellaicjnehmfidkjkkehmkkapngp [2021-02-05]
BRA Extension: (Social Book Post Manager) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ljfidlkcmdmmibngdfikhffffdmphjae [2021-02-05]
BRA Extension: (dlvr.it) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\lnbmafaeknhpeabpppkieambfcnlcipb [2023-11-10]
BRA Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2023-11-10]
BRA Extension: (Givee.Club - Get games for free!) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\modkgipgommbdobanfinadelfafeiadk [2023-11-10]
BRA Extension: (MetaMask) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2023-11-10]
BRA Extension: (AMP Validator) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\nmoffdblmcmgeicmolmhobpoocbbmknc [2023-11-10]
BRA Extension: (Amino: Live CSS Editor) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\pbcpfbcibpcbfbmddogfhcijfpboeaaf [2023-11-10]
BRA Extension: (SEOInfo) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ppbdklaincgliegpfolkjjfncpgobneb [2023-11-10]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block First Party Filters (plaintext))) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2023-11-10]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2023-11-10]
BRA Extension: (Brave NTP background images) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2023-11-10]
BRA Extension: (Wallet Data Files Updater) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2023-11-10]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2023-11-10]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-11-06]
BRA Extension: (Brave NTP sponsored images) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\efkihffiamafhbhefjaljejgdpkelpal [2023-11-10]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2023-11-10]
BRA Extension: (Brave Ads Resources) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\iejekkikpddbbockoldagmfcdbffomfc [2023-11-10]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block Updater (plaintext))) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2023-11-10]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-11-06]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2023-11-10]
BRA Extension: (Brave Ad Block Updater (EasyList Czech and Slovak (plaintext))) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\oegebjahecghlckbhkmojgnpcgdeajdi [2023-11-10]
BRA Extension: (Brave Ad Block Updater (CZE, SVK: EasyList Czech and Slovak)) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\omkkefoeihpbpebhhbhmjekpnegokpbj [2021-11-06]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-11-10]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162384 2021-02-05] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 BraveElevationService; C:\Program Files\BraveSoftware\Brave-Browser\Application\123.1.64.109\elevation_service.exe [2671128 2024-03-20] (Brave Software, Inc. -> Brave Software, Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162384 2021-02-05] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [602376 2021-07-29] (cFos Software GmbH -> cFos Software GmbH)
R2 CleanupPSvc; C:\Program Files\AVG\TuneUp\TuneupSvc.exe [18727360 2024-03-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [2539384 2024-01-24] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3890064 2024-01-24] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3890064 2024-01-24] (ESET, spol. s r.o. -> ESET)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2021-10-01] (Epic Games Inc. -> Epic Games, Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1874272 2021-03-26] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6840672 2021-03-26] (GOG Sp. z o.o. -> GOG.com)
S2 GoogleUpdaterInternalService124.0.6359.0; C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC)
S2 GoogleUpdaterService124.0.6359.0; C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC)
R2 LightKeeperService; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe [86776 2020-12-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI Foundation Service; C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\FoundationService\MSIAPService.exe [75216 2020-09-23] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
R2 MSI_Central_Service; C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe [147088 2020-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_Companion_Service; C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe [143160 2021-03-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_Super_Charger_Service; C:\Program Files (x86)\MSI\One Dragon Center\Super_Charger\MSI_Super_Charger_Service.exe [39224 2021-04-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe [36152 2021-08-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe [39760 2021-05-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1909416 2024-01-01] (A-Volute SAS -> Nahimic)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_509c7440ad905b9c\Display.NvContainer\NVDisplay.Container.exe [1275528 2024-03-13] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2579272 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3497808 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2642952 2024-03-10] (Overwolf Ltd -> Overwolf LTD)
S3 PrintNotify; C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll [3595776 2021-06-09] (Microsoft Corporation) [File not signed]
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [749640 2022-10-11] (Oracle Corporation -> Oracle Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2021-02-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2021-02-03] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2021-03-12] (AVAST Software s.r.o. -> The OpenVPN Project)
S3 aswWintun; C:\WINDOWS\System32\drivers\aswWintun.sys [37104 2021-07-07] (Avast Software s.r.o. -> WireGuard LLC)
S3 BlueStacksDrv_msi2; C:\Program Files\BlueStacks_msi2\BstkDrv.sys [313112 2019-05-29] (Bluestack Systems, Inc. -> Bluestack System Inc.)
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 cFosSpeed; C:\WINDOWS\system32\DRIVERS\cfosspeed6.sys [1695016 2021-07-29] (cFos Software GmbH -> cFos Software GmbH)
R1 CTIIO; C:\WINDOWS\system32\drivers\CtiIo64.sys [29208 2024-03-12] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [215616 2023-11-28] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [120032 2023-11-28] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [16336 2022-08-23] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [254344 2023-11-28] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [55528 2023-11-28] (ESET, spol. s r.o. -> ESET)
R2 EneTechIo; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\EneIo64.sys [32504 2022-07-10] (ENE TECHNOLOGY INC. -> )
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [81824 2023-11-28] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [124168 2023-11-28] (ESET, spol. s r.o. -> ESET)
R3 iaLPSS2_GPIO2; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_skl.inf_amd64_2a35efc43f1a612e\iaLPSS2_GPIO2_ICL.sys [132872 2020-04-27] (Intel Corporation -> Intel Corporation)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [19000 2023-04-05] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [85616 2021-08-16] (A-Volute -> Windows (R) Win 7 DDK provider)
R3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\One Dragon Center\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\One Dragon Center\Lib\SYS\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_CPU; C:\Program Files (x86)\MSI\One Dragon Center\Super_Charger\NTIOLib_X64.sys [32592 2024-01-02] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Lib\NTIOLib_X64.sys [32488 2023-12-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R1 UimBus; C:\WINDOWS\System32\drivers\uimbus.sys [109504 2018-11-27] (Paragon Software GmbH -> Paragon Software GmbH)
R1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uimdevim.sys [46016 2018-11-27] (Paragon Software GmbH -> Paragon Software GmbH)
R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [242632 2022-10-11] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [252536 2022-10-11] (Oracle Corporation -> Oracle Corporation)
R1 VBoxSup; C:\WINDOWS\system32\DRIVERS\VBoxSup.sys [1082080 2022-10-11] (Oracle Corporation -> Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2021-02-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2021-02-03] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2021-02-03] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-03-25 17:32 - 2024-03-25 17:33 - 000047459 _____ C:\Users\zelen\Desktop\FRST.txt
2024-03-25 17:32 - 2024-03-25 17:32 - 000000000 ____D C:\FRST
2024-03-25 17:28 - 2024-03-25 17:31 - 002391552 _____ (Farbar) C:\Users\zelen\Desktop\FRST64.exe
2024-03-21 17:07 - 2024-03-21 17:07 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2024-03-21 16:55 - 2024-03-13 18:36 - 002031360 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2024-03-21 16:55 - 2024-03-13 18:36 - 002031360 _____ C:\WINDOWS\system32\vulkaninfo.exe
2024-03-21 16:55 - 2024-03-13 18:36 - 001578856 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-03-21 16:55 - 2024-03-13 18:36 - 001578856 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2024-03-21 16:55 - 2024-03-13 18:36 - 001488008 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2024-03-21 16:55 - 2024-03-13 18:36 - 001445224 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2024-03-21 16:55 - 2024-03-13 18:36 - 001445224 _____ C:\WINDOWS\system32\vulkan-1.dll
2024-03-21 16:55 - 2024-03-13 18:36 - 001295208 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2024-03-21 16:55 - 2024-03-13 18:36 - 001295208 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2024-03-21 16:55 - 2024-03-13 18:36 - 001226760 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2024-03-21 16:54 - 2024-03-13 18:28 - 001046152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2024-03-21 16:54 - 2024-03-13 18:28 - 000670344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2024-03-21 16:54 - 2024-03-13 18:28 - 000505352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2024-03-21 16:54 - 2024-03-13 18:27 - 001543176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2024-03-21 16:54 - 2024-03-13 18:27 - 001199624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2024-03-21 16:54 - 2024-03-13 18:26 - 002174072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2024-03-21 16:54 - 2024-03-13 18:26 - 001626760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2024-03-21 16:54 - 2024-03-13 18:26 - 001024136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2024-03-21 16:54 - 2024-03-13 18:26 - 000841840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2024-03-21 16:54 - 2024-03-13 18:26 - 000787592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2024-03-21 16:54 - 2024-03-13 18:25 - 016034440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2024-03-21 16:54 - 2024-03-13 18:25 - 012929144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2024-03-21 16:54 - 2024-03-13 18:25 - 006780960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2024-03-21 16:54 - 2024-03-13 18:25 - 003721224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2024-03-21 16:54 - 2024-03-13 18:25 - 000459912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2024-03-21 16:54 - 2024-03-13 18:24 - 005913096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2024-03-21 16:54 - 2024-03-13 18:24 - 005773344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2024-03-21 16:54 - 2024-03-13 18:23 - 000853104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2024-03-21 16:54 - 2024-03-13 06:29 - 000119399 _____ C:\WINDOWS\system32\nvinfo.pb
2024-03-17 15:45 - 2024-03-17 15:45 - 000000000 ____D C:\Program Files\dotnet
2024-03-13 18:30 - 2024-03-13 18:30 - 000015882 _____ C:\Users\zelen\README.md
2024-03-13 18:30 - 2024-03-13 18:30 - 000005838 _____ C:\Users\zelen\AppData\Local\recently-used.xbel
2024-03-13 04:44 - 2024-03-13 04:44 - 000019530 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-03-13 04:44 - 2024-03-13 04:44 - 000019530 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-03-13 04:38 - 2024-03-13 04:38 - 000000000 ___HD C:\$WinREAgent
2024-03-13 04:33 - 2024-03-13 04:33 - 000003236 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - ControlVoiceBoost
2024-03-12 19:05 - 2024-03-12 19:05 - 000003190 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - LEDKeeper2_Host
2024-03-12 19:05 - 2024-03-12 19:05 - 000000000 ____D C:\Program Files\ENE
2024-03-12 19:04 - 2024-03-12 19:04 - 000002685 _____ C:\Users\Public\Desktop\Intel(R) Extreme Tuning Utility.lnk
2024-03-12 19:04 - 2024-03-12 19:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2024-03-10 17:26 - 2024-03-10 17:26 - 000000000 ___HD C:\$Windows.~WS
2024-03-09 22:37 - 2024-03-09 22:37 - 000031414 _____ C:\Users\zelen\Downloads\65ec0bf85e355.webp
2024-03-09 11:49 - 2024-03-09 11:49 - 419594592 _____ C:\Users\zelen\Downloads\MOV_0334.mp4
2024-03-09 07:29 - 2024-03-09 07:29 - 000054660 _____ C:\Users\zelen\Downloads\hcdMvnn.jpeg
2024-03-08 05:24 - 2024-03-08 05:24 - 000167537 _____ C:\Users\zelen\Downloads\9238227.pdf
2024-03-06 17:22 - 2024-03-06 17:22 - 000043380 _____ C:\Users\zelen\Downloads\1643672604_1_DF_e65gg31uh8367591.ged
2024-03-06 15:27 - 2024-03-11 04:30 - 000000000 ____D C:\WINDOWS\Panther
2024-03-04 18:47 - 2024-03-04 18:47 - 000685384 _____ (Mobirise.com) C:\Users\zelen\Downloads\MobiriseSetup.exe
2024-03-04 18:43 - 2024-03-06 18:37 - 000000000 ____D C:\Users\zelen\Downloads\RPRFFnzCKPIl6TBCZPxGs
2024-03-04 18:32 - 2024-03-04 18:32 - 005234364 _____ C:\Users\zelen\Downloads\RPRFFnzCKPIl6TBCZPxGs.zip
2024-03-04 05:26 - 2024-03-04 05:26 - 000000000 ____D C:\WINDOWS\InboxApps
2024-03-04 05:25 - 2024-03-04 05:25 - 000000270 __RSH C:\ProgramData\ntuser.pol
2024-03-03 15:09 - 2024-03-03 15:09 - 000019035 _____ C:\Users\zelen\Downloads\[SkT]Windows_8.1_(64bit)(CZ).torrent
2024-03-03 10:59 - 2024-03-03 10:59 - 000000000 ____D C:\WINDOWS\SysWOW64\Tasks.BackupByDriver Booster
2024-03-03 10:59 - 2024-03-03 10:59 - 000000000 ____D C:\WINDOWS\IObit
2024-03-03 10:59 - 2024-03-03 10:59 - 000000000 ____D C:\Users\zelen\AppData\Roaming\IObit
2024-03-03 10:59 - 2024-03-03 10:59 - 000000000 ____D C:\Users\zelen\AppData\LocalLow\IObit
2024-03-03 10:59 - 2024-03-03 10:59 - 000000000 ____D C:\Users\zelen\AppData\Local\IObit
2024-03-03 10:59 - 2024-03-03 10:59 - 000000000 ____D C:\ProgramData\ProductData
2024-03-03 10:59 - 2024-03-03 10:59 - 000000000 ____D C:\ProgramData\IObit
2024-03-03 09:03 - 2024-03-03 09:05 - 000000000 ____D C:\Users\zelen\Downloads\KMSAuto Lite Portable v1.6.5
2024-03-01 11:43 - 2024-03-01 11:43 - 002498035 _____ C:\Users\zelen\Downloads\Radosovice1.pdf
2024-03-01 10:43 - 2024-03-01 10:43 - 002236790 _____ C:\Users\zelen\Downloads\Radosovice.pdf
2024-03-01 04:04 - 2024-03-01 04:04 - 051062649 _____ C:\Users\zelen\Desktop\SDR Scan ,pá bře 1 2024 04-04-07.DAT
2024-02-29 19:24 - 2024-02-29 19:24 - 000000000 ____D C:\Users\zelen\Downloads\Windows 7 4v1 x86 9.2015 cz-sk
2024-02-29 15:22 - 2024-03-01 04:05 - 000003300 _____ C:\WINDOWS\system32\Tasks\klcp_update
2024-02-29 15:22 - 2024-03-01 04:05 - 000001854 _____ C:\Users\Public\Desktop\Stellar Data Recovery.lnk
2024-02-29 15:22 - 2024-03-01 04:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellar Data Recovery
2024-02-29 15:22 - 2024-03-01 04:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2024-02-29 15:22 - 2024-03-01 04:05 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2024-02-29 15:21 - 2024-03-01 04:05 - 000000000 ____D C:\Program Files\Stellar Data Recovery
2024-02-29 13:14 - 2024-02-29 13:14 - 000020072 _____ C:\Users\zelen\Downloads\[SkT]Windows_7_SP1_4v1_(x86)(9_2015)(CZ_SK).torrent
2024-02-29 12:59 - 2024-02-29 12:59 - 000038460 _____ C:\Users\zelen\Downloads\[SkT]Windows_7_32-bit_a_64-bit_-_Activated_DVD5.torrent
2024-02-29 10:23 - 2024-02-29 10:23 - 001432648 _____ (Akeo Consulting) C:\Users\zelen\Downloads\rufus-4.4.exe
2024-02-26 22:57 - 2024-02-26 22:57 - 000070612 _____ C:\Users\zelen\Downloads\101129_talkcmmntillu_p886.webp
2024-02-26 09:32 - 2024-02-26 09:32 - 000007110 _____ C:\Users\zelen\Downloads\1000126076-usedlost včetně valů a bývalého tvrziště.xlsx
2024-02-26 09:32 - 2024-02-26 09:32 - 000000000 ____D C:\Users\zelen\AppData\Roaming\NVIDIA
2024-02-25 18:10 - 2024-02-25 18:12 - 000000000 ____D C:\Users\zelen\Downloads\autodraha
2024-02-25 14:15 - 2024-02-25 14:15 - 000015478 _____ C:\Users\zelen\Downloads\[SkT]Windows_10Pro_2009.630_Lite.SE_ML_oprekin.com.iso.torrent
2024-02-24 16:27 - 2024-02-15 17:42 - 000121880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2024-02-24 16:25 - 2024-03-13 18:21 - 006033568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2024-02-24 14:58 - 2024-02-24 14:58 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2024-02-24 14:55 - 2024-03-13 18:22 - 006946400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-03-25 17:21 - 2021-02-03 17:21 - 000000000 ____D C:\Program Files (x86)\Steam
2024-03-25 17:02 - 2021-02-27 19:20 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-03-25 16:16 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-03-25 15:03 - 2020-06-04 20:09 - 000000000 ____D C:\ProgramData\NVIDIA
2024-03-25 15:00 - 2023-04-27 19:58 - 000000000 ____D C:\Users\zelen\AppData\Local\LogiBolt
2024-03-25 15:00 - 2021-05-17 18:28 - 000000000 ____D C:\Users\zelen\AppData\Roaming\Messenger
2024-03-25 15:00 - 2021-03-26 01:09 - 000002328 _____ C:\Users\zelen\Desktop\MSI companion.lnk
2024-03-25 15:00 - 2021-03-26 01:08 - 000000000 ____D C:\Users\zelen\AppData\Local\Overwolf
2024-03-25 02:58 - 2021-03-03 03:34 - 000000000 ____D C:\Users\zelen\AppData\Roaming\FileZilla
2024-03-24 19:43 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-03-24 19:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-03-23 04:36 - 2022-02-18 00:11 - 000000000 ____D C:\Program Files\RUXIM
2024-03-22 15:43 - 2022-05-11 17:41 - 000659932 _____ C:\WINDOWS\system32\perfh005.dat
2024-03-22 15:43 - 2022-05-11 17:41 - 000136202 _____ C:\WINDOWS\system32\perfc005.dat
2024-03-22 15:43 - 2021-02-27 19:28 - 001562480 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-03-22 15:43 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-03-22 15:36 - 2021-05-19 08:18 - 000003108 _____ C:\WINDOWS\system32\Tasks\NahimicTask32
2024-03-22 15:36 - 2021-05-19 08:18 - 000003088 _____ C:\WINDOWS\system32\Tasks\NahimicTask64
2024-03-22 15:36 - 2021-02-27 19:24 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-03-21 21:24 - 2021-12-17 20:16 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-03-21 21:24 - 2021-02-03 16:08 - 000002214 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-03-21 21:24 - 2021-02-03 16:08 - 000002173 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-03-21 17:07 - 2021-02-03 16:48 - 000000000 ____D C:\Users\zelen\AppData\Local\NVIDIA
2024-03-20 20:19 - 2021-02-05 14:16 - 000002331 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2024-03-20 20:19 - 2021-02-05 14:16 - 000002290 _____ C:\Users\Public\Desktop\Brave.lnk
2024-03-19 19:19 - 2021-03-10 20:51 - 000000000 ____D C:\Users\zelen\AppData\Local\babl-0.1
2024-03-19 19:18 - 2021-02-03 18:23 - 000000000 ____D C:\Users\zelen\AppData\Local\CrashDumps
2024-03-19 19:15 - 2021-02-03 19:00 - 000000000 ____D C:\Users\zelen\AppData\Roaming\vlc
2024-03-19 19:10 - 2021-02-03 18:59 - 000000883 _____ C:\Users\Public\Desktop\VLC media player.lnk
2024-03-18 19:05 - 2021-05-17 18:28 - 000000000 ____D C:\Users\zelen\AppData\Local\Messenger
2024-03-18 19:05 - 2021-02-03 15:55 - 000000000 ___SD C:\Users\zelen\AppData\Roaming\Microsoft\Credentials
2024-03-18 15:54 - 2022-03-19 08:33 - 000000000 ____D C:\ProgramData\AVG
2024-03-18 15:00 - 2021-02-03 17:22 - 000000000 ____D C:\Users\zelen\AppData\Local\Steam
2024-03-17 15:45 - 2021-02-03 16:01 - 000000000 ____D C:\Users\zelen\AppData\Local\Packages
2024-03-17 15:45 - 2020-06-04 20:08 - 000000000 ____D C:\ProgramData\Package Cache
2024-03-17 15:45 - 2019-10-30 14:46 - 000000000 ____D C:\ProgramData\Packages
2024-03-17 15:44 - 2021-02-03 16:05 - 000000000 ____D C:\Users\zelen\AppData\Local\PlaceholderTileLogoFolder
2024-03-17 09:54 - 2021-02-03 18:10 - 000000000 ____D C:\Users\zelen\AppData\Local\D3DSCache
2024-03-16 09:28 - 2022-09-18 05:44 - 000000000 ____D C:\Users\zelen\.VirtualBox
2024-03-16 01:29 - 2021-02-03 15:50 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-03-16 01:29 - 2021-02-03 15:50 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-03-15 19:57 - 2024-02-17 02:58 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_4.dll
2024-03-15 19:57 - 2022-10-22 20:36 - 000108136 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2024-03-15 19:57 - 2022-10-22 20:36 - 000075368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2024-03-15 19:57 - 2021-11-19 05:11 - 000206440 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2024-03-15 19:57 - 2021-02-03 16:22 - 000145000 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2024-03-15 19:57 - 2021-02-03 16:17 - 002709096 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2024-03-15 19:57 - 2021-02-03 16:17 - 000706152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2024-03-15 19:57 - 2021-02-03 16:17 - 000218728 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2024-03-15 19:45 - 2022-09-18 05:44 - 000000000 ____D C:\ProgramData\VirtualBox
2024-03-14 15:11 - 2021-03-26 01:09 - 000000000 ____D C:\Program Files (x86)\Overwolf
2024-03-13 18:30 - 2021-03-06 10:50 - 000000000 ____D C:\Users\zelen\.bluefish
2024-03-13 18:30 - 2021-02-27 19:21 - 000000000 ____D C:\Users\zelen
2024-03-13 15:19 - 2020-06-04 20:09 - 000000000 ____D C:\ProgramData\Intel
2024-03-13 05:30 - 2023-03-16 03:54 - 000644104 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-03-13 05:30 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-03-13 05:29 - 2021-02-27 18:04 - 000000000 ___SD C:\WINDOWS\SysWOW64\lxss
2024-03-13 05:29 - 2021-02-27 18:04 - 000000000 ___SD C:\WINDOWS\system32\lxss
2024-03-13 05:29 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-03-13 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-03-13 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-03-13 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-03-13 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-03-13 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-03-13 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-03-13 05:29 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2024-03-13 04:47 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-03-13 04:33 - 2021-02-04 09:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-03-13 04:33 - 2020-06-04 20:28 - 000000000 ____D C:\MSI
2024-03-13 04:27 - 2021-02-04 09:07 - 190470136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-03-12 19:06 - 2020-06-04 20:31 - 000000000 ____D C:\ProgramData\MSI
2024-03-12 19:04 - 2021-02-27 19:24 - 000000000 ____D C:\WINDOWS\system32\Tasks\Intel
2024-03-12 19:04 - 2020-06-04 20:08 - 000000000 ____D C:\Program Files\Intel
2024-03-11 04:30 - 2021-09-04 10:38 - 000000000 ____D C:\ESD
2024-03-08 17:19 - 2021-03-10 20:57 - 000000000 ____D C:\Users\zelen\AppData\Local\gtk-2.0
2024-03-07 19:10 - 2021-05-14 21:36 - 000000000 ____D C:\Users\zelen\AppData\Local\ElevatedDiagnostics
2024-03-06 18:33 - 2021-03-10 06:38 - 000000000 ____D C:\Users\zelen\AppData\Roaming\Mobirise
2024-03-05 15:24 - 2021-02-27 19:24 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-03-05 15:24 - 2021-02-27 19:24 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-03-04 23:17 - 2021-02-21 20:14 - 000000000 ____D C:\ProgramData\Transmission
2024-03-04 18:48 - 2021-03-10 06:38 - 000000963 _____ C:\Users\Public\Desktop\Mobirise.lnk
2024-03-04 18:48 - 2021-03-10 06:38 - 000000963 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobirise.lnk
2024-03-04 18:48 - 2021-03-10 06:38 - 000000000 ____D C:\Users\zelen\AppData\Local\mobirise-updater
2024-03-04 05:27 - 2019-12-07 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2024-03-04 05:26 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2024-03-04 05:26 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2024-03-04 05:26 - 2019-12-07 15:41 - 000000000 ____D C:\WINDOWS\system32\cs
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2024-03-04 01:11 - 2019-12-07 15:44 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2024-03-04 01:11 - 2019-12-07 15:44 - 000020827 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2024-03-04 01:11 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2024-03-04 01:11 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2024-03-04 01:10 - 2024-02-22 19:27 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\CodeIntegrityAggregator.dll
2024-03-04 01:10 - 2024-02-22 19:27 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AutomaticAppSignInPolicy.dll
2024-03-04 01:10 - 2024-02-22 19:27 - 000034112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DiagnosticDataSettings.dll
2024-03-04 01:10 - 2024-02-22 19:26 - 000849280 _____ C:\WINDOWS\system32\aemarebackup.dll
2024-03-04 01:10 - 2024-02-22 19:26 - 000741376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccount.TokenProvider.Core.dll
2024-03-04 01:10 - 2024-02-22 19:26 - 000225280 _____ C:\WINDOWS\system32\CloudIdWxhExtension.dll
2024-03-04 01:10 - 2024-02-22 19:26 - 000104448 _____ C:\WINDOWS\system32\CloudExperienceHostRedirection.dll
2024-03-04 01:10 - 2024-02-22 19:26 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AutomaticAppSignInPolicy.dll
2024-03-03 23:36 - 2021-02-21 20:13 - 000000000 ____D C:\Users\zelen\AppData\Local\transmission
2024-03-03 18:10 - 2022-09-17 05:05 - 000000000 ____D C:\Users\zelen\AppData\Local\Bluestacks
2024-03-03 18:10 - 2021-03-26 01:09 - 000000000 ____D C:\Users\zelen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2024-03-03 15:51 - 2023-02-07 06:22 - 000000206 _____ C:\Users\zelen\Downloads\rufus.ini
2024-02-29 13:44 - 2023-02-07 06:40 - 000000000 ____D C:\Users\zelen\Downloads\Rufus
2024-02-24 16:29 - 2020-06-04 20:09 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
==================== Files in the root of some directories ========
2022-03-20 17:01 - 2022-03-20 17:04 - 000108928 _____ () C:\Program Files (x86)\CMS Setup Log.txt
2022-02-05 10:29 - 2022-05-07 08:07 - 000034269 _____ () C:\Program Files (x86)\DiskPlayer Setup Log.txt
2022-02-05 10:30 - 2022-02-05 10:30 - 000007597 _____ () C:\Program Files (x86)\DiskPlayer Uninstall Log.txt
2021-08-04 15:16 - 2021-08-04 18:04 - 000000012 _____ () C:\Users\zelen\AppData\Roaming\2457fe3357cbf1220231e8917326f70f
2021-08-04 15:28 - 2021-08-04 15:28 - 000000012 _____ () C:\Users\zelen\AppData\Roaming\67fa1b1ba5b0ed2fad9c840a61e47ada
2023-08-07 17:34 - 2023-09-11 14:58 - 000000016 _____ () C:\Users\zelen\AppData\Roaming\msregsvv.dll
2021-03-06 10:21 - 2021-03-06 10:21 - 000000128 _____ () C:\Users\zelen\AppData\Local\PUTTY.RND
2024-03-13 18:30 - 2024-03-13 18:30 - 000005838 _____ () C:\Users\zelen\AppData\Local\recently-used.xbel
2021-03-25 01:01 - 2021-03-25 01:01 - 000000017 _____ () C:\Users\zelen\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25.03.2024
Ran by zelen (25-03-2024 17:33:33)
Running from C:\Users\zelen\Desktop
Microsoft Windows 10 Home Version 22H2 19045.4170 (X64) (2021-02-27 18:24:51)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2953557184-4198598645-1749663361-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2953557184-4198598645-1749663361-503 - Limited - Disabled)
Guest (S-1-5-21-2953557184-4198598645-1749663361-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2953557184-4198598645-1749663361-504 - Limited - Disabled)
Zedko (S-1-5-21-2953557184-4198598645-1749663361-1002 - Limited - Enabled) => C:\Users\Zedko
zelen (S-1-5-21-2953557184-4198598645-1749663361-1001 - Administrator - Enabled) => C:\Users\zelen
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Security (Enabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516}
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {26E0861C-6FB9-CEF9-E4F0-531986211ACE}
FW: ESET Firewall (Enabled) {E7B06BEE-DEA6-20D2-58F2-0EB69C7B826D}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}
FW: ESET Firewall (Enabled) {1EDB0739-25D6-CFA1-CFAF-FA2C78F25DB5}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
3StepIcon version 1.0.0 (HKLM-x32\...\{44F8E787-21B1-4EED-83A7-37C6998D6F6D}_is1) (Version: 1.0.0 - )
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
7-Zip 22.01 (x64 edition) (HKLM\...\{23170F69-40C1-2702-2201-000001000000}) (Version: 22.01.00.0 - Igor Pavlov)
AmpliTube 5 version 5.7.0 (HKLM\...\{D831D61F-EBF5-4158-AEE1-F58A7B8C04C8}_is1) (Version: 5.7.0 - IK Multimedia)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.15 - tippach engineering)
AVG TuneUp (HKLM\...\AVG TuneUp) (Version: 23.4.15807.8938 - AVG)
balenaEtcher 1.10.6 (HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b) (Version: 1.10.6 - Balena Inc.)
Bluefish 2.2.12 (HKLM-x32\...\Bluefish) (Version: 2.2.12 - The Bluefish Developers)
BlueStacks X (HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\BlueStacks X) (Version: 0.18.30.9 - BlueStack Systems, Inc.)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 123.1.64.109 - Autoři prohlížeče Brave)
cFosSpeed 12.01 (HKLM\...\cFosSpeed) (Version: 12.01 - cFos Software GmbH, Bonn)
CMS (HKLM-x32\...\CMS) (Version: - )
DiskPlayer (HKLM-x32\...\DiskPlayer) (Version: - )
Documentation Manager (HKLM\...\{ECFBCE39-F4EE-43C7-8EE7-D28EE703617D}) (Version: 21.90.0.9 - Intel Corporation) Hidden
Dogecoin (HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\Dogecoin) (Version: 1.5.1.0 - Dogecoin)
Dynamic Application Loader Host Interface Service (HKLM\...\{9958AC82-2FDD-4124-9A9E-6699BBD044CC}) (Version: 1.0.0.0 - Intel Corporation) Hidden
EmbeddedIQ Searchmonkey version 3.2.0 (HKLM\...\{89CAA77F-6F11-476C-BA53-3AEA14214E1E}_is1) (Version: 3.2.0 - EmbeddedIQ)
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.3.31 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{cb8809b0-c2ad-40f3-80c7-8ebf6c6f8f63}) (Version: 1.0.3.31 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.9.10 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{7c1089bb-6d30-4461-a52c-65839a41d745}) (Version: 1.0.9.10 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_X-JMI_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.5.1 - ENE Tech) Hidden
ENE_X-JMI_HAL (HKLM-x32\...\{50ec3a07-291b-463e-be86-487eb8cbb71c}) (Version: 1.0.5.1 - ENE Tech) Hidden
Epic Games Launcher (HKLM-x32\...\{209F4B4B-3DF2-4825-9906-D4D6A80EC09E}) (Version: 1.3.0.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
ESET Security (HKLM\...\{C8113C9E-3025-4DC5-89E8-71F7C080967A}) (Version: 17.0.16.0 - ESET, spol. s r.o.)
FileZilla 3.66.5 (HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\FileZilla Client) (Version: 3.66.5 - Tim Kosse)
G-EXTRACTOR V.18 INBUILT BROWSER (HKLM-x32\...\{5E64E6DF-BD28-4FCA-B6A1-C795994ADC21}) (Version: 18.0.0 - Tiger Vikram)
GIMP 2.10.32 (HKLM\...\GIMP-2_is1) (Version: 2.10.32 - The GIMP Team)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 122.0.6261.131 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.101.0 - Google LLC) Hidden
HDR projects 5 (64-Bit) (HKLM\...\HDR_PROJECTS_5_2_3BF7CE82_is1) (Version: 5.52 - Franzis Verlag GmbH)
honestech VHS to DVD 3.0 SE (HKLM-x32\...\{2856F5EA-E98A-40E4-BAD6-8C644A4A3F3C}) (Version: 3.0 - honestech)
iDealshare VideoGo 6.5.0.7675 (HKLM-x32\...\{CC4C06C4-7C78-4AAB-B5AF-33FB11CCD850}_is1) (Version: - iDealshare Corporation)
IK Product Manager 1.0.5 (HKLM\...\a401809f-3509-5ed7-a6dc-34dc618bf372) (Version: 1.0.5 - IK Multimedia)
Intel(R) Extreme Tuning Utility (HKLM-x32\...\{96d90b75-794d-49b2-9c6a-fb35a86c32a1}) (Version: 7.3.0.33 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM\...\{9796DAAB-D3AD-4FA4-B8F3-6061DBBE1352}) (Version: 10.1.18295.8201 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{b666e502-9089-483b-9816-0774ccc9cb61}) (Version: 10.1.18295.8201 - Intel(R) Corporation)
Intel(R) Icls (HKLM\...\{8A72FDBD-8AD3-4C27-9A60-FF2837337B71}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) LMS (HKLM\...\{5DD7767A-9935-45D3-A012-5F4707E93AC5}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2007.14.0.1488 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{80C61169-91EF-4104-BECD-CF58486979A3}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{DA32477F-B10F-4028-A351-98B464F34A2F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{3C4E6ADF-F07E-4B2B-A674-959EE7CFB887}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000080-0210-1033-84C8-B8D95FA3C8C3}) (Version: 21.80.0.3 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{71e5eda7-14f9-4a67-b930-17e31afe19be}) (Version: 21.90.0.9 - Intel Corporation) Hidden
IPCam Admin 3.0.4 (HKLM-x32\...\IPCam Admin Utility_is1) (Version: - OvisLink Technologies Corp.)
IPCam Surveillance Software 3.0.0.8 (HKLM-x32\...\IPCam Surveillance Software_is1) (Version: - OvisLink Technologies Corp.)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Java(TM) SE Development Kit 11.0.11 (64-bit) (HKLM\...\{7383FAC9-7481-5A92-A58B-85830D7B2AD3}) (Version: 11.0.11.0 - Oracle Corporation)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-IE) (HKLM-x32\...\{998D5259-3BED-4710-98FF-D63387B5429E}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-NZ) (HKLM-x32\...\{07FC9CAD-FCEC-4186-BB83-EF7CCC9372BA}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
K-Lite Codec Pack 17.6.6 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 17.6.6 - KLCP)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LibreOffice 7.3.7.2 (HKLM\...\{1CC94CCB-0957-4A62-8B29-D215EDF8D483}) (Version: 7.3.7.2 - The Document Foundation)
Logi Bolt (HKLM\...\LogiBolt) (Version: 1.2.6024.0 - Logi)
Logitech Options (HKLM\...\LogiOptions) (Version: 9.70.68 - Logitech)
Messenger (HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\c1b3adcf-2068-5e8d-b25d-30ce588e3a4c) (Version: 182.0.455264854 - Facebook, Inc.)
Microsoft .NET Host - 8.0.3 (x64) (HKLM\...\{0511E062-77E0-4F80-ABA3-0F99B9EF8C4B}) (Version: 64.12.10343 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.3 (x64) (HKLM\...\{E79D3B29-C9A2-42D5-8703-85B73C452D8B}) (Version: 64.12.10343 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.3 (x64) (HKLM\...\{D98088DE-EDA4-4E1A-BF0F-ED9A9145CC70}) (Version: 64.12.10343 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 122.0.2365.92 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 122.0.2365.92 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2953557184-4198598645-1749663361-1002\...\OneDriveSetup.exe) (Version: 24.015.0121.0003 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-IN) (HKLM-x32\...\{3B06AC90-DE68-44A9-95EB-0A3C1AF1514F}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{8e24fb65-31aa-446d-9c3e-35c5e11cb367}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29913 (HKLM-x32\...\{03d1453c-7d5c-479c-afea-8482f406e036}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29913 (HKLM-x32\...\{572DCD10-CF2E-43D1-8151-8BD9AC9086D0}) (Version: 14.28.29913 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29913 (HKLM-x32\...\{6236EBBD-F50F-40B3-B819-8DB0C608308C}) (Version: 14.28.29913 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.3 (x64) (HKLM\...\{CE0906F2-6C11-4A2B-880B-AFB92474B13E}) (Version: 64.12.10377 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.3 (x64) (HKLM-x32\...\{fb8f4657-2b60-4298-b83e-aaccb07ef793}) (Version: 8.0.3.33416 - Microsoft Corporation)
Mobirise 5.9.13 (HKLM-x32\...\a651c295-23f6-5815-8016-69ff822d3275) (Version: 5.9.13 - Mobirise.com)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 94.0.2 (x64 cs)) (Version: 94.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 91.0.2 - Mozilla)
MSI App Player (HKLM\...\BlueStacks_msi2) (Version: 4.80.5.1004 - BlueStack Systems, Inc.)
MSI companion (HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\Overwolf_ddlhcmnbjcondncokaaocnpbhbmhchohknbhpnbd) (Version: 2.0.39 - Overwolf app)
MSI SDK (HKLM-x32\...\{EE7D557C-3AE7-4348-8DCA-3A89790D0002}}_is1) (Version: 2.2021.1110.01 - MSI)
Node.js (HKLM\...\{A5930352-39BC-48D0-9F6D-38B984914E5D}) (Version: 14.18.0 - Node.js Foundation)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 551.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 551.86 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Oracle VM VirtualBox 6.1.40 (HKLM\...\{43A0F3F1-1A26-43F3-ABD6-30E8A54D407E}) (Version: 6.1.40 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.115.51547 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.242.1.6 - Overwolf Ltd.)
Paragon Hard Disk Manager™ 25 Anniversary LE (HKLM\...\{14EEF044-2FC6-40AA-9285-F430B3D90EF6}) (Version: 17.10.2.5049 - Paragon Software) Hidden
Paragon Hard Disk Manager™ 25 Anniversary LE (HKLM-x32\...\{f541ba6a-92bf-466b-b956-5efa58ffe017}) (Version: 17.10.2.5049 - Paragon Software GmbH)
Paragon UIM (HKLM\...\{06B4D67B-9ECB-41E5-B4C1-92F529BB703D}) (Version: 24.65.0.487 - Paragon Software) Hidden
Poedit (HKLM-x32\...\{68EB2C37-083A-4303-B5D8-41FA67E50B8F}_is1) (Version: 3.0.1 - Vaclav Slavik)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8931.1 - Realtek Semiconductor Corp.)
SecondLifeViewer (HKLM\...\SecondLifeViewer) (Version: 6.4.22.561752 - Linden Research, Inc.)
Služba Xperia Companion (HKLM\...\{0BFCDF65-FA11-431A-B059-4F58984C0D80}) (Version: 2.12.4.0 - Sony) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stellar Data Recovery (HKLM\...\Stellar Data Recovery_is1) (Version: 11.0.0.5 - Stellar Information Technology Pvt Ltd.)
Telegram Desktop (HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.11.1 - Telegram FZ-LLC)
Transmission 3.00 (bb6b5a062e) (HKLM-x32\...\{E98621B6-AA42-4390-93AF-4C3D2C557258}) (Version: 3.00.0 - Transmission Project)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 119.0.10382 - Ubisoft)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{B9A7A138-BFD5-4C73-A269-F78CCA28150E}) (Version: 8.94.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{9c94735f-73fd-4b0f-9ddb-8be7b3cc4681}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinToUSB verze 5.8 (HKLM\...\WinToUSB_is1) (Version: 5.8 - Hasleo Software.)
WonderFox DVD Video Converter 25.8 (HKLM-x32\...\WonderFox DVD Video Converter) (Version: 25.8 - WonderFox Soft, Inc.)
Xperia Companion (HKLM-x32\...\{8CE04ADB-E536-480B-B61F-9D16C6392A0D}) (Version: 2.12.4.0 - Sony) Hidden
Chrome apps:
============
Google Password Manager (HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\0e3d311605493bd78ad4c7dcd1baa0c3) (Version: 1.0 - Google\Chrome)
Packages:
=========
7-Zip File Manager (Unofficial) -> C:\Program Files\WindowsApps\HaukeGtze.7-ZipFileManagerUnofficial_1.2201.1.0_x64__6bk20wvc8rfx2 [2022-12-30] (Hauke Hasselberg)
AudioDirector for MSI -> C:\Program Files\WindowsApps\CyberLink.AudioDirectorforMSI_7.0.9105.0_x64__jtmmp2jxy9gb6 [2023-10-21] (CyberLink)
ColorDirector for MSI -> C:\Program Files\WindowsApps\CyberLink.ColorDirectorforMSI_5.0.8107.0_x64__jtmmp2jxy9gb6 [2023-10-21] (CyberLink)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.21.269.0_x64__rz1tebttyb220 [2024-03-21] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-10-28] (Microsoft Corporation)
DragonCenter -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.121.0_x64__kzh8wxbdkxb8p [2023-10-21] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
GEDCOM Validator -> C:\Program Files\WindowsApps\5864ChronoplexSoftware.GEDCOMValidator_10.0.2.0_x64__cfn0exghkdxkm [2024-03-17] (Chronoplex Software)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_2070.12.228.0_x64__8xx8rvfyw5nnt [2024-03-16] (Meta) [Startup Task]
Microsoft Jigsaw -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJigsaw_2.7.1181.0_x86__8wekyb3d8bbwe [2024-02-08] (Microsoft Studios)
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_4.5.2130.0_x64__8wekyb3d8bbwe [2024-02-29] (Microsoft Studios) [MS Ad]
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.3012.0_x64__8wekyb3d8bbwe [2023-10-21] (Microsoft Corporation)
Microsoft Sudoku -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSudoku_2.9.2291.0_x64__8wekyb3d8bbwe [2024-03-11] (Microsoft Studios) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2023-10-21] (MAGIX)
Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.9.22.0_x64__w2gh52qy24etm [2023-10-21] (A-Volute)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-17] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2024-03-21] (NVIDIA Corp.)
PhotoDirector 10 Essential for MSI -> C:\Program Files\WindowsApps\CyberLink.PhotoDirector10EssentialforMSI_10.0.2326.0_x64__jtmmp2jxy9gb6 [2023-10-21] (CyberLink)
PowerDirector 17 Essential for MSI -> C:\Program Files\WindowsApps\CyberLink.PowerDirector17EssentialforMSI_17.0.2712.0_x64__jtmmp2jxy9gb6 [2023-10-21] (CyberLink)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.38.277.0_x64__dt26b99r8h8gj [2023-10-21] (Realtek Semiconductor Corp)
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.617.655.0_x64__55nm5eh3cm0pr [2024-03-24] (Roblox Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.19.1262.0_x64__8wekyb3d8bbwe [2024-02-08] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0 [2024-03-22] (Spotify AB) [Startup Task]
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2024-02-01] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2953557184-4198598645-1749663361-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\zelen\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute)
CustomCLSID: HKU\S-1-5-21-2953557184-4198598645-1749663361-1001_Classes\CLSID\{FD848478-65F5-4F01-ACD9-69195EC3631F}\localserver32 -> C:\Program Files\cFosSpeed\cfosspeed.exe (cFos Software GmbH -> cFos Software GmbH)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-01-24] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-01-24] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_509c7440ad905b9c\nvshext.dll [2024-03-13] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-01-24] (ESET, spol. s r.o. -> ESET)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\zelen\Desktop\David - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\zelen\Desktop\Google Developers.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=nbijalpneffngbkfkdikjeolmphefghm
ShortcutWithArgument: C:\Users\zelen\Desktop\Google Password Manager.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\zelen\Desktop\Kalendář akcí Luděk Blovský.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=dgbchiokgdepijhnlecgdhbbnocdkcep
ShortcutWithArgument: C:\Users\zelen\Desktop\YouTube Music.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cinhimbnkkaeohfgghhklpknlkffjgod
ShortcutWithArgument: C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_kajebgjangihfbkjfejcanhanjmmbcfd\Google Password Manager.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Authy.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gaedmjdfmmahhbjefcbgaolhhanlaolb
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Google Developers.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=nbijalpneffngbkfkdikjeolmphefghm
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Google Password Manager.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Kalendář akcí Luděk Blovský.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=dgbchiokgdepijhnlecgdhbbnocdkcep
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\WavesLiteApp.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kfmcaklajknfekomaflnhkjjkcjabogm
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Web Server for Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ofhbbkphhbklhfoeikjpcbhemlocgigb
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube Music.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cinhimbnkkaeohfgghhklpknlkffjgod
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Password Manager.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Password Manager.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\c8d89645c188b327\Instant Data Scraper.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ofaokhiedipichpaobibbnahnkdoiiah
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\6ddfdda7e648aa1f\MetaMask.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=nkbihfbeogaeaoehlefnkodbefgpgknn
==================== Loaded Modules (Whitelisted) =============
2020-06-04 20:28 - 2005-07-19 04:43 - 000160256 _____ () [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Support\unrar.dll
2020-06-04 20:31 - 2018-11-23 07:01 - 000344576 _____ (A-Volute) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Voice Boost\YooMixCOM.dll
2024-03-12 19:05 - 2018-11-15 14:08 - 002200784 _____ (Dexin Corp -> MICRO-STAR INTERNATIONAL) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\IcMSIDll.dll
2023-11-20 15:14 - 2023-11-20 15:14 - 005855744 _____ (ESET, spol. s r.o. -> ESET) [File not signed] C:\Program Files\ESET\ESET Security\Modules\em045_64\1087\em045_64.dll
2022-07-15 18:00 - 2022-07-15 18:00 - 000094720 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2024-03-12 19:05 - 2018-08-31 07:26 - 000053760 _____ (MS) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\MsIo32_Galax.dll
2021-02-10 12:45 - 2021-12-22 21:03 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2021-02-10 12:45 - 2021-12-22 21:03 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2021-02-10 12:45 - 2021-12-22 21:03 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2022-11-05 09:35 - 2021-12-22 21:03 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2022-11-05 09:35 - 2021-12-22 21:03 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2022-11-05 09:35 - 2021-12-22 21:03 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2022-11-05 09:35 - 2021-12-22 21:03 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2022-11-05 09:35 - 2021-12-22 21:03 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2022-11-05 09:35 - 2021-12-22 21:03 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2024-03-12 19:05 - 2016-10-04 04:43 - 000399872 _____ (TODO: <公司名稱>) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Lib\SDKDLL.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\S-1-5-21-2953557184-4198598645-1749663361-1001 -> DefaultScope {5A1D52C7-4FE7-4767-8087-2D82AFE80702} URL =
SearchScopes: HKU\S-1-5-21-2953557184-4198598645-1749663361-1001 -> {5A1D52C7-4FE7-4767-8087-2D82AFE80702} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2021-06-27] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2021-06-27] (Oracle America, Inc. -> Oracle Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2021-02-07 21:16 - 2023-10-17 17:48 - 000000526 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
0 606
192.168.137.1 DESKTOP-2K8AIVB.mshome.net # 2028 10 0 15 16 48 45 925
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Git\cmd;C:\Program Files\nodejs\;C:\Program Files\dotnet\
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\zelen\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\wallpaper_msi.jpg
HKU\S-1-5-21-2953557184-4198598645-1749663361-1002\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Wi-Fi: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)
VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
VirtualBox Host-Only Network: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\StartupApproved\Run: => "GogGalaxy"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\StartupApproved\Run: => "SharewareOnSale Notifier"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\StartupApproved\Run: => "XperiaCompanionAgent"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\StartupApproved\Run: => "Software Informer"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{A7F94DF6-8AAD-4DC6-84DF-DD94640F1D24}C:\program files (x86)\transmission\transmission-qt.exe] => (Allow) C:\program files (x86)\transmission\transmission-qt.exe (SignPath Foundation -> Transmission Project)
FirewallRules: [TCP Query User{2016545F-F445-4436-A8B9-0488AB8B1B29}C:\program files (x86)\transmission\transmission-qt.exe] => (Allow) C:\program files (x86)\transmission\transmission-qt.exe (SignPath Foundation -> Transmission Project)
FirewallRules: [UDP Query User{A02AF340-9084-41C2-8F5D-0096DD51FA24}C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe] => (Allow) C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe => No File
FirewallRules: [TCP Query User{BD733FF3-1232-431E-B935-3AAF844C1639}C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe] => (Allow) C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe => No File
FirewallRules: [{783FBF56-AA5D-41E1-B3DF-E506462E35AD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{BC007AE8-B798-4DCB-B46D-8ABF06EE1E81}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{DC1C63FA-C7E8-49BC-9B11-41E75E4AB409}C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe] => (Allow) C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe => No File
FirewallRules: [TCP Query User{CABFD30B-7FE1-48F8-9C24-A40EFEA785C4}C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe] => (Allow) C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe => No File
FirewallRules: [UDP Query User{F8A4C2F7-56E2-45A5-AF0D-C04A0B3BE0E2}C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe] => (Allow) C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe => No File
FirewallRules: [TCP Query User{7E7F907D-BA23-4C05-A070-4B74A546581A}C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe] => (Allow) C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe => No File
FirewallRules: [{CEE77283-FE72-47BF-A2CD-AE08086E2654}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{875F819F-AAD0-4008-BB6F-5BE6F2F10D64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{BFCC9E9D-2493-4780-B5E8-EB694098797F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [{F1876F77-1677-463E-AF35-986A75BADE88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [UDP Query User{417B87DF-C840-49D0-B781-B482097B2D99}C:\program files\secondlifeviewer\llplugin\dullahan_host.exe] => (Allow) C:\program files\secondlifeviewer\llplugin\dullahan_host.exe (Linden Research Inc -> )
FirewallRules: [TCP Query User{4CBB2619-B8EE-4A0E-B035-48B0988DEB0F}C:\program files\secondlifeviewer\llplugin\dullahan_host.exe] => (Allow) C:\program files\secondlifeviewer\llplugin\dullahan_host.exe (Linden Research Inc -> )
FirewallRules: [UDP Query User{7D7F53D1-5BBE-4CDB-BACC-C6BFDC601242}C:\program files\secondlifeviewer\slvoice.exe] => (Allow) C:\program files\secondlifeviewer\slvoice.exe () [File not signed]
FirewallRules: [TCP Query User{25671E71-F1CD-42D1-91B4-14D49A2D23F9}C:\program files\secondlifeviewer\slvoice.exe] => (Allow) C:\program files\secondlifeviewer\slvoice.exe () [File not signed]
FirewallRules: [{DF4C2535-A077-4BD4-9E1C-C427F953431D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{07579DC1-996F-4F94-B404-93D3CFEFA65D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B656C835-D43D-4332-A195-5A56E2A1A687}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3EF97105-8594-422A-AB76-8E5731A7B2FC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{6EA658D7-F5C6-4670-90FE-AAF469D1E3FC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F83FE58E-28BA-4912-9A6D-290338C3EF2D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{2F580671-3688-462B-9D95-790FFE0DC5CF}D:\program files\android\android studio\jre\bin\java.exe] => (Allow) D:\program files\android\android studio\jre\bin\java.exe => No File
FirewallRules: [UDP Query User{DDBFA49E-60A3-4488-BE92-8C1F48663868}D:\program files\android\android studio\jre\bin\java.exe] => (Allow) D:\program files\android\android studio\jre\bin\java.exe => No File
FirewallRules: [{9B465E64-FA8F-49D2-8ED5-0BD3718EB7DF}] => (Allow) D:\SteamLibrary\steamapps\common\GALAXIUM\GALAXIUM.exe () [File not signed]
FirewallRules: [{9A25DD1A-57A7-420F-BEFD-ADDA4A8073BA}] => (Allow) D:\SteamLibrary\steamapps\common\GALAXIUM\GALAXIUM.exe () [File not signed]
FirewallRules: [{9A1D5291-8B49-434F-A587-94725127E2EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT Rally 2.0\dirtrally2.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{1D8A7CE9-0F20-4F46-9657-33C6C73E8807}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT Rally 2.0\dirtrally2.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{ACAD00D9-DCF8-4F2C-817C-895F2E3F77C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Intergalactic Bubbles\Intergalactic Bubbles.exe () [File not signed]
FirewallRules: [{7A0D71B3-33B9-46D7-992A-1F43AD135D0D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Intergalactic Bubbles\Intergalactic Bubbles.exe () [File not signed]
FirewallRules: [{C048214A-89D8-42B2-9011-EA213F0DD198}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe => No File
FirewallRules: [{F4004CF2-5A1E-45CC-9749-DC4923AF4F18}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1878C184-556A-4A24-B637-95474C5B4901}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5E245D6D-95BA-4DCB-B82C-A8ABAA5B3DD0}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{8F93317B-8970-49A3-B685-83A5F1794CAC}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{EC639165-1E19-47BE-8559-63422BEFF31D}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{A1A60BF8-3687-4421-B91C-68E7E13259B0}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{78B71DE3-87F2-4C49-AC3A-FBC822D9BEAC}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{FE982B74-1D68-4373-84EE-3F8DA7F29025}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{EC806B71-0A28-4DE4-9DFB-FBCCF68B8E83}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{63988F87-1F05-4392-9F38-22A4D8D9B478}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{9FD47D40-2148-440D-AC2D-415E35FEDA3F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [{8A293FCE-D369-433B-9A1A-8A45854B57E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [{29055C62-DB32-4522-897E-9AB522E923F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{9B88F1B3-EA4E-469E-9ADA-90682C7BA2E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{F7613889-0340-45B5-9AA1-DA77CD8DC1E2}] => (Allow) C:\Program Files (x86)\Origin Games\Need For Speed Hot Pursuit Remastered\NFS11Remastered.exe => No File
FirewallRules: [{36BE4E23-1370-482D-ABEA-4A7292763FA4}] => (Allow) C:\Program Files (x86)\Origin Games\Need For Speed Hot Pursuit Remastered\NFS11Remastered.exe => No File
FirewallRules: [{76FE24A5-4694-4216-840E-690DDE3A43D8}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{6283C9E0-EFE4-4EEF-9B11-77A3E0CB66A2}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{000B342C-81F1-41A5-B704-45809AA7F5C5}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{BCFD9621-95A2-4DEF-92A3-1894F76C9143}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{165A4F64-AC5A-4E14-AE75-901C6F208A5F}] => (Allow) C:\Program Files\AVG\TuneUp\TuneupUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{91FB25C6-6480-4D95-AC4E-AB6D475B9F1D}] => (Allow) C:\Program Files\AVG\TuneUp\TuneupUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{A1100A26-8604-4347-A6B2-2A37B577CC06}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.)
FirewallRules: [{9D489F3E-ACFC-43B1-B8F2-A6FE631E4F7A}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.)
FirewallRules: [{7EC1CF1C-7A8C-4424-85AA-4758B873D6FB}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => No File
FirewallRules: [{9EBF7898-9377-4DE0-9216-FC324E806EB2}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Game.exe => No File
FirewallRules: [{0B17498B-834B-4C4C-9D82-1DA023A6D11B}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Game.exe => No File
FirewallRules: [{E0F01AB7-3ECB-47D0-A916-397DFF9CC50A}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Setup.exe => No File
FirewallRules: [{E221EE32-9F52-4F12-89F7-88DFF3072D77}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Setup.exe => No File
FirewallRules: [{A71D04B6-26BF-4FDF-8DC5-C2A0BB14D056}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia\Mafia\Game.exe (Illusion Softworks) [File not signed]
FirewallRules: [{9A6DD132-7919-407D-A3D6-BCB2F7B2D4A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia\Mafia\Game.exe (Illusion Softworks) [File not signed]
FirewallRules: [{8AB27AE7-AC22-4F41-8762-C195EC48E72B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia\Mafia\Setup.exe () [File not signed]
FirewallRules: [{7B82B96C-2C01-4822-8097-483A8137AD9D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia\Mafia\Setup.exe () [File not signed]
FirewallRules: [{8CAA30C7-E97F-4B6D-8612-13F6AB7E2306}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{E4B6CDE3-7C8A-445D-A400-ECBBAE819603}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.106.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{95A72FAE-CF06-41DA-BEBC-71960F746594}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.106.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8BB518A9-3BDC-4481-9820-6EE157FE760C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.106.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{ED0F7D20-2308-47D1-BB44-32833E019320}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.106.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0B56FB99-3E30-4A32-A7CD-8EE8B0E6B616}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1147E0FD-8EA4-4C4C-98E0-8EE9CE1CD427}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5339570B-3507-415C-9D7C-CB4B2DC87CCF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8B80191B-5B6C-4E98-8153-187B86C47DF2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AA35A439-9D89-4C9B-B596-63A244F93635}] => (Allow) D:\SteamLibrary\steamapps\common\CoJ Gunslinger\CoJGunslinger.exe (TECHLAND SP Z O O -> Techland)
FirewallRules: [{B832FCEC-1B2E-4AF7-878D-C64F8A460A34}] => (Allow) D:\SteamLibrary\steamapps\common\CoJ Gunslinger\CoJGunslinger.exe (TECHLAND SP Z O O -> Techland)
FirewallRules: [{AB1E3E8E-229A-4082-9DB4-5722CFD909D2}] => (Allow) C:\Program Files (x86)\Overwolf\0.242.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{6EDABE47-1673-4F65-ACDD-794C13EB47DB}] => (Allow) C:\Program Files (x86)\Overwolf\0.242.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{AB7D0A2F-3962-4852-9880-01539C6DDF16}] => (Block) C:\Program Files (x86)\Overwolf\0.242.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{6479B68E-A9C4-4B18-8AB9-BC0CE9E32F70}] => (Block) C:\Program Files (x86)\Overwolf\0.242.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{AEA9A86B-6786-4F45-8244-1AD21640FEF4}] => (Allow) C:\Program Files (x86)\Overwolf\0.242.1.6\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{6DB1BBC4-2EEE-4125-8777-741DCDDD2102}] => (Allow) C:\Program Files (x86)\Overwolf\0.242.1.6\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{8B09D785-FFB7-47A7-836B-B53D691FD319}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E7C478DA-8BA1-4DA8-B273-63199A45ED60}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{3548183A-C0E0-445F-9961-0EC1F5B54F89}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{6DF90F74-C0D7-4A74-AFEA-E043F1960462}] => (Allow) LPort=32682
FirewallRules: [{D1DD1A97-4048-4AC9-BA47-98D014239516}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D20C8D57-BEF9-4436-A814-A82F4820622B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D83D4E71-1B0F-4046-A9C2-28A422EA6860}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4D1B32A3-3B05-46F0-B803-6A57A02F390E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D25786FC-038B-4D14-964C-ECAB1B92A1D6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{AB46ED76-7DF9-4D4C-829A-7F2A4DC9D52D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{897DB355-727E-40CF-ABE0-230FB13C643C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BF533279-0CD3-4FD8-AB85-C1086A5FCCF4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A4A56CCF-BCB8-4C5B-9E93-E023D66104FC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5317C6E4-1B0A-471D-887B-28DF43CBC615}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{81A92194-8567-4830-9DFE-441215A9EC6D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5E8E77AC-E8EC-40FC-9036-4B3DE433C47E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B644E846-A863-4202-8542-428ED7BF565B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D56932E4-D6F6-4ED8-9D01-C3A2E1288FD4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/22/2024 03:38:53 PM) (Source: SecurityCenter) (EventID: 19) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu AntiVirusProduct z úložiště dat.
Error: (03/22/2024 03:38:53 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu FirewallProduct z úložiště dat.
Error: (03/21/2024 07:00:33 PM) (Source: SecurityCenter) (EventID: 19) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu AntiVirusProduct z úložiště dat.
Error: (03/21/2024 07:00:33 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu FirewallProduct z úložiště dat.
Error: (03/21/2024 06:59:02 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: DESKTOP-2K8AIVB)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).
Error: (03/21/2024 06:18:03 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-2K8AIVB)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (03/20/2024 03:14:49 PM) (Source: SecurityCenter) (EventID: 19) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu AntiVirusProduct z úložiště dat.
Error: (03/20/2024 03:14:49 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu FirewallProduct z úložiště dat.
System errors:
=============
Error: (03/25/2024 03:00:13 PM) (Source: iaStorAC) (EventID: 4102) (User: )
Description: Error log: Smart event occured on disk :S266J90BA13291
Error: (03/25/2024 05:27:53 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2K8AIVB)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/25/2024 05:27:53 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2K8AIVB)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/25/2024 05:27:53 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2K8AIVB)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/25/2024 05:27:53 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2K8AIVB)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/25/2024 05:27:53 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2K8AIVB)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/25/2024 05:27:53 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2K8AIVB)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.
CodeIntegrity:
===============
Date: 2024-03-25 17:01:00
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 8.00 06/15/2020
Motherboard: Micro-Star International Co., Ltd. MS-B9331
Processor: Intel(R) Core(TM) i5-10400F CPU @ 2.90GHz
Percentage of memory in use: 40%
Total physical RAM: 16314.08 MB
Available physical RAM: 9732.8 MB
Total Virtual: 22458.08 MB
Available Virtual: 11242.86 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:286.16 GB) (Free:17.32 GB) (Model: WDC PC SN530 SDBPNPZ-512G-1032) NTFS
Drive d: (Data) (Fixed) (Total:167.39 GB) (Free:105.96 GB) (Model: WDC PC SN530 SDBPNPZ-512G-1032) NTFS
Drive h: (CCCOMA_X86FRE_CS-CZ_DV9) (Fixed) (Total:931.51 GB) (Free:393.5 GB) (Model: TOSHIBA MQ04ABF100 USB Device) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{631221af-abf1-4d6c-bd93-de9beb888025}\ (WINRE) (Fixed) (Total:0.78 GB) (Free:0.23 GB) NTFS
\\?\Volume{5356a5cb-377a-49ac-a83a-4eb5d0f3e331}\ (BIOS_RVY) (Fixed) (Total:22.37 GB) (Free:0.69 GB) NTFS
\\?\Volume{944a7564-3713-4d76-942c-e40bd8995cf5}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32
\\?\Volume{d6ecec97-76b8-4b1d-a1ac-c64506e9d8d6}\ () (Fixed) (Total:0.5 GB) (Free:0.49 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: C03A8003)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 596.2 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: 18BBE804)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Procesor stále pořád běží na 100%
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Procesor stále pořád běží na 100%
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Procesor stále pořád běží na 100%
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2024-03-04.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-25-2024
# Duration: 00:00:01
# OS: Windows 10 (Build 19045.4170)
# Cleaned: 2
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
Deleted C:\END
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\AVG Tuneup
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1496 octets] - [25/03/2024 18:14:09]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2024-03-04.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-25-2024
# Duration: 00:00:01
# OS: Windows 10 (Build 19045.4170)
# Cleaned: 2
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
Deleted C:\END
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\AVG Tuneup
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1496 octets] - [25/03/2024 18:14:09]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Procesor stále pořád běží na 100%
OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Procesor stále pořád běží na 100%
Zdá se, že je po problému. Procesor už neběží na plno a ventilátor se netočí stále hlučně na plno. Ohromný rozdíl, děkuji. Přikládám logy
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25.03.2024
Ran by zelen (administrator) on DESKTOP-2K8AIVB (Micro-Star International Co., Ltd. MAG H410 Infinite S (MS-B933)) (25-03-2024 19:09:17)
Running from C:\Users\zelen\Desktop\FRST64.exe
Loaded Profiles: zelen
Platform: Microsoft Windows 10 Home Version 22H2 19045.4170 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(A225F3B5-240D-4EE9-BCF4-697A07F5E93E -> Micro-Star INT'L CO., LTD.) C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.121.0_x64__kzh8wxbdkxb8p\DCv2\DCv2.exe
(A-Volute SAS -> A-Volute) C:\Users\zelen\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
(C:\Program Files (x86)\MSI\One Dragon Center\MSI.CentralServer.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\One Dragon Center\CC_Engine_x64.exe
(C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI.CentralServer.exe
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.242.1.6\OverwolfHelper.exe
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.242.1.6\OverwolfHelper64.exe
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\0.242.1.6\OverwolfBrowser.exe <4>
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Users\zelen\AppData\Local\Overwolf\ProcessCache\0.242.1.6\ddlhcmnbjcondncokaaocnpbhbmhchohknbhpnbd\MSI companion.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(explorer.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\TuneUp\TuneupUI.exe <4>
(explorer.exe ->) (Logitech Inc -> Logitech) C:\Program Files\Logi\LogiBolt\LogiBolt.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2402.1001.29.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\TuneUp\TuneupSvc.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (cFos Software GmbH -> cFos Software GmbH) C:\Program Files\cFosSpeed\spd.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_e43ec0fd38c7d43c\RstMwService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\FoundationService\MSIAPService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\One Dragon Center\Super_Charger\MSI_Super_Charger_Service.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_509c7440ad905b9c\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_550508a90a3c9a47\RtkAudUService64.exe <2>
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(svchost.exe ->) (21E1B422-257A-44A2-9C8F-379165856473 -> ) C:\Program Files\WindowsApps\A-Volute.Nahimic_1.9.22.0_x64__w2gh52qy24etm\Nahimic3.exe
(svchost.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicSvc64.exe
(svchost.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\SysWOW64\NahimicSvc32.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Windows.Media.BackgroundPlayback.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Speed Up\StorageMonitor.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\True Color\Old\MSI.True Color.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControlEngine.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\One Dragon Center\Voice Boost\ControlVoiceBoost.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_550508a90a3c9a47\RtkAudUService64.exe [1618320 2022-11-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [196264 2024-01-24] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\AVG\TuneUp\TuneupUI.exe [9849280 2024-03-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1690368 2022-07-22] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4384104 2024-03-06] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14916448 2021-03-26] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1789960 2024-03-10] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\Run: [com.messenger] => "C:\Users\zelen\AppData\Local\Programs\Messenger\Messenger.exe" messenger://openAtLogin (No File)
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech)
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\MountPoints2: {2043a99b-d507-11eb-823c-2cf05d80969f} - "F:\startme.exe"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\MountPoints2: {ce4afd11-cabd-11ee-83c5-2cf05d80969f} - "F:\CrossLink.exe"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1002\...\Run: [MicrosoftEdgeAutoLaunch_9D9C8361A4AB7D74294FA7EB59596A99] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4060712 2024-03-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2953557184-4198598645-1749663361-1002\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\122.0.6261.131\Installer\chrmstp.exe [2024-03-21] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\123.1.64.109\Installer\chrmstp.exe [2024-03-20] (Brave Software, Inc. -> Brave Software, Inc.)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0251ccb3-1cd7-46a9-b500-fb733c63a7f5} - no filepath. <==== ATTENTION
Task: {02e2d798-e0e3-40b7-84c4-e48b26eeaf9d} - no filepath. <==== ATTENTION
Task: {08a42eef-a93f-4148-9aad-c83e67deeb5d} - no filepath. <==== ATTENTION
Task: {0a52cd0c-a2a7-4d4b-9ec1-f795027a4b78} - no filepath. <==== ATTENTION
Task: {1e342d9e-bef8-4262-8f82-8a6767b97756} - no filepath. <==== ATTENTION
Task: {4c047d5f-5cba-465e-96d0-533e73d4fc83} - no filepath. <==== ATTENTION
Task: {6245ac21-cb31-4f51-9751-cfd92f12638f} - no filepath. <==== ATTENTION
Task: {67d890a9-9a0c-4fbc-a0e5-90bcb60a93d7} - no filepath. <==== ATTENTION
Task: {9f5cbfec-5b46-44e2-ad39-9d4c1ae2e08c} - no filepath. <==== ATTENTION
Task: {b306eafe-fc6d-48ef-b00f-2cada2f7cc39} - no filepath. <==== ATTENTION
Task: {da77dee6-1414-4f1a-b087-3db1da4ed5d3} - no filepath. <==== ATTENTION
Task: {dc6ad5f1-b019-4536-9280-2fd13c433b12} - no filepath. <==== ATTENTION
Task: {e1ccd1f9-3b3d-4250-b49b-fb6d7c72e035} - no filepath. <==== ATTENTION
Task: {e8a3206a-f36f-4be6-8028-7ee0eead1ee0} - no filepath. <==== ATTENTION
Task: {f77872c3-d259-4237-b6b5-b653e0fceec9} - no filepath. <==== ATTENTION
Task: {BD1E27DE-F9AA-40D1-BD56-F9397F21936B} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe (No File)
Task: {D1133895-E698-40E6-AF19-4AB92230F36A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-02] (Avast Software s.r.o. -> Avast Software)
Task: {35EACF95-4684-497B-9C6B-73B5894268F2} - System32\Tasks\AVG\AVG TuneUp BugReport => C:\Program Files\AVG\TuneUp\AvBugReport.exe [4979128 2024-03-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) -> --send "dumps|report" --silent --product 74 --programpath "C:\Program Files\AVG\TuneUp\Setup\.." --configpath "C:\Program Files\AVG\TuneUp\Setup" --path "C:\ProgramData\AVG\TuneUp\log" --path "C:\ProgramData\AVG\Icarus\Logs" --logpath "C:\ProgramData\AVG\TuneUp\log" --guid 9a95d750-5df1-45af-9069-5 (the data entry has 11 more characters).
Task: {BF749130-D176-4C79-B1B6-3D1A55B54F52} - System32\Tasks\AVG\AVG TuneUp Update => C:\Program Files\Common Files\AVG\Icarus\avg-tu\icarus.exe [7811512 2024-03-14] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {5A137660-8A4E-4D02-9229-8449C1961AAA} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162384 2021-02-05] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {CF408C2F-E0BB-4541-BF7B-B97111114BCB} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162384 2021-02-05] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {BF505F7F-2365-4B38-9E82-DAB2AE064EEF} - System32\Tasks\cFos\Registration Tasks\Open Browser => c:\program files\google\chrome\application\chrome.exe [2772256 2024-03-12] (Google LLC -> Google LLC) -> "hxxp://localhost:1487/cfosspeed/console.htm"
Task: {BE98D0DD-9660-4959-A455-0F69778063CB} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5610344 2024-03-13] (Microsoft Windows -> Microsoft Corporation)
Task: {98074E30-AE19-4820-AB82-C7026512D553} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem124.0.6359.0{D807AB07-F30E-4FC0-A8A8-2A96FD097AC1} => C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC)
Task: {9E27517C-4189-4CA1-BDA7-811F1E3F2A67} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2064744 2021-01-19] (Intel(R) Production Software -> Intel Corporation)
Task: {8997FA2E-6D7D-4CFD-910A-A0F8AB5E66D6} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2113024 2023-06-09] () [File not signed]
Task: {2A298CEE-C204-4B5A-81F5-3E796DC5637D} - System32\Tasks\Meta\Messenger-SL-Helper-S-1-5-21-2953557184-4198598645-1749663361-1001 => C:\Users\zelen\AppData\Local\Programs\Messenger\MessengerHelper.exe [2158328 2023-03-10] (Facebook, Inc. -> Meta Platforms, Inc.)
Task: {FC998AE5-FDD7-4AFC-A20A-71C0D4286589} - System32\Tasks\Meta\Messenger-WSP-Helper-S-1-5-21-2953557184-4198598645-1749663361-1001 => C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_2070.12.228.0_x64__8xx8rvfyw5nnt\app\MessengerHelper.exe [2169080 2024-03-16] (6E08453F-9BA7-4311-999C-D22FBA2FB1B8 -> Meta Platforms, Inc.)
Task: {69BF3700-02D6-4DE7-933D-26D785B12151} - System32\Tasks\MSI Task Host - ControlVoiceBoost => C:\Program Files (x86)\MSI\One Dragon Center\Voice Boost\ControlVoiceBoost.exe [30384 2019-12-20] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {6C5D4572-F19C-46D3-A7DE-B23DF6219C58} - System32\Tasks\MSI Task Host - Detect_Monitor => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [102712 2021-07-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {4C21F9B7-417E-4B30-8EA9-681C24C1B462} - System32\Tasks\MSI Task Host - DisplayID => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [102712 2021-07-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {1C7D70BC-CAE9-4B06-8BCB-9910D12D3C0D} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe [1822824 2023-10-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {5368F08C-AE42-4CAE-ABBD-5FAED2CC7A06} - System32\Tasks\MSISW_Host => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {22CA00AB-FE5F-4529-8968-AFEB662D5535} - System32\Tasks\NahimicSvc32Run => C:\Windows\SysWOW64\NahimicSvc32.exe [1117352 2024-01-01] (A-Volute SAS -> Nahimic)
Task: {A1A9E40D-2563-4DFD-9509-93D22886E5C7} - System32\Tasks\NahimicSvc64Run => C:\Windows\system32\NahimicSvc64.exe [1437352 2024-01-01] (A-Volute SAS -> Nahimic)
Task: {7860EE96-2C65-44E4-91AC-6B29512FE2E2} - System32\Tasks\NahimicTask32 => C:\Windows\System32\..\SysWOW64\NahimicSvc32.exe [1117352 ] (A-Volute SAS -> Nahimic)
Task: {DDFDA32B-3577-4B49-BA43-4BBCA1C46257} - System32\Tasks\NahimicTask64 => C:\Windows\System32\.\NahimicSvc64.exe [1437352 ] (A-Volute SAS -> Nahimic)
Task: {C29C609A-5AC2-42B3-BB2E-AEC20DC6DD93} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {86F38328-B421-41FF-B035-C73C93D4ABC8} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AAE73B7E-F25D-4FF7-A998-CF7F8803FD82} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {40B3AB93-D2CD-4435-9A89-C2BAFF56AE82} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7CC16CD5-9A97-4B53-A03F-98CB08AAB346} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BD74F803-73AA-4D39-A009-A5B3B5E64C8D} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3B96474D-7710-47F9-A1D1-31B4784808ED} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {256FDCB8-8DC5-48A5-87E8-481290ABF7FF} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6AFAF0F7-9648-4E3A-8D9C-840C3BD00E8D} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {24B4EE1E-3100-4B35-A82C-8ADBD3301449} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2953557184-4198598645-1749663361-1002 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {E1A67946-E35F-4CE2-BDD5-76E4FB8ED35C} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2953557184-4198598645-1749663361-1002 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {B8CCCACD-63C3-421C-B272-8BACEC08855F} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2953557184-4198598645-1749663361-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {6675C27F-3096-47DC-A842-6A30CFB9D681} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2642952 2024-03-10] (Overwolf Ltd -> Overwolf LTD) -> C:\Program Files (x86)\Overwolf\/RunningFrom Schedule
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6ecb7c76-c0a4-4ba9-99c4-395c04bd17ff}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6ecb7c76-c0a4-4ba9-99c4-395c04bd17ff}: [DhcpDomain] home
Tcpip\..\Interfaces\{d81f6edf-470e-4b70-942e-4f5b2cae3c47}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d81f6edf-470e-4b70-942e-4f5b2cae3c47}: [DhcpDomain] home
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\zelen\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-03]
Edge Notifications: Default -> hxxps://freebitco.in
Edge Extension: (Avast Online Security & Privacy) - C:\Users\zelen\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdgpikaaheckgdijjmepmdjjkbceakif [2023-06-16]
Edge Extension: (Dokumenty Google offline) - C:\Users\zelen\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-11-07]
Edge Extension: (Edge relevant text changes) - C:\Users\zelen\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-11-07]
Edge Extension: (ESET Browser Privacy & Security) - C:\Users\zelen\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nkapkmklnmidbbgjaipbgpcnbomnaakc [2023-11-30]
Edge HKLM-x32\...\Edge\Extension: [nkapkmklnmidbbgjaipbgpcnbomnaakc]
FireFox:
========
FF DefaultProfile: jyeb1nyy.default
FF ProfilePath: C:\Users\zelen\AppData\Roaming\Mozilla\Firefox\Profiles\jyeb1nyy.default [2021-08-25]
FF ProfilePath: C:\Users\zelen\AppData\Roaming\Mozilla\Firefox\Profiles\o2lcqec9.default-release [2024-03-25]
FF Extension: (Tampermonkey) - C:\Users\zelen\AppData\Roaming\Mozilla\Firefox\Profiles\o2lcqec9.default-release\Extensions\firefox@tampermonkey.net.xpi [2021-12-13]
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.19 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2021-06-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2021-06-27] (Oracle America, Inc. -> Oracle Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2024-03-25]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default [2024-03-25]
CHR Notifications: Default -> hxxps://app.ens.domains; hxxps://drive.google.com; hxxps://freebitco.in; hxxps://mail.google.com; hxxps://twitter.com; hxxps://www.aliexpress.com; hxxps://www.facebook.com; hxxps://www.instagram.com; hxxps://www.lidl.cz; hxxps://www.netflix.com; hxxps://zaletsi.cz
CHR HomePage: Default -> hxxps://www.google.com/
CHR Session Restore: Default -> is enabled.
CHR Extension: (Překladač Google) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-03-22]
CHR Extension: (DuckDuckGo) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2024-03-13]
CHR Extension: (uBlock Origin) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-02-24]
CHR Extension: (Tampermonkey) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2024-01-12]
CHR Extension: (uMatrix development build) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\eckgcipdkhcfghnmincccnhpdmnbefki [2021-02-03]
CHR Extension: (VT4Browsers) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\efbjojhplkelaegfbieplglfidafgoka [2023-11-13]
CHR Extension: (Stylish - Custom themes for any website) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2024-01-15]
CHR Extension: (Wayback Machine) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpnmgdkabkmnadcjpehmlllkndpkmiak [2023-11-22]
CHR Extension: (Authy) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaedmjdfmmahhbjefcbgaolhhanlaolb [2021-02-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-22]
CHR Extension: (Wappalyzer - Technology profiler) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gppongmhjkpfnbhagpmjfkannfbllamg [2024-02-21]
CHR Extension: (feedly) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2021-02-03]
CHR Extension: (Social Fixer for Facebook) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb [2023-09-11]
CHR Extension: (SEMOR) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\igcjcgdkngjanadjligggkimempkknnp [2021-02-03]
CHR Extension: (WavesLiteApp) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfmcaklajknfekomaflnhkjjkcjabogm [2021-02-03]
CHR Extension: (dlvr.it) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnbmafaeknhpeabpppkieambfcnlcipb [2022-05-30]
CHR Extension: (Morpheon Dark) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad [2024-03-13]
CHR Extension: (Ghostery Tracker Ad Blocker - Privacy AdBlock) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2024-03-10]
CHR Extension: (MetaMask) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2024-03-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-03]
CHR Extension: (AMP Validator) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmoffdblmcmgeicmolmhobpoocbbmknc [2024-01-18]
CHR Extension: (Instant Data Scraper) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofaokhiedipichpaobibbnahnkdoiiah [2024-01-31]
CHR Extension: (Web Server for Chrome) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofhbbkphhbklhfoeikjpcbhemlocgigb [2021-04-07]
CHR Extension: (ESET Browser Privacy & Security) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\oombnmpbbhbakfpfgdflaajkhicgfaam [2024-02-13]
CHR Extension: (Amino: Live CSS Editor) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcpfbcibpcbfbmddogfhcijfpboeaaf [2023-11-13]
CHR Extension: (Hlídač Shopů) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlonggbfebcjelncogcnclagkmkikk [2023-11-15]
CHR Profile: C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-03-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-15]
CHR Extension: (ESET Browser Privacy & Security) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oombnmpbbhbakfpfgdflaajkhicgfaam [2024-02-12]
CHR Profile: C:\Users\zelen\AppData\Local\Google\Chrome\User Data\System Profile [2024-03-25]
CHR HKLM-x32\...\Chrome\Extension: [oombnmpbbhbakfpfgdflaajkhicgfaam]
Brave:
=======
BRA DefaultProfile: Default
BRA Profile: C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-11-10]
BRA Extension: (Překladač Google) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-11-10]
BRA Extension: (Authenticator) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\bhghoamapcdpbohphigoooaddinpkbai [2023-11-10]
BRA Extension: (Adblock Plus - free ad blocker) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-11-10]
BRA Extension: (Pushbullet) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2023-11-10]
BRA Extension: (Plasma Integration) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cimiefiiaegbelhefglklhhakcgmhkai [2023-11-10]
BRA Extension: (Simple Auto Scroll) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\dccjkemhmffnljlnnoffljpkhkfpldff [2021-02-05]
BRA Extension: (Tampermonkey) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2023-11-10]
BRA Extension: (uMatrix development build) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\eckgcipdkhcfghnmincccnhpdmnbefki [2021-02-05]
BRA Extension: (VT4Browsers) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\efbjojhplkelaegfbieplglfidafgoka [2023-11-10]
BRA Extension: (Dark Reader) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2023-11-10]
BRA Extension: (Stylish - Custom themes for any website) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2023-11-10]
BRA Extension: (Social Fixer for Facebook) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb [2023-11-10]
BRA Extension: (SEMOR) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\igcjcgdkngjanadjligggkimempkknnp [2021-02-05]
BRA Extension: (Bandzone Downloader) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\kdolellaicjnehmfidkjkkehmkkapngp [2021-02-05]
BRA Extension: (Social Book Post Manager) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ljfidlkcmdmmibngdfikhffffdmphjae [2021-02-05]
BRA Extension: (dlvr.it) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\lnbmafaeknhpeabpppkieambfcnlcipb [2023-11-10]
BRA Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2023-11-10]
BRA Extension: (Givee.Club - Get games for free!) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\modkgipgommbdobanfinadelfafeiadk [2023-11-10]
BRA Extension: (MetaMask) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2023-11-10]
BRA Extension: (AMP Validator) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\nmoffdblmcmgeicmolmhobpoocbbmknc [2023-11-10]
BRA Extension: (Amino: Live CSS Editor) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\pbcpfbcibpcbfbmddogfhcijfpboeaaf [2023-11-10]
BRA Extension: (SEOInfo) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ppbdklaincgliegpfolkjjfncpgobneb [2023-11-10]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block First Party Filters (plaintext))) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2023-11-10]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2023-11-10]
BRA Extension: (Brave NTP background images) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2023-11-10]
BRA Extension: (Wallet Data Files Updater) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2023-11-10]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2023-11-10]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-11-06]
BRA Extension: (Brave NTP sponsored images) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\efkihffiamafhbhefjaljejgdpkelpal [2023-11-10]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2023-11-10]
BRA Extension: (Brave Ads Resources) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\iejekkikpddbbockoldagmfcdbffomfc [2023-11-10]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block Updater (plaintext))) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2023-11-10]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-11-06]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2023-11-10]
BRA Extension: (Brave Ad Block Updater (EasyList Czech and Slovak (plaintext))) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\oegebjahecghlckbhkmojgnpcgdeajdi [2023-11-10]
BRA Extension: (Brave Ad Block Updater (CZE, SVK: EasyList Czech and Slovak)) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\omkkefoeihpbpebhhbhmjekpnegokpbj [2021-11-06]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-11-10]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162384 2021-02-05] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 BraveElevationService; C:\Program Files\BraveSoftware\Brave-Browser\Application\123.1.64.109\elevation_service.exe [2671128 2024-03-20] (Brave Software, Inc. -> Brave Software, Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162384 2021-02-05] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [602376 2021-07-29] (cFos Software GmbH -> cFos Software GmbH)
R2 CleanupPSvc; C:\Program Files\AVG\TuneUp\TuneupSvc.exe [18727360 2024-03-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [2539384 2024-01-24] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3890064 2024-01-24] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3890064 2024-01-24] (ESET, spol. s r.o. -> ESET)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2021-10-01] (Epic Games Inc. -> Epic Games, Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1874272 2021-03-26] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6840672 2021-03-26] (GOG Sp. z o.o. -> GOG.com)
S2 GoogleUpdaterInternalService124.0.6359.0; C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC)
S2 GoogleUpdaterService124.0.6359.0; C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC)
R2 LightKeeperService; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe [86776 2020-12-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9423680 2024-03-25] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-03-25] (Malwarebytes Inc. -> Malwarebytes)
R2 MSI Foundation Service; C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\FoundationService\MSIAPService.exe [75216 2020-09-23] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
R2 MSI_Central_Service; C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe [147088 2020-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_Companion_Service; C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe [143160 2021-03-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_Super_Charger_Service; C:\Program Files (x86)\MSI\One Dragon Center\Super_Charger\MSI_Super_Charger_Service.exe [39224 2021-04-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe [36152 2021-08-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe [39760 2021-05-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1909416 2024-01-01] (A-Volute SAS -> Nahimic)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_509c7440ad905b9c\Display.NvContainer\NVDisplay.Container.exe [1275528 2024-03-13] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2579272 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3497808 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2642952 2024-03-10] (Overwolf Ltd -> Overwolf LTD)
S3 PrintNotify; C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll [3595776 2021-06-09] (Microsoft Corporation) [File not signed]
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [749640 2022-10-11] (Oracle Corporation -> Oracle Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2021-02-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2021-02-03] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2021-03-12] (AVAST Software s.r.o. -> The OpenVPN Project)
S3 aswWintun; C:\WINDOWS\System32\drivers\aswWintun.sys [37104 2021-07-07] (Avast Software s.r.o. -> WireGuard LLC)
S3 BlueStacksDrv_msi2; C:\Program Files\BlueStacks_msi2\BstkDrv.sys [313112 2019-05-29] (Bluestack Systems, Inc. -> Bluestack System Inc.)
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 cFosSpeed; C:\WINDOWS\system32\DRIVERS\cfosspeed6.sys [1695016 2021-07-29] (cFos Software GmbH -> cFos Software GmbH)
R1 CTIIO; C:\WINDOWS\system32\drivers\CtiIo64.sys [29208 2024-03-12] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [215616 2023-11-28] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [120032 2023-11-28] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [16336 2022-08-23] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [254344 2023-11-28] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [55528 2023-11-28] (ESET, spol. s r.o. -> ESET)
R2 EneTechIo; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\EneIo64.sys [32504 2022-07-10] (ENE TECHNOLOGY INC. -> )
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [81824 2023-11-28] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [124168 2023-11-28] (ESET, spol. s r.o. -> ESET)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2024-03-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 iaLPSS2_GPIO2; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_skl.inf_amd64_2a35efc43f1a612e\iaLPSS2_GPIO2_ICL.sys [132872 2020-04-27] (Intel Corporation -> Intel Corporation)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223296 2024-03-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-03-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [200104 2024-03-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [78400 2024-03-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-03-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [188784 2024-03-25] (Malwarebytes Inc. -> Malwarebytes)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [19000 2023-04-05] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [85616 2021-08-16] (A-Volute -> Windows (R) Win 7 DDK provider)
S3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\One Dragon Center\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\One Dragon Center\Lib\SYS\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_CPU; C:\Program Files (x86)\MSI\One Dragon Center\Super_Charger\NTIOLib_X64.sys [32592 2024-01-02] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Lib\NTIOLib_X64.sys [32488 2023-12-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R1 UimBus; C:\WINDOWS\System32\drivers\uimbus.sys [109504 2018-11-27] (Paragon Software GmbH -> Paragon Software GmbH)
R1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uimdevim.sys [46016 2018-11-27] (Paragon Software GmbH -> Paragon Software GmbH)
R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [242632 2022-10-11] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [252536 2022-10-11] (Oracle Corporation -> Oracle Corporation)
R1 VBoxSup; C:\WINDOWS\system32\DRIVERS\VBoxSup.sys [1082080 2022-10-11] (Oracle Corporation -> Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2021-02-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2021-02-03] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2021-02-03] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-03-25 18:27 - 2024-03-25 18:27 - 000188784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2024-03-25 18:13 - 2024-03-25 18:14 - 000000000 ____D C:\AdwCleaner
2024-03-25 18:13 - 2024-03-25 18:13 - 008790880 _____ (Malwarebytes) C:\Users\zelen\Desktop\adwcleaner(1).exe
2024-03-25 18:12 - 2024-03-25 18:13 - 008791352 _____ (Malwarebytes) C:\Users\zelen\Desktop\AdwCleaner.exe
2024-03-25 18:04 - 2024-03-25 18:27 - 000000000 ____D C:\Users\zelen\AppData\LocalLow\IGDump
2024-03-25 18:03 - 2024-03-25 19:02 - 000000000 ____D C:\Users\zelen\AppData\Local\Malwarebytes
2024-03-25 18:03 - 2024-03-25 18:03 - 000002060 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-03-25 18:03 - 2024-03-25 18:03 - 000002048 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2024-03-25 18:02 - 2024-03-25 18:02 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-03-25 18:02 - 2024-03-25 18:02 - 000000000 ____D C:\Program Files\Malwarebytes
2024-03-25 18:01 - 2024-03-25 18:01 - 002589624 _____ (Malwarebytes) C:\Users\zelen\Desktop\MBSetup.exe
2024-03-25 17:57 - 2024-03-25 17:57 - 000005249 _____ C:\Users\zelen\AppData\Local\recently-used.xbel
2024-03-25 17:33 - 2024-03-25 17:36 - 000063824 _____ C:\Users\zelen\Desktop\Addition.txt
2024-03-25 17:32 - 2024-03-25 19:09 - 000048856 _____ C:\Users\zelen\Desktop\FRST.txt
2024-03-25 17:32 - 2024-03-25 19:09 - 000000000 ____D C:\FRST
2024-03-25 17:28 - 2024-03-25 17:31 - 002391552 _____ (Farbar) C:\Users\zelen\Desktop\FRST64.exe
2024-03-21 17:07 - 2024-03-21 17:07 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2024-03-21 16:55 - 2024-03-13 18:36 - 002031360 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2024-03-21 16:55 - 2024-03-13 18:36 - 002031360 _____ C:\WINDOWS\system32\vulkaninfo.exe
2024-03-21 16:55 - 2024-03-13 18:36 - 001578856 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-03-21 16:55 - 2024-03-13 18:36 - 001578856 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2024-03-21 16:55 - 2024-03-13 18:36 - 001488008 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2024-03-21 16:55 - 2024-03-13 18:36 - 001445224 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2024-03-21 16:55 - 2024-03-13 18:36 - 001445224 _____ C:\WINDOWS\system32\vulkan-1.dll
2024-03-21 16:55 - 2024-03-13 18:36 - 001295208 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2024-03-21 16:55 - 2024-03-13 18:36 - 001295208 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2024-03-21 16:55 - 2024-03-13 18:36 - 001226760 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2024-03-21 16:54 - 2024-03-13 18:28 - 001046152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2024-03-21 16:54 - 2024-03-13 18:28 - 000670344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2024-03-21 16:54 - 2024-03-13 18:28 - 000505352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2024-03-21 16:54 - 2024-03-13 18:27 - 001543176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2024-03-21 16:54 - 2024-03-13 18:27 - 001199624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2024-03-21 16:54 - 2024-03-13 18:26 - 002174072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2024-03-21 16:54 - 2024-03-13 18:26 - 001626760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2024-03-21 16:54 - 2024-03-13 18:26 - 001024136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2024-03-21 16:54 - 2024-03-13 18:26 - 000841840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2024-03-21 16:54 - 2024-03-13 18:26 - 000787592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2024-03-21 16:54 - 2024-03-13 18:25 - 016034440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2024-03-21 16:54 - 2024-03-13 18:25 - 012929144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2024-03-21 16:54 - 2024-03-13 18:25 - 006780960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2024-03-21 16:54 - 2024-03-13 18:25 - 003721224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2024-03-21 16:54 - 2024-03-13 18:25 - 000459912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2024-03-21 16:54 - 2024-03-13 18:24 - 005913096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2024-03-21 16:54 - 2024-03-13 18:24 - 005773344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2024-03-21 16:54 - 2024-03-13 18:23 - 000853104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2024-03-21 16:54 - 2024-03-13 06:29 - 000119399 _____ C:\WINDOWS\system32\nvinfo.pb
2024-03-17 15:45 - 2024-03-17 15:45 - 000000000 ____D C:\Program Files\dotnet
2024-03-13 18:30 - 2024-03-13 18:30 - 000015882 _____ C:\Users\zelen\README.md
2024-03-13 04:44 - 2024-03-13 04:44 - 000019530 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-03-13 04:44 - 2024-03-13 04:44 - 000019530 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-03-13 04:38 - 2024-03-13 04:38 - 000000000 ___HD C:\$WinREAgent
2024-03-13 04:33 - 2024-03-13 04:33 - 000003236 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - ControlVoiceBoost
2024-03-12 19:05 - 2024-03-12 19:05 - 000003190 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - LEDKeeper2_Host
2024-03-12 19:05 - 2024-03-12 19:05 - 000000000 ____D C:\Program Files\ENE
2024-03-12 19:04 - 2024-03-12 19:04 - 000002685 _____ C:\Users\Public\Desktop\Intel(R) Extreme Tuning Utility.lnk
2024-03-12 19:04 - 2024-03-12 19:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2024-03-10 17:26 - 2024-03-10 17:26 - 000000000 ___HD C:\$Windows.~WS
2024-03-09 22:37 - 2024-03-09 22:37 - 000031414 _____ C:\Users\zelen\Downloads\65ec0bf85e355.webp
2024-03-09 11:49 - 2024-03-09 11:49 - 419594592 _____ C:\Users\zelen\Downloads\MOV_0334.mp4
2024-03-09 07:29 - 2024-03-09 07:29 - 000054660 _____ C:\Users\zelen\Downloads\hcdMvnn.jpeg
2024-03-08 05:24 - 2024-03-08 05:24 - 000167537 _____ C:\Users\zelen\Downloads\9238227.pdf
2024-03-06 17:22 - 2024-03-06 17:22 - 000043380 _____ C:\Users\zelen\Downloads\1643672604_1_DF_e65gg31uh8367591.ged
2024-03-06 15:27 - 2024-03-11 04:30 - 000000000 ____D C:\WINDOWS\Panther
2024-03-04 18:47 - 2024-03-04 18:47 - 000685384 _____ (Mobirise.com) C:\Users\zelen\Downloads\MobiriseSetup.exe
2024-03-04 18:43 - 2024-03-06 18:37 - 000000000 ____D C:\Users\zelen\Downloads\RPRFFnzCKPIl6TBCZPxGs
2024-03-04 18:32 - 2024-03-04 18:32 - 005234364 _____ C:\Users\zelen\Downloads\RPRFFnzCKPIl6TBCZPxGs.zip
2024-03-04 05:26 - 2024-03-04 05:26 - 000000000 ____D C:\WINDOWS\InboxApps
2024-03-04 05:25 - 2024-03-04 05:25 - 000000270 __RSH C:\ProgramData\ntuser.pol
2024-03-03 15:09 - 2024-03-03 15:09 - 000019035 _____ C:\Users\zelen\Downloads\[SkT]Windows_8.1_(64bit)(CZ).torrent
2024-03-03 10:59 - 2024-03-03 10:59 - 000000000 ____D C:\WINDOWS\SysWOW64\Tasks.BackupByDriver Booster
2024-03-03 10:59 - 2024-03-03 10:59 - 000000000 ____D C:\WINDOWS\IObit
2024-03-03 10:59 - 2024-03-03 10:59 - 000000000 ____D C:\Users\zelen\AppData\Roaming\IObit
2024-03-03 10:59 - 2024-03-03 10:59 - 000000000 ____D C:\Users\zelen\AppData\LocalLow\IObit
2024-03-03 10:59 - 2024-03-03 10:59 - 000000000 ____D C:\Users\zelen\AppData\Local\IObit
2024-03-03 10:59 - 2024-03-03 10:59 - 000000000 ____D C:\ProgramData\ProductData
2024-03-03 10:59 - 2024-03-03 10:59 - 000000000 ____D C:\ProgramData\IObit
2024-03-03 09:03 - 2024-03-25 18:08 - 000000000 ____D C:\Users\zelen\Downloads\KMSAuto Lite Portable v1.6.5
2024-03-01 11:43 - 2024-03-01 11:43 - 002498035 _____ C:\Users\zelen\Downloads\Radosovice1.pdf
2024-03-01 10:43 - 2024-03-01 10:43 - 002236790 _____ C:\Users\zelen\Downloads\Radosovice.pdf
2024-03-01 04:04 - 2024-03-01 04:04 - 051062649 _____ C:\Users\zelen\Desktop\SDR Scan ,pá bře 1 2024 04-04-07.DAT
2024-02-29 19:24 - 2024-02-29 19:24 - 000000000 ____D C:\Users\zelen\Downloads\Windows 7 4v1 x86 9.2015 cz-sk
2024-02-29 15:22 - 2024-03-01 04:05 - 000003300 _____ C:\WINDOWS\system32\Tasks\klcp_update
2024-02-29 15:22 - 2024-03-01 04:05 - 000001854 _____ C:\Users\Public\Desktop\Stellar Data Recovery.lnk
2024-02-29 15:22 - 2024-03-01 04:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellar Data Recovery
2024-02-29 15:22 - 2024-03-01 04:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2024-02-29 15:22 - 2024-03-01 04:05 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2024-02-29 15:21 - 2024-03-01 04:05 - 000000000 ____D C:\Program Files\Stellar Data Recovery
2024-02-29 13:14 - 2024-02-29 13:14 - 000020072 _____ C:\Users\zelen\Downloads\[SkT]Windows_7_SP1_4v1_(x86)(9_2015)(CZ_SK).torrent
2024-02-29 12:59 - 2024-02-29 12:59 - 000038460 _____ C:\Users\zelen\Downloads\[SkT]Windows_7_32-bit_a_64-bit_-_Activated_DVD5.torrent
2024-02-29 10:23 - 2024-02-29 10:23 - 001432648 _____ (Akeo Consulting) C:\Users\zelen\Downloads\rufus-4.4.exe
2024-02-26 22:57 - 2024-02-26 22:57 - 000070612 _____ C:\Users\zelen\Downloads\101129_talkcmmntillu_p886.webp
2024-02-26 09:32 - 2024-02-26 09:32 - 000007110 _____ C:\Users\zelen\Downloads\1000126076-usedlost včetně valů a bývalého tvrziště.xlsx
2024-02-26 09:32 - 2024-02-26 09:32 - 000000000 ____D C:\Users\zelen\AppData\Roaming\NVIDIA
2024-02-25 18:10 - 2024-02-25 18:12 - 000000000 ____D C:\Users\zelen\Downloads\autodraha
2024-02-25 14:15 - 2024-02-25 14:15 - 000015478 _____ C:\Users\zelen\Downloads\[SkT]Windows_10Pro_2009.630_Lite.SE_ML_oprekin.com.iso.torrent
2024-02-24 16:27 - 2024-02-15 17:42 - 000121880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2024-02-24 16:25 - 2024-03-13 18:21 - 006033568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2024-02-24 14:58 - 2024-02-24 14:58 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2024-02-24 14:55 - 2024-03-13 18:22 - 006946400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-03-25 18:58 - 2021-02-03 17:21 - 000000000 ____D C:\Program Files (x86)\Steam
2024-03-25 18:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-03-25 18:42 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-03-25 18:33 - 2022-05-11 17:41 - 000659932 _____ C:\WINDOWS\system32\perfh005.dat
2024-03-25 18:33 - 2022-05-11 17:41 - 000136202 _____ C:\WINDOWS\system32\perfc005.dat
2024-03-25 18:33 - 2021-02-27 19:28 - 001562480 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-03-25 18:33 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-03-25 18:27 - 2023-04-27 19:58 - 000000000 ____D C:\Users\zelen\AppData\Local\LogiBolt
2024-03-25 18:27 - 2022-03-19 08:33 - 000000000 ____D C:\ProgramData\AVG
2024-03-25 18:27 - 2021-05-19 08:18 - 000003108 _____ C:\WINDOWS\system32\Tasks\NahimicTask32
2024-03-25 18:27 - 2021-05-19 08:18 - 000003088 _____ C:\WINDOWS\system32\Tasks\NahimicTask64
2024-03-25 18:27 - 2021-05-17 18:28 - 000000000 ____D C:\Users\zelen\AppData\Roaming\Messenger
2024-03-25 18:27 - 2021-03-26 01:09 - 000002328 _____ C:\Users\zelen\Desktop\MSI companion.lnk
2024-03-25 18:27 - 2021-03-26 01:08 - 000000000 ____D C:\Users\zelen\AppData\Local\Overwolf
2024-03-25 18:27 - 2021-02-27 19:24 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-03-25 18:27 - 2021-02-27 18:15 - 000008192 ___SH C:\DumpStack.log.tmp
2024-03-25 18:27 - 2021-02-03 18:23 - 000000000 ____D C:\Users\zelen\AppData\Local\CrashDumps
2024-03-25 18:27 - 2020-06-04 20:09 - 000000000 ____D C:\ProgramData\NVIDIA
2024-03-25 18:26 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-03-25 18:03 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-03-25 18:02 - 2021-03-10 20:51 - 000000000 ____D C:\Users\zelen\AppData\Local\babl-0.1
2024-03-25 17:02 - 2021-02-27 19:20 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-03-25 02:58 - 2021-03-03 03:34 - 000000000 ____D C:\Users\zelen\AppData\Roaming\FileZilla
2024-03-24 19:43 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-03-23 04:36 - 2022-02-18 00:11 - 000000000 ____D C:\Program Files\RUXIM
2024-03-21 21:24 - 2021-12-17 20:16 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-03-21 21:24 - 2021-02-03 16:08 - 000002214 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-03-21 21:24 - 2021-02-03 16:08 - 000002173 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-03-21 17:07 - 2021-02-03 16:48 - 000000000 ____D C:\Users\zelen\AppData\Local\NVIDIA
2024-03-20 20:19 - 2021-02-05 14:16 - 000002331 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2024-03-20 20:19 - 2021-02-05 14:16 - 000002290 _____ C:\Users\Public\Desktop\Brave.lnk
2024-03-19 19:15 - 2021-02-03 19:00 - 000000000 ____D C:\Users\zelen\AppData\Roaming\vlc
2024-03-19 19:10 - 2021-02-03 18:59 - 000000883 _____ C:\Users\Public\Desktop\VLC media player.lnk
2024-03-18 19:05 - 2021-05-17 18:28 - 000000000 ____D C:\Users\zelen\AppData\Local\Messenger
2024-03-18 19:05 - 2021-02-03 15:55 - 000000000 ___SD C:\Users\zelen\AppData\Roaming\Microsoft\Credentials
2024-03-18 15:00 - 2021-02-03 17:22 - 000000000 ____D C:\Users\zelen\AppData\Local\Steam
2024-03-17 15:45 - 2021-02-03 16:01 - 000000000 ____D C:\Users\zelen\AppData\Local\Packages
2024-03-17 15:45 - 2020-06-04 20:08 - 000000000 ____D C:\ProgramData\Package Cache
2024-03-17 15:45 - 2019-10-30 14:46 - 000000000 ____D C:\ProgramData\Packages
2024-03-17 15:44 - 2021-02-03 16:05 - 000000000 ____D C:\Users\zelen\AppData\Local\PlaceholderTileLogoFolder
2024-03-17 09:54 - 2021-02-03 18:10 - 000000000 ____D C:\Users\zelen\AppData\Local\D3DSCache
2024-03-16 09:28 - 2022-09-18 05:44 - 000000000 ____D C:\Users\zelen\.VirtualBox
2024-03-16 01:29 - 2021-02-03 15:50 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-03-16 01:29 - 2021-02-03 15:50 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-03-15 19:57 - 2024-02-17 02:58 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_4.dll
2024-03-15 19:57 - 2022-10-22 20:36 - 000108136 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2024-03-15 19:57 - 2022-10-22 20:36 - 000075368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2024-03-15 19:57 - 2021-11-19 05:11 - 000206440 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2024-03-15 19:57 - 2021-02-03 16:22 - 000145000 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2024-03-15 19:57 - 2021-02-03 16:17 - 002709096 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2024-03-15 19:57 - 2021-02-03 16:17 - 000706152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2024-03-15 19:57 - 2021-02-03 16:17 - 000218728 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2024-03-15 19:45 - 2022-09-18 05:44 - 000000000 ____D C:\ProgramData\VirtualBox
2024-03-14 15:11 - 2021-03-26 01:09 - 000000000 ____D C:\Program Files (x86)\Overwolf
2024-03-13 18:30 - 2021-03-06 10:50 - 000000000 ____D C:\Users\zelen\.bluefish
2024-03-13 18:30 - 2021-02-27 19:21 - 000000000 ____D C:\Users\zelen
2024-03-13 15:19 - 2020-06-04 20:09 - 000000000 ____D C:\ProgramData\Intel
2024-03-13 05:30 - 2023-03-16 03:54 - 000644104 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-03-13 05:29 - 2021-02-27 18:04 - 000000000 ___SD C:\WINDOWS\SysWOW64\lxss
2024-03-13 05:29 - 2021-02-27 18:04 - 000000000 ___SD C:\WINDOWS\system32\lxss
2024-03-13 05:29 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-03-13 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-03-13 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-03-13 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-03-13 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-03-13 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-03-13 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-03-13 05:29 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2024-03-13 04:47 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-03-13 04:33 - 2021-02-04 09:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-03-13 04:33 - 2020-06-04 20:28 - 000000000 ____D C:\MSI
2024-03-13 04:27 - 2021-02-04 09:07 - 190470136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-03-12 19:06 - 2020-06-04 20:31 - 000000000 ____D C:\ProgramData\MSI
2024-03-12 19:04 - 2021-02-27 19:24 - 000000000 ____D C:\WINDOWS\system32\Tasks\Intel
2024-03-12 19:04 - 2020-06-04 20:08 - 000000000 ____D C:\Program Files\Intel
2024-03-11 04:30 - 2021-09-04 10:38 - 000000000 ____D C:\ESD
2024-03-08 17:19 - 2021-03-10 20:57 - 000000000 ____D C:\Users\zelen\AppData\Local\gtk-2.0
2024-03-07 19:10 - 2021-05-14 21:36 - 000000000 ____D C:\Users\zelen\AppData\Local\ElevatedDiagnostics
2024-03-06 18:33 - 2021-03-10 06:38 - 000000000 ____D C:\Users\zelen\AppData\Roaming\Mobirise
2024-03-05 15:24 - 2021-02-27 19:24 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-03-05 15:24 - 2021-02-27 19:24 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-03-04 23:17 - 2021-02-21 20:14 - 000000000 ____D C:\ProgramData\Transmission
2024-03-04 18:48 - 2021-03-10 06:38 - 000000963 _____ C:\Users\Public\Desktop\Mobirise.lnk
2024-03-04 18:48 - 2021-03-10 06:38 - 000000963 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobirise.lnk
2024-03-04 18:48 - 2021-03-10 06:38 - 000000000 ____D C:\Users\zelen\AppData\Local\mobirise-updater
2024-03-04 05:27 - 2019-12-07 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2024-03-04 05:26 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2024-03-04 05:26 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2024-03-04 05:26 - 2019-12-07 15:41 - 000000000 ____D C:\WINDOWS\system32\cs
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2024-03-04 01:11 - 2019-12-07 15:44 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2024-03-04 01:11 - 2019-12-07 15:44 - 000020827 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2024-03-04 01:11 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2024-03-04 01:11 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2024-03-04 01:10 - 2024-02-22 19:27 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\CodeIntegrityAggregator.dll
2024-03-04 01:10 - 2024-02-22 19:27 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AutomaticAppSignInPolicy.dll
2024-03-04 01:10 - 2024-02-22 19:27 - 000034112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DiagnosticDataSettings.dll
2024-03-04 01:10 - 2024-02-22 19:26 - 000849280 _____ C:\WINDOWS\system32\aemarebackup.dll
2024-03-04 01:10 - 2024-02-22 19:26 - 000741376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccount.TokenProvider.Core.dll
2024-03-04 01:10 - 2024-02-22 19:26 - 000225280 _____ C:\WINDOWS\system32\CloudIdWxhExtension.dll
2024-03-04 01:10 - 2024-02-22 19:26 - 000104448 _____ C:\WINDOWS\system32\CloudExperienceHostRedirection.dll
2024-03-04 01:10 - 2024-02-22 19:26 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AutomaticAppSignInPolicy.dll
2024-03-03 23:36 - 2021-02-21 20:13 - 000000000 ____D C:\Users\zelen\AppData\Local\transmission
2024-03-03 18:10 - 2022-09-17 05:05 - 000000000 ____D C:\Users\zelen\AppData\Local\Bluestacks
2024-03-03 18:10 - 2021-03-26 01:09 - 000000000 ____D C:\Users\zelen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2024-03-03 15:51 - 2023-02-07 06:22 - 000000206 _____ C:\Users\zelen\Downloads\rufus.ini
2024-02-29 13:44 - 2023-02-07 06:40 - 000000000 ____D C:\Users\zelen\Downloads\Rufus
2024-02-24 16:29 - 2020-06-04 20:09 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
==================== Files in the root of some directories ========
2022-03-20 17:01 - 2022-03-20 17:04 - 000108928 _____ () C:\Program Files (x86)\CMS Setup Log.txt
2022-02-05 10:29 - 2022-05-07 08:07 - 000034269 _____ () C:\Program Files (x86)\DiskPlayer Setup Log.txt
2022-02-05 10:30 - 2022-02-05 10:30 - 000007597 _____ () C:\Program Files (x86)\DiskPlayer Uninstall Log.txt
2021-08-04 15:16 - 2021-08-04 18:04 - 000000012 _____ () C:\Users\zelen\AppData\Roaming\2457fe3357cbf1220231e8917326f70f
2021-08-04 15:28 - 2021-08-04 15:28 - 000000012 _____ () C:\Users\zelen\AppData\Roaming\67fa1b1ba5b0ed2fad9c840a61e47ada
2023-08-07 17:34 - 2023-09-11 14:58 - 000000016 _____ () C:\Users\zelen\AppData\Roaming\msregsvv.dll
2021-03-06 10:21 - 2021-03-06 10:21 - 000000128 _____ () C:\Users\zelen\AppData\Local\PUTTY.RND
2024-03-25 17:57 - 2024-03-25 17:57 - 000005249 _____ () C:\Users\zelen\AppData\Local\recently-used.xbel
2021-03-25 01:01 - 2021-03-25 01:01 - 000000017 _____ () C:\Users\zelen\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25.03.2024
Ran by zelen (25-03-2024 19:10:28)
Running from C:\Users\zelen\Desktop
Microsoft Windows 10 Home Version 22H2 19045.4170 (X64) (2021-02-27 18:24:51)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2953557184-4198598645-1749663361-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2953557184-4198598645-1749663361-503 - Limited - Disabled)
Guest (S-1-5-21-2953557184-4198598645-1749663361-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2953557184-4198598645-1749663361-504 - Limited - Disabled)
Zedko (S-1-5-21-2953557184-4198598645-1749663361-1002 - Limited - Enabled) => C:\Users\Zedko
zelen (S-1-5-21-2953557184-4198598645-1749663361-1001 - Administrator - Enabled) => C:\Users\zelen
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Security (Enabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516}
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {26E0861C-6FB9-CEF9-E4F0-531986211ACE}
FW: ESET Firewall (Enabled) {E7B06BEE-DEA6-20D2-58F2-0EB69C7B826D}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}
FW: ESET Firewall (Enabled) {1EDB0739-25D6-CFA1-CFAF-FA2C78F25DB5}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
3StepIcon version 1.0.0 (HKLM-x32\...\{44F8E787-21B1-4EED-83A7-37C6998D6F6D}_is1) (Version: 1.0.0 - )
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
7-Zip 22.01 (x64 edition) (HKLM\...\{23170F69-40C1-2702-2201-000001000000}) (Version: 22.01.00.0 - Igor Pavlov)
AmpliTube 5 version 5.7.0 (HKLM\...\{D831D61F-EBF5-4158-AEE1-F58A7B8C04C8}_is1) (Version: 5.7.0 - IK Multimedia)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.15 - tippach engineering)
balenaEtcher 1.10.6 (HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b) (Version: 1.10.6 - Balena Inc.)
Bluefish 2.2.12 (HKLM-x32\...\Bluefish) (Version: 2.2.12 - The Bluefish Developers)
BlueStacks X (HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\BlueStacks X) (Version: 0.18.30.9 - BlueStack Systems, Inc.)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 123.1.64.109 - Autoři prohlížeče Brave)
cFosSpeed 12.01 (HKLM\...\cFosSpeed) (Version: 12.01 - cFos Software GmbH, Bonn)
CMS (HKLM-x32\...\CMS) (Version: - )
DiskPlayer (HKLM-x32\...\DiskPlayer) (Version: - )
Documentation Manager (HKLM\...\{ECFBCE39-F4EE-43C7-8EE7-D28EE703617D}) (Version: 21.90.0.9 - Intel Corporation) Hidden
Dogecoin (HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\Dogecoin) (Version: 1.5.1.0 - Dogecoin)
Dynamic Application Loader Host Interface Service (HKLM\...\{9958AC82-2FDD-4124-9A9E-6699BBD044CC}) (Version: 1.0.0.0 - Intel Corporation) Hidden
EmbeddedIQ Searchmonkey version 3.2.0 (HKLM\...\{89CAA77F-6F11-476C-BA53-3AEA14214E1E}_is1) (Version: 3.2.0 - EmbeddedIQ)
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.3.31 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{cb8809b0-c2ad-40f3-80c7-8ebf6c6f8f63}) (Version: 1.0.3.31 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.9.10 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{7c1089bb-6d30-4461-a52c-65839a41d745}) (Version: 1.0.9.10 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_X-JMI_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.5.1 - ENE Tech) Hidden
ENE_X-JMI_HAL (HKLM-x32\...\{50ec3a07-291b-463e-be86-487eb8cbb71c}) (Version: 1.0.5.1 - ENE Tech) Hidden
Epic Games Launcher (HKLM-x32\...\{209F4B4B-3DF2-4825-9906-D4D6A80EC09E}) (Version: 1.3.0.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
ESET Security (HKLM\...\{C8113C9E-3025-4DC5-89E8-71F7C080967A}) (Version: 17.0.16.0 - ESET, spol. s r.o.)
FileZilla 3.66.5 (HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\FileZilla Client) (Version: 3.66.5 - Tim Kosse)
G-EXTRACTOR V.18 INBUILT BROWSER (HKLM-x32\...\{5E64E6DF-BD28-4FCA-B6A1-C795994ADC21}) (Version: 18.0.0 - Tiger Vikram)
GIMP 2.10.32 (HKLM\...\GIMP-2_is1) (Version: 2.10.32 - The GIMP Team)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 122.0.6261.131 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.101.0 - Google LLC) Hidden
HDR projects 5 (64-Bit) (HKLM\...\HDR_PROJECTS_5_2_3BF7CE82_is1) (Version: 5.52 - Franzis Verlag GmbH)
honestech VHS to DVD 3.0 SE (HKLM-x32\...\{2856F5EA-E98A-40E4-BAD6-8C644A4A3F3C}) (Version: 3.0 - honestech)
iDealshare VideoGo 6.5.0.7675 (HKLM-x32\...\{CC4C06C4-7C78-4AAB-B5AF-33FB11CCD850}_is1) (Version: - iDealshare Corporation)
IK Product Manager 1.0.5 (HKLM\...\a401809f-3509-5ed7-a6dc-34dc618bf372) (Version: 1.0.5 - IK Multimedia)
Intel(R) Extreme Tuning Utility (HKLM-x32\...\{96d90b75-794d-49b2-9c6a-fb35a86c32a1}) (Version: 7.3.0.33 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM\...\{9796DAAB-D3AD-4FA4-B8F3-6061DBBE1352}) (Version: 10.1.18295.8201 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{b666e502-9089-483b-9816-0774ccc9cb61}) (Version: 10.1.18295.8201 - Intel(R) Corporation)
Intel(R) Icls (HKLM\...\{8A72FDBD-8AD3-4C27-9A60-FF2837337B71}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) LMS (HKLM\...\{5DD7767A-9935-45D3-A012-5F4707E93AC5}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2007.14.0.1488 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{80C61169-91EF-4104-BECD-CF58486979A3}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{DA32477F-B10F-4028-A351-98B464F34A2F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{3C4E6ADF-F07E-4B2B-A674-959EE7CFB887}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000080-0210-1033-84C8-B8D95FA3C8C3}) (Version: 21.80.0.3 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{71e5eda7-14f9-4a67-b930-17e31afe19be}) (Version: 21.90.0.9 - Intel Corporation) Hidden
IPCam Admin 3.0.4 (HKLM-x32\...\IPCam Admin Utility_is1) (Version: - OvisLink Technologies Corp.)
IPCam Surveillance Software 3.0.0.8 (HKLM-x32\...\IPCam Surveillance Software_is1) (Version: - OvisLink Technologies Corp.)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Java(TM) SE Development Kit 11.0.11 (64-bit) (HKLM\...\{7383FAC9-7481-5A92-A58B-85830D7B2AD3}) (Version: 11.0.11.0 - Oracle Corporation)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-IE) (HKLM-x32\...\{998D5259-3BED-4710-98FF-D63387B5429E}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-NZ) (HKLM-x32\...\{07FC9CAD-FCEC-4186-BB83-EF7CCC9372BA}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
K-Lite Codec Pack 17.6.6 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 17.6.6 - KLCP)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LibreOffice 7.3.7.2 (HKLM\...\{1CC94CCB-0957-4A62-8B29-D215EDF8D483}) (Version: 7.3.7.2 - The Document Foundation)
Logi Bolt (HKLM\...\LogiBolt) (Version: 1.2.6024.0 - Logi)
Logitech Options (HKLM\...\LogiOptions) (Version: 9.70.68 - Logitech)
Malwarebytes version 5.1.0.102 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.1.0.102 - Malwarebytes)
Messenger (HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\c1b3adcf-2068-5e8d-b25d-30ce588e3a4c) (Version: 182.0.455264854 - Facebook, Inc.)
Microsoft .NET Host - 8.0.3 (x64) (HKLM\...\{0511E062-77E0-4F80-ABA3-0F99B9EF8C4B}) (Version: 64.12.10343 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.3 (x64) (HKLM\...\{E79D3B29-C9A2-42D5-8703-85B73C452D8B}) (Version: 64.12.10343 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.3 (x64) (HKLM\...\{D98088DE-EDA4-4E1A-BF0F-ED9A9145CC70}) (Version: 64.12.10343 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 122.0.2365.92 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 122.0.2365.92 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2953557184-4198598645-1749663361-1002\...\OneDriveSetup.exe) (Version: 24.015.0121.0003 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-IN) (HKLM-x32\...\{3B06AC90-DE68-44A9-95EB-0A3C1AF1514F}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{8e24fb65-31aa-446d-9c3e-35c5e11cb367}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29913 (HKLM-x32\...\{03d1453c-7d5c-479c-afea-8482f406e036}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29913 (HKLM-x32\...\{572DCD10-CF2E-43D1-8151-8BD9AC9086D0}) (Version: 14.28.29913 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29913 (HKLM-x32\...\{6236EBBD-F50F-40B3-B819-8DB0C608308C}) (Version: 14.28.29913 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.3 (x64) (HKLM\...\{CE0906F2-6C11-4A2B-880B-AFB92474B13E}) (Version: 64.12.10377 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.3 (x64) (HKLM-x32\...\{fb8f4657-2b60-4298-b83e-aaccb07ef793}) (Version: 8.0.3.33416 - Microsoft Corporation)
Mobirise 5.9.13 (HKLM-x32\...\a651c295-23f6-5815-8016-69ff822d3275) (Version: 5.9.13 - Mobirise.com)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 94.0.2 (x64 cs)) (Version: 94.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 91.0.2 - Mozilla)
MSI App Player (HKLM\...\BlueStacks_msi2) (Version: 4.80.5.1004 - BlueStack Systems, Inc.)
MSI companion (HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\Overwolf_ddlhcmnbjcondncokaaocnpbhbmhchohknbhpnbd) (Version: 2.0.39 - Overwolf app)
MSI SDK (HKLM-x32\...\{EE7D557C-3AE7-4348-8DCA-3A89790D0002}}_is1) (Version: 2.2021.1110.01 - MSI)
Node.js (HKLM\...\{A5930352-39BC-48D0-9F6D-38B984914E5D}) (Version: 14.18.0 - Node.js Foundation)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 551.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 551.86 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Oracle VM VirtualBox 6.1.40 (HKLM\...\{43A0F3F1-1A26-43F3-ABD6-30E8A54D407E}) (Version: 6.1.40 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.115.51547 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.242.1.6 - Overwolf Ltd.)
Paragon Hard Disk Manager™ 25 Anniversary LE (HKLM\...\{14EEF044-2FC6-40AA-9285-F430B3D90EF6}) (Version: 17.10.2.5049 - Paragon Software) Hidden
Paragon Hard Disk Manager™ 25 Anniversary LE (HKLM-x32\...\{f541ba6a-92bf-466b-b956-5efa58ffe017}) (Version: 17.10.2.5049 - Paragon Software GmbH)
Paragon UIM (HKLM\...\{06B4D67B-9ECB-41E5-B4C1-92F529BB703D}) (Version: 24.65.0.487 - Paragon Software) Hidden
Poedit (HKLM-x32\...\{68EB2C37-083A-4303-B5D8-41FA67E50B8F}_is1) (Version: 3.0.1 - Vaclav Slavik)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8931.1 - Realtek Semiconductor Corp.)
SecondLifeViewer (HKLM\...\SecondLifeViewer) (Version: 6.4.22.561752 - Linden Research, Inc.)
Služba Xperia Companion (HKLM\...\{0BFCDF65-FA11-431A-B059-4F58984C0D80}) (Version: 2.12.4.0 - Sony) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stellar Data Recovery (HKLM\...\Stellar Data Recovery_is1) (Version: 11.0.0.5 - Stellar Information Technology Pvt Ltd.)
Telegram Desktop (HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.11.1 - Telegram FZ-LLC)
Transmission 3.00 (bb6b5a062e) (HKLM-x32\...\{E98621B6-AA42-4390-93AF-4C3D2C557258}) (Version: 3.00.0 - Transmission Project)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 119.0.10382 - Ubisoft)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{B9A7A138-BFD5-4C73-A269-F78CCA28150E}) (Version: 8.94.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{9c94735f-73fd-4b0f-9ddb-8be7b3cc4681}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinToUSB verze 5.8 (HKLM\...\WinToUSB_is1) (Version: 5.8 - Hasleo Software.)
WonderFox DVD Video Converter 25.8 (HKLM-x32\...\WonderFox DVD Video Converter) (Version: 25.8 - WonderFox Soft, Inc.)
Xperia Companion (HKLM-x32\...\{8CE04ADB-E536-480B-B61F-9D16C6392A0D}) (Version: 2.12.4.0 - Sony) Hidden
Chrome apps:
============
Google Password Manager (HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\0e3d311605493bd78ad4c7dcd1baa0c3) (Version: 1.0 - Google\Chrome)
Packages:
=========
7-Zip File Manager (Unofficial) -> C:\Program Files\WindowsApps\HaukeGtze.7-ZipFileManagerUnofficial_1.2201.1.0_x64__6bk20wvc8rfx2 [2022-12-30] (Hauke Hasselberg)
AudioDirector for MSI -> C:\Program Files\WindowsApps\CyberLink.AudioDirectorforMSI_7.0.9105.0_x64__jtmmp2jxy9gb6 [2023-10-21] (CyberLink)
ColorDirector for MSI -> C:\Program Files\WindowsApps\CyberLink.ColorDirectorforMSI_5.0.8107.0_x64__jtmmp2jxy9gb6 [2023-10-21] (CyberLink)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.21.269.0_x64__rz1tebttyb220 [2024-03-21] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-10-28] (Microsoft Corporation)
DragonCenter -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.121.0_x64__kzh8wxbdkxb8p [2023-10-21] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
GEDCOM Validator -> C:\Program Files\WindowsApps\5864ChronoplexSoftware.GEDCOMValidator_10.0.2.0_x64__cfn0exghkdxkm [2024-03-17] (Chronoplex Software)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_2070.12.228.0_x64__8xx8rvfyw5nnt [2024-03-16] (Meta) [Startup Task]
Microsoft Jigsaw -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJigsaw_2.7.1181.0_x86__8wekyb3d8bbwe [2024-02-08] (Microsoft Studios)
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_4.5.2130.0_x64__8wekyb3d8bbwe [2024-02-29] (Microsoft Studios) [MS Ad]
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.3012.0_x64__8wekyb3d8bbwe [2023-10-21] (Microsoft Corporation)
Microsoft Sudoku -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSudoku_2.9.2291.0_x64__8wekyb3d8bbwe [2024-03-11] (Microsoft Studios) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2023-10-21] (MAGIX)
Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.9.22.0_x64__w2gh52qy24etm [2023-10-21] (A-Volute)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-17] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2024-03-21] (NVIDIA Corp.)
PhotoDirector 10 Essential for MSI -> C:\Program Files\WindowsApps\CyberLink.PhotoDirector10EssentialforMSI_10.0.2326.0_x64__jtmmp2jxy9gb6 [2023-10-21] (CyberLink)
PowerDirector 17 Essential for MSI -> C:\Program Files\WindowsApps\CyberLink.PowerDirector17EssentialforMSI_17.0.2712.0_x64__jtmmp2jxy9gb6 [2023-10-21] (CyberLink)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.38.277.0_x64__dt26b99r8h8gj [2023-10-21] (Realtek Semiconductor Corp)
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.617.655.0_x64__55nm5eh3cm0pr [2024-03-24] (Roblox Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.19.1262.0_x64__8wekyb3d8bbwe [2024-02-08] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0 [2024-03-22] (Spotify AB) [Startup Task]
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2024-02-01] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2953557184-4198598645-1749663361-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\zelen\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute)
CustomCLSID: HKU\S-1-5-21-2953557184-4198598645-1749663361-1001_Classes\CLSID\{FD848478-65F5-4F01-ACD9-69195EC3631F}\localserver32 -> C:\Program Files\cFosSpeed\cfosspeed.exe (cFos Software GmbH -> cFos Software GmbH)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-01-24] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-01-24] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-03-25] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_509c7440ad905b9c\nvshext.dll [2024-03-13] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-01-24] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-03-25] (Malwarebytes Inc. -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\zelen\Desktop\David - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\zelen\Desktop\Google Developers.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=nbijalpneffngbkfkdikjeolmphefghm
ShortcutWithArgument: C:\Users\zelen\Desktop\Google Password Manager.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\zelen\Desktop\Kalendář akcí Luděk Blovský.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=dgbchiokgdepijhnlecgdhbbnocdkcep
ShortcutWithArgument: C:\Users\zelen\Desktop\YouTube Music.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cinhimbnkkaeohfgghhklpknlkffjgod
ShortcutWithArgument: C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_kajebgjangihfbkjfejcanhanjmmbcfd\Google Password Manager.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Authy.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gaedmjdfmmahhbjefcbgaolhhanlaolb
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Google Developers.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=nbijalpneffngbkfkdikjeolmphefghm
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Google Password Manager.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Kalendář akcí Luděk Blovský.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=dgbchiokgdepijhnlecgdhbbnocdkcep
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\WavesLiteApp.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kfmcaklajknfekomaflnhkjjkcjabogm
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Web Server for Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ofhbbkphhbklhfoeikjpcbhemlocgigb
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube Music.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cinhimbnkkaeohfgghhklpknlkffjgod
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Password Manager.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Password Manager.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\c8d89645c188b327\Instant Data Scraper.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ofaokhiedipichpaobibbnahnkdoiiah
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\6ddfdda7e648aa1f\MetaMask.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=nkbihfbeogaeaoehlefnkodbefgpgknn
==================== Loaded Modules (Whitelisted) =============
2020-06-04 20:31 - 2018-11-23 07:01 - 000344576 _____ (A-Volute) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Voice Boost\YooMixCOM.dll
2024-03-12 19:05 - 2018-11-15 14:08 - 002200784 _____ (Dexin Corp -> MICRO-STAR INTERNATIONAL) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\IcMSIDll.dll
2023-11-20 15:14 - 2023-11-20 15:14 - 005855744 _____ (ESET, spol. s r.o. -> ESET) [File not signed] C:\Program Files\ESET\ESET Security\Modules\em045_64\1087\em045_64.dll
2022-07-15 18:00 - 2022-07-15 18:00 - 000094720 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2024-03-12 19:05 - 2018-08-31 07:26 - 000053760 _____ (MS) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\MsIo32_Galax.dll
2021-02-10 12:45 - 2021-12-22 21:03 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2021-02-10 12:45 - 2021-12-22 21:03 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2021-02-10 12:45 - 2021-12-22 21:03 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2022-11-05 09:35 - 2021-12-22 21:03 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2022-11-05 09:35 - 2021-12-22 21:03 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2022-11-05 09:35 - 2021-12-22 21:03 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2022-11-05 09:35 - 2021-12-22 21:03 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2022-11-05 09:35 - 2021-12-22 21:03 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2022-11-05 09:35 - 2021-12-22 21:03 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2024-03-12 19:05 - 2016-10-04 04:43 - 000399872 _____ (TODO: <公司名稱>) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Lib\SDKDLL.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\zelen\Desktop\AdwCleaner.exe:MBAM.Zone.Identifier [229]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\S-1-5-21-2953557184-4198598645-1749663361-1001 -> DefaultScope {5A1D52C7-4FE7-4767-8087-2D82AFE80702} URL =
SearchScopes: HKU\S-1-5-21-2953557184-4198598645-1749663361-1001 -> {5A1D52C7-4FE7-4767-8087-2D82AFE80702} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2021-06-27] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2021-06-27] (Oracle America, Inc. -> Oracle Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2021-02-07 21:16 - 2023-10-17 17:48 - 000000526 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
0 606
192.168.137.1 DESKTOP-2K8AIVB.mshome.net # 2028 10 0 15 16 48 45 925
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Git\cmd;C:\Program Files\nodejs\;C:\Program Files\dotnet\
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\zelen\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\wallpaper_msi.jpg
HKU\S-1-5-21-2953557184-4198598645-1749663361-1002\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Wi-Fi: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)
VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
VirtualBox Host-Only Network: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\StartupApproved\Run: => "GogGalaxy"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\StartupApproved\Run: => "SharewareOnSale Notifier"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\StartupApproved\Run: => "XperiaCompanionAgent"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\StartupApproved\Run: => "Software Informer"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{A7F94DF6-8AAD-4DC6-84DF-DD94640F1D24}C:\program files (x86)\transmission\transmission-qt.exe] => (Allow) C:\program files (x86)\transmission\transmission-qt.exe (SignPath Foundation -> Transmission Project)
FirewallRules: [TCP Query User{2016545F-F445-4436-A8B9-0488AB8B1B29}C:\program files (x86)\transmission\transmission-qt.exe] => (Allow) C:\program files (x86)\transmission\transmission-qt.exe (SignPath Foundation -> Transmission Project)
FirewallRules: [UDP Query User{A02AF340-9084-41C2-8F5D-0096DD51FA24}C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe] => (Allow) C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe => No File
FirewallRules: [TCP Query User{BD733FF3-1232-431E-B935-3AAF844C1639}C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe] => (Allow) C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe => No File
FirewallRules: [{783FBF56-AA5D-41E1-B3DF-E506462E35AD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{BC007AE8-B798-4DCB-B46D-8ABF06EE1E81}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{DC1C63FA-C7E8-49BC-9B11-41E75E4AB409}C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe] => (Allow) C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe => No File
FirewallRules: [TCP Query User{CABFD30B-7FE1-48F8-9C24-A40EFEA785C4}C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe] => (Allow) C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe => No File
FirewallRules: [UDP Query User{F8A4C2F7-56E2-45A5-AF0D-C04A0B3BE0E2}C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe] => (Allow) C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe => No File
FirewallRules: [TCP Query User{7E7F907D-BA23-4C05-A070-4B74A546581A}C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe] => (Allow) C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe => No File
FirewallRules: [{CEE77283-FE72-47BF-A2CD-AE08086E2654}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{875F819F-AAD0-4008-BB6F-5BE6F2F10D64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{BFCC9E9D-2493-4780-B5E8-EB694098797F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [{F1876F77-1677-463E-AF35-986A75BADE88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [UDP Query User{417B87DF-C840-49D0-B781-B482097B2D99}C:\program files\secondlifeviewer\llplugin\dullahan_host.exe] => (Allow) C:\program files\secondlifeviewer\llplugin\dullahan_host.exe (Linden Research Inc -> )
FirewallRules: [TCP Query User{4CBB2619-B8EE-4A0E-B035-48B0988DEB0F}C:\program files\secondlifeviewer\llplugin\dullahan_host.exe] => (Allow) C:\program files\secondlifeviewer\llplugin\dullahan_host.exe (Linden Research Inc -> )
FirewallRules: [UDP Query User{7D7F53D1-5BBE-4CDB-BACC-C6BFDC601242}C:\program files\secondlifeviewer\slvoice.exe] => (Allow) C:\program files\secondlifeviewer\slvoice.exe () [File not signed]
FirewallRules: [TCP Query User{25671E71-F1CD-42D1-91B4-14D49A2D23F9}C:\program files\secondlifeviewer\slvoice.exe] => (Allow) C:\program files\secondlifeviewer\slvoice.exe () [File not signed]
FirewallRules: [{DF4C2535-A077-4BD4-9E1C-C427F953431D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{07579DC1-996F-4F94-B404-93D3CFEFA65D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B656C835-D43D-4332-A195-5A56E2A1A687}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3EF97105-8594-422A-AB76-8E5731A7B2FC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{6EA658D7-F5C6-4670-90FE-AAF469D1E3FC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F83FE58E-28BA-4912-9A6D-290338C3EF2D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{2F580671-3688-462B-9D95-790FFE0DC5CF}D:\program files\android\android studio\jre\bin\java.exe] => (Allow) D:\program files\android\android studio\jre\bin\java.exe => No File
FirewallRules: [UDP Query User{DDBFA49E-60A3-4488-BE92-8C1F48663868}D:\program files\android\android studio\jre\bin\java.exe] => (Allow) D:\program files\android\android studio\jre\bin\java.exe => No File
FirewallRules: [{9B465E64-FA8F-49D2-8ED5-0BD3718EB7DF}] => (Allow) D:\SteamLibrary\steamapps\common\GALAXIUM\GALAXIUM.exe () [File not signed]
FirewallRules: [{9A25DD1A-57A7-420F-BEFD-ADDA4A8073BA}] => (Allow) D:\SteamLibrary\steamapps\common\GALAXIUM\GALAXIUM.exe () [File not signed]
FirewallRules: [{9A1D5291-8B49-434F-A587-94725127E2EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT Rally 2.0\dirtrally2.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{1D8A7CE9-0F20-4F46-9657-33C6C73E8807}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT Rally 2.0\dirtrally2.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{ACAD00D9-DCF8-4F2C-817C-895F2E3F77C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Intergalactic Bubbles\Intergalactic Bubbles.exe () [File not signed]
FirewallRules: [{7A0D71B3-33B9-46D7-992A-1F43AD135D0D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Intergalactic Bubbles\Intergalactic Bubbles.exe () [File not signed]
FirewallRules: [{C048214A-89D8-42B2-9011-EA213F0DD198}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe => No File
FirewallRules: [{F4004CF2-5A1E-45CC-9749-DC4923AF4F18}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1878C184-556A-4A24-B637-95474C5B4901}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5E245D6D-95BA-4DCB-B82C-A8ABAA5B3DD0}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{8F93317B-8970-49A3-B685-83A5F1794CAC}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{EC639165-1E19-47BE-8559-63422BEFF31D}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{A1A60BF8-3687-4421-B91C-68E7E13259B0}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{78B71DE3-87F2-4C49-AC3A-FBC822D9BEAC}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{FE982B74-1D68-4373-84EE-3F8DA7F29025}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{EC806B71-0A28-4DE4-9DFB-FBCCF68B8E83}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{63988F87-1F05-4392-9F38-22A4D8D9B478}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{9FD47D40-2148-440D-AC2D-415E35FEDA3F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [{8A293FCE-D369-433B-9A1A-8A45854B57E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [{29055C62-DB32-4522-897E-9AB522E923F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{9B88F1B3-EA4E-469E-9ADA-90682C7BA2E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{F7613889-0340-45B5-9AA1-DA77CD8DC1E2}] => (Allow) C:\Program Files (x86)\Origin Games\Need For Speed Hot Pursuit Remastered\NFS11Remastered.exe => No File
FirewallRules: [{36BE4E23-1370-482D-ABEA-4A7292763FA4}] => (Allow) C:\Program Files (x86)\Origin Games\Need For Speed Hot Pursuit Remastered\NFS11Remastered.exe => No File
FirewallRules: [{76FE24A5-4694-4216-840E-690DDE3A43D8}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{6283C9E0-EFE4-4EEF-9B11-77A3E0CB66A2}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{000B342C-81F1-41A5-B704-45809AA7F5C5}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{BCFD9621-95A2-4DEF-92A3-1894F76C9143}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{165A4F64-AC5A-4E14-AE75-901C6F208A5F}] => (Allow) C:\Program Files\AVG\TuneUp\TuneupUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{91FB25C6-6480-4D95-AC4E-AB6D475B9F1D}] => (Allow) C:\Program Files\AVG\TuneUp\TuneupUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{A1100A26-8604-4347-A6B2-2A37B577CC06}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.)
FirewallRules: [{9D489F3E-ACFC-43B1-B8F2-A6FE631E4F7A}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.)
FirewallRules: [{7EC1CF1C-7A8C-4424-85AA-4758B873D6FB}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => No File
FirewallRules: [{9EBF7898-9377-4DE0-9216-FC324E806EB2}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Game.exe => No File
FirewallRules: [{0B17498B-834B-4C4C-9D82-1DA023A6D11B}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Game.exe => No File
FirewallRules: [{E0F01AB7-3ECB-47D0-A916-397DFF9CC50A}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Setup.exe => No File
FirewallRules: [{E221EE32-9F52-4F12-89F7-88DFF3072D77}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Setup.exe => No File
FirewallRules: [{A71D04B6-26BF-4FDF-8DC5-C2A0BB14D056}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia\Mafia\Game.exe (Illusion Softworks) [File not signed]
FirewallRules: [{9A6DD132-7919-407D-A3D6-BCB2F7B2D4A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia\Mafia\Game.exe (Illusion Softworks) [File not signed]
FirewallRules: [{8AB27AE7-AC22-4F41-8762-C195EC48E72B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia\Mafia\Setup.exe () [File not signed]
FirewallRules: [{7B82B96C-2C01-4822-8097-483A8137AD9D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia\Mafia\Setup.exe () [File not signed]
FirewallRules: [{8CAA30C7-E97F-4B6D-8612-13F6AB7E2306}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{E4B6CDE3-7C8A-445D-A400-ECBBAE819603}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.106.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{95A72FAE-CF06-41DA-BEBC-71960F746594}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.106.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8BB518A9-3BDC-4481-9820-6EE157FE760C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.106.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{ED0F7D20-2308-47D1-BB44-32833E019320}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.106.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0B56FB99-3E30-4A32-A7CD-8EE8B0E6B616}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1147E0FD-8EA4-4C4C-98E0-8EE9CE1CD427}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5339570B-3507-415C-9D7C-CB4B2DC87CCF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8B80191B-5B6C-4E98-8153-187B86C47DF2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AA35A439-9D89-4C9B-B596-63A244F93635}] => (Allow) D:\SteamLibrary\steamapps\common\CoJ Gunslinger\CoJGunslinger.exe (TECHLAND SP Z O O -> Techland)
FirewallRules: [{B832FCEC-1B2E-4AF7-878D-C64F8A460A34}] => (Allow) D:\SteamLibrary\steamapps\common\CoJ Gunslinger\CoJGunslinger.exe (TECHLAND SP Z O O -> Techland)
FirewallRules: [{AB1E3E8E-229A-4082-9DB4-5722CFD909D2}] => (Allow) C:\Program Files (x86)\Overwolf\0.242.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{6EDABE47-1673-4F65-ACDD-794C13EB47DB}] => (Allow) C:\Program Files (x86)\Overwolf\0.242.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{AB7D0A2F-3962-4852-9880-01539C6DDF16}] => (Block) C:\Program Files (x86)\Overwolf\0.242.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{6479B68E-A9C4-4B18-8AB9-BC0CE9E32F70}] => (Block) C:\Program Files (x86)\Overwolf\0.242.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{AEA9A86B-6786-4F45-8244-1AD21640FEF4}] => (Allow) C:\Program Files (x86)\Overwolf\0.242.1.6\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{6DB1BBC4-2EEE-4125-8777-741DCDDD2102}] => (Allow) C:\Program Files (x86)\Overwolf\0.242.1.6\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{8B09D785-FFB7-47A7-836B-B53D691FD319}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E7C478DA-8BA1-4DA8-B273-63199A45ED60}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{3548183A-C0E0-445F-9961-0EC1F5B54F89}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D1DD1A97-4048-4AC9-BA47-98D014239516}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D20C8D57-BEF9-4436-A814-A82F4820622B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D83D4E71-1B0F-4046-A9C2-28A422EA6860}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4D1B32A3-3B05-46F0-B803-6A57A02F390E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D25786FC-038B-4D14-964C-ECAB1B92A1D6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{AB46ED76-7DF9-4D4C-829A-7F2A4DC9D52D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{897DB355-727E-40CF-ABE0-230FB13C643C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BF533279-0CD3-4FD8-AB85-C1086A5FCCF4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A4A56CCF-BCB8-4C5B-9E93-E023D66104FC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5317C6E4-1B0A-471D-887B-28DF43CBC615}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{81A92194-8567-4830-9DFE-441215A9EC6D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5E8E77AC-E8EC-40FC-9036-4B3DE433C47E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B644E846-A863-4202-8542-428ED7BF565B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D56932E4-D6F6-4ED8-9D01-C3A2E1288FD4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{561C3B9E-2122-4D91-81C8-507E032A04B9}] => (Allow) LPort=32682
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/25/2024 06:29:13 PM) (Source: SecurityCenter) (EventID: 19) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu AntiVirusProduct z úložiště dat.
Error: (03/25/2024 06:29:13 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu FirewallProduct z úložiště dat.
Error: (03/25/2024 06:27:42 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: DESKTOP-2K8AIVB)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).
Error: (03/25/2024 06:27:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: backgroundTaskHost.exe, verze: 10.0.19041.3636, časové razítko: 0xe9186526
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.3996, časové razítko: 0xb756c9ff
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000012d952
ID chybujícího procesu: 0x2d38
Čas spuštění chybující aplikace: 0x01da7ed9ab1793f1
Cesta k chybující aplikaci: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: a3abc357-30eb-4ae6-a96b-71c46a73846e
Úplný název chybujícího balíčku: Microsoft.YourPhone_1.24021.105.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
Error: (03/25/2024 06:26:34 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]
Error: (03/25/2024 06:10:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Malwarebytes.exe, verze: 5.0.0.752, časové razítko: 0x64b073ea
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.3996, časové razítko: 0xb756c9ff
Kód výjimky: 0xe0434352
Posun chyby: 0x000000000002cf19
ID chybujícího procesu: 0x4714
Čas spuštění chybující aplikace: 0x01da7ed65faf06d4
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 8c56dcbf-462a-4daf-b1a7-09e980b2b570
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (03/25/2024 06:10:17 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Malwarebytes.exe
CoreCLR Version: 6.0.2523.51912
.NET Version: 6.0.25
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Runtime.InteropServices.ExternalException (0x800401D0): Požadovaná operace se schránkou se nezdařila.
at System.Windows.Forms.Clipboard.SetDataObject(Object data, Boolean copy, Int32 retryTimes, Int32 retryDelay)
at System.Windows.Forms.Clipboard.SetText(String text, TextDataFormat format)
at System.Windows.Forms.Clipboard.SetText(String text)
at MbamUI.ViewModels.ScanReportViewModel.OnCopyToClipboard()
at Prism.Commands.DelegateCommand.Execute()
at Prism.Commands.DelegateCommand.Execute(Object parameter)
at Prism.Commands.DelegateCommandBase.System.Windows.Input.ICommand.Execute(Object parameter)
at Prism.Interactivity.InvokeCommandAction.Invoke(Object parameter)
at Microsoft.Xaml.Behaviors.TriggerBase.InvokeActions(Object parameter)
at Microsoft.Xaml.Behaviors.EventTriggerBase.OnEvent(EventArgs eventArgs)
at Microsoft.Xaml.Behaviors.EventTriggerBase.OnEventImpl(Object sender, EventArgs eventArgs)
at System.Windows.RoutedEventArgs.InvokeHandler(Delegate handler, Object target)
at System.Windows.EventRoute.InvokeHandlersImpl(Object source, RoutedEventArgs args, Boolean reRaised)
at System.Windows.UIElement.RaiseEventImpl(DependencyObject sender, RoutedEventArgs args)
at System.Windows.UIElement.RaiseTrustedEvent(RoutedEventArgs args)
at System.Windows.Input.InputManager.ProcessStagingArea()
at System.Windows.Input.InputProviderSite.ReportInput(InputReport inputReport)
at System.Windows.Interop.HwndMouseInputProvider.ReportInput(IntPtr hwnd, InputMode mode, Int32 timestamp, RawMouseActions actions, Int32 x, Int32 y, Int32 wheel)
at System.Windows.Interop.HwndMouseInputProvider.FilterMessage(IntPtr hwnd, WindowMessage msg, IntPtr wParam, IntPtr lParam, Boolean& handled)
at System.Windows.Interop.HwndSource.InputFilterMessage(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled)
at MS.Win32.HwndWrapper.WndProc(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled)
at MS.Win32.HwndSubclass.DispatcherCallbackOperation(Object o)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Int32 numArgs)
at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object source, Delegate callback, Object args, Int32 numArgs, Delegate catchHandler)
at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(DispatcherPriority priority, TimeSpan timeout, Delegate method, Object args, Int32 numArgs)
at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam)
at MS.Win32.UnsafeNativeMethods.DispatchMessage(MSG& msg)
at System.Windows.Threading.Dispatcher.PushFrameImpl(DispatcherFrame frame)
at System.Windows.Threading.Dispatcher.PushFrame(DispatcherFrame frame)
at System.Windows.Threading.Dispatcher.Run()
at System.Windows.Application.RunDispatcher(Object ignore)
at System.Windows.Application.RunInternal(Window window)
at System.Windows.Application.Run()
at MbamUI.App.Main()
Error: (03/22/2024 03:38:53 PM) (Source: SecurityCenter) (EventID: 19) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu AntiVirusProduct z úložiště dat.
System errors:
=============
Error: (03/25/2024 06:29:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (03/25/2024 06:29:13 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (120000 ms).
Error: (03/25/2024 06:27:14 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1033) (User: NT AUTHORITY)
Description: Potentially revoked boot manager was detected in EFI partition. For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931
Error: (03/25/2024 06:27:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba GameInput Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.
Error: (03/25/2024 06:27:07 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba GameInput Service byla ukončena s následující chybou:
Složený soubor GameInput Service byl vytvořen s novější verzi úložného prostoru.
Error: (03/25/2024 06:26:56 PM) (Source: iaStorAC) (EventID: 4102) (User: )
Description: Error log: Smart event occured on disk :S266J90BA13291
Error: (03/25/2024 06:19:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (03/25/2024 06:19:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba AVG TuneUp byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.
CodeIntegrity:
===============
Date: 2024-03-25 19:08:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2024-03-25 19:01:07
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 8.00 06/15/2020
Motherboard: Micro-Star International Co., Ltd. MS-B9331
Processor: Intel(R) Core(TM) i5-10400F CPU @ 2.90GHz
Percentage of memory in use: 38%
Total physical RAM: 16314.08 MB
Available physical RAM: 10091.68 MB
Total Virtual: 21946.08 MB
Available Virtual: 13497.43 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:286.16 GB) (Free:10.87 GB) (Model: WDC PC SN530 SDBPNPZ-512G-1032) NTFS
Drive d: (Data) (Fixed) (Total:167.39 GB) (Free:111.96 GB) (Model: WDC PC SN530 SDBPNPZ-512G-1032) NTFS
Drive h: (CCCOMA_X86FRE_CS-CZ_DV9) (Fixed) (Total:931.51 GB) (Free:393.5 GB) (Model: TOSHIBA MQ04ABF100 USB Device) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{631221af-abf1-4d6c-bd93-de9beb888025}\ (WINRE) (Fixed) (Total:0.78 GB) (Free:0.23 GB) NTFS
\\?\Volume{5356a5cb-377a-49ac-a83a-4eb5d0f3e331}\ (BIOS_RVY) (Fixed) (Total:22.37 GB) (Free:0.69 GB) NTFS
\\?\Volume{944a7564-3713-4d76-942c-e40bd8995cf5}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32
\\?\Volume{d6ecec97-76b8-4b1d-a1ac-c64506e9d8d6}\ () (Fixed) (Total:0.5 GB) (Free:0.49 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: C03A8003)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 596.2 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: 18BBE804)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25.03.2024
Ran by zelen (administrator) on DESKTOP-2K8AIVB (Micro-Star International Co., Ltd. MAG H410 Infinite S (MS-B933)) (25-03-2024 19:09:17)
Running from C:\Users\zelen\Desktop\FRST64.exe
Loaded Profiles: zelen
Platform: Microsoft Windows 10 Home Version 22H2 19045.4170 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(A225F3B5-240D-4EE9-BCF4-697A07F5E93E -> Micro-Star INT'L CO., LTD.) C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.121.0_x64__kzh8wxbdkxb8p\DCv2\DCv2.exe
(A-Volute SAS -> A-Volute) C:\Users\zelen\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
(C:\Program Files (x86)\MSI\One Dragon Center\MSI.CentralServer.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\One Dragon Center\CC_Engine_x64.exe
(C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI.CentralServer.exe
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.242.1.6\OverwolfHelper.exe
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.242.1.6\OverwolfHelper64.exe
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\0.242.1.6\OverwolfBrowser.exe <4>
(C:\Program Files (x86)\Overwolf\Overwolf.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Users\zelen\AppData\Local\Overwolf\ProcessCache\0.242.1.6\ddlhcmnbjcondncokaaocnpbhbmhchohknbhpnbd\MSI companion.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(explorer.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\TuneUp\TuneupUI.exe <4>
(explorer.exe ->) (Logitech Inc -> Logitech) C:\Program Files\Logi\LogiBolt\LogiBolt.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2402.1001.29.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\TuneUp\TuneupSvc.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (cFos Software GmbH -> cFos Software GmbH) C:\Program Files\cFosSpeed\spd.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_e43ec0fd38c7d43c\RstMwService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\FoundationService\MSIAPService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\One Dragon Center\Super_Charger\MSI_Super_Charger_Service.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_509c7440ad905b9c\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_550508a90a3c9a47\RtkAudUService64.exe <2>
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(svchost.exe ->) (21E1B422-257A-44A2-9C8F-379165856473 -> ) C:\Program Files\WindowsApps\A-Volute.Nahimic_1.9.22.0_x64__w2gh52qy24etm\Nahimic3.exe
(svchost.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicSvc64.exe
(svchost.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\SysWOW64\NahimicSvc32.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Windows.Media.BackgroundPlayback.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\Speed Up\StorageMonitor.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\One Dragon Center\True Color\Old\MSI.True Color.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControlEngine.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\One Dragon Center\Voice Boost\ControlVoiceBoost.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_550508a90a3c9a47\RtkAudUService64.exe [1618320 2022-11-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [196264 2024-01-24] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\AVG\TuneUp\TuneupUI.exe [9849280 2024-03-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1690368 2022-07-22] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4384104 2024-03-06] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14916448 2021-03-26] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1789960 2024-03-10] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\Run: [com.messenger] => "C:\Users\zelen\AppData\Local\Programs\Messenger\Messenger.exe" messenger://openAtLogin (No File)
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech)
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\MountPoints2: {2043a99b-d507-11eb-823c-2cf05d80969f} - "F:\startme.exe"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\MountPoints2: {ce4afd11-cabd-11ee-83c5-2cf05d80969f} - "F:\CrossLink.exe"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1002\...\Run: [MicrosoftEdgeAutoLaunch_9D9C8361A4AB7D74294FA7EB59596A99] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4060712 2024-03-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2953557184-4198598645-1749663361-1002\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\122.0.6261.131\Installer\chrmstp.exe [2024-03-21] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\123.1.64.109\Installer\chrmstp.exe [2024-03-20] (Brave Software, Inc. -> Brave Software, Inc.)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0251ccb3-1cd7-46a9-b500-fb733c63a7f5} - no filepath. <==== ATTENTION
Task: {02e2d798-e0e3-40b7-84c4-e48b26eeaf9d} - no filepath. <==== ATTENTION
Task: {08a42eef-a93f-4148-9aad-c83e67deeb5d} - no filepath. <==== ATTENTION
Task: {0a52cd0c-a2a7-4d4b-9ec1-f795027a4b78} - no filepath. <==== ATTENTION
Task: {1e342d9e-bef8-4262-8f82-8a6767b97756} - no filepath. <==== ATTENTION
Task: {4c047d5f-5cba-465e-96d0-533e73d4fc83} - no filepath. <==== ATTENTION
Task: {6245ac21-cb31-4f51-9751-cfd92f12638f} - no filepath. <==== ATTENTION
Task: {67d890a9-9a0c-4fbc-a0e5-90bcb60a93d7} - no filepath. <==== ATTENTION
Task: {9f5cbfec-5b46-44e2-ad39-9d4c1ae2e08c} - no filepath. <==== ATTENTION
Task: {b306eafe-fc6d-48ef-b00f-2cada2f7cc39} - no filepath. <==== ATTENTION
Task: {da77dee6-1414-4f1a-b087-3db1da4ed5d3} - no filepath. <==== ATTENTION
Task: {dc6ad5f1-b019-4536-9280-2fd13c433b12} - no filepath. <==== ATTENTION
Task: {e1ccd1f9-3b3d-4250-b49b-fb6d7c72e035} - no filepath. <==== ATTENTION
Task: {e8a3206a-f36f-4be6-8028-7ee0eead1ee0} - no filepath. <==== ATTENTION
Task: {f77872c3-d259-4237-b6b5-b653e0fceec9} - no filepath. <==== ATTENTION
Task: {BD1E27DE-F9AA-40D1-BD56-F9397F21936B} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe (No File)
Task: {D1133895-E698-40E6-AF19-4AB92230F36A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-02] (Avast Software s.r.o. -> Avast Software)
Task: {35EACF95-4684-497B-9C6B-73B5894268F2} - System32\Tasks\AVG\AVG TuneUp BugReport => C:\Program Files\AVG\TuneUp\AvBugReport.exe [4979128 2024-03-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) -> --send "dumps|report" --silent --product 74 --programpath "C:\Program Files\AVG\TuneUp\Setup\.." --configpath "C:\Program Files\AVG\TuneUp\Setup" --path "C:\ProgramData\AVG\TuneUp\log" --path "C:\ProgramData\AVG\Icarus\Logs" --logpath "C:\ProgramData\AVG\TuneUp\log" --guid 9a95d750-5df1-45af-9069-5 (the data entry has 11 more characters).
Task: {BF749130-D176-4C79-B1B6-3D1A55B54F52} - System32\Tasks\AVG\AVG TuneUp Update => C:\Program Files\Common Files\AVG\Icarus\avg-tu\icarus.exe [7811512 2024-03-14] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {5A137660-8A4E-4D02-9229-8449C1961AAA} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162384 2021-02-05] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {CF408C2F-E0BB-4541-BF7B-B97111114BCB} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162384 2021-02-05] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {BF505F7F-2365-4B38-9E82-DAB2AE064EEF} - System32\Tasks\cFos\Registration Tasks\Open Browser => c:\program files\google\chrome\application\chrome.exe [2772256 2024-03-12] (Google LLC -> Google LLC) -> "hxxp://localhost:1487/cfosspeed/console.htm"
Task: {BE98D0DD-9660-4959-A455-0F69778063CB} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5610344 2024-03-13] (Microsoft Windows -> Microsoft Corporation)
Task: {98074E30-AE19-4820-AB82-C7026512D553} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem124.0.6359.0{D807AB07-F30E-4FC0-A8A8-2A96FD097AC1} => C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC)
Task: {9E27517C-4189-4CA1-BDA7-811F1E3F2A67} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2064744 2021-01-19] (Intel(R) Production Software -> Intel Corporation)
Task: {8997FA2E-6D7D-4CFD-910A-A0F8AB5E66D6} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2113024 2023-06-09] () [File not signed]
Task: {2A298CEE-C204-4B5A-81F5-3E796DC5637D} - System32\Tasks\Meta\Messenger-SL-Helper-S-1-5-21-2953557184-4198598645-1749663361-1001 => C:\Users\zelen\AppData\Local\Programs\Messenger\MessengerHelper.exe [2158328 2023-03-10] (Facebook, Inc. -> Meta Platforms, Inc.)
Task: {FC998AE5-FDD7-4AFC-A20A-71C0D4286589} - System32\Tasks\Meta\Messenger-WSP-Helper-S-1-5-21-2953557184-4198598645-1749663361-1001 => C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_2070.12.228.0_x64__8xx8rvfyw5nnt\app\MessengerHelper.exe [2169080 2024-03-16] (6E08453F-9BA7-4311-999C-D22FBA2FB1B8 -> Meta Platforms, Inc.)
Task: {69BF3700-02D6-4DE7-933D-26D785B12151} - System32\Tasks\MSI Task Host - ControlVoiceBoost => C:\Program Files (x86)\MSI\One Dragon Center\Voice Boost\ControlVoiceBoost.exe [30384 2019-12-20] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {6C5D4572-F19C-46D3-A7DE-B23DF6219C58} - System32\Tasks\MSI Task Host - Detect_Monitor => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [102712 2021-07-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {4C21F9B7-417E-4B30-8EA9-681C24C1B462} - System32\Tasks\MSI Task Host - DisplayID => C:\Program Files (x86)\MSI\One Dragon Center\MSI.NotifyServer.exe [102712 2021-07-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {1C7D70BC-CAE9-4B06-8BCB-9910D12D3C0D} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LEDKeeper2.exe [1822824 2023-10-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {5368F08C-AE42-4CAE-ABBD-5FAED2CC7A06} - System32\Tasks\MSISW_Host => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {22CA00AB-FE5F-4529-8968-AFEB662D5535} - System32\Tasks\NahimicSvc32Run => C:\Windows\SysWOW64\NahimicSvc32.exe [1117352 2024-01-01] (A-Volute SAS -> Nahimic)
Task: {A1A9E40D-2563-4DFD-9509-93D22886E5C7} - System32\Tasks\NahimicSvc64Run => C:\Windows\system32\NahimicSvc64.exe [1437352 2024-01-01] (A-Volute SAS -> Nahimic)
Task: {7860EE96-2C65-44E4-91AC-6B29512FE2E2} - System32\Tasks\NahimicTask32 => C:\Windows\System32\..\SysWOW64\NahimicSvc32.exe [1117352 ] (A-Volute SAS -> Nahimic)
Task: {DDFDA32B-3577-4B49-BA43-4BBCA1C46257} - System32\Tasks\NahimicTask64 => C:\Windows\System32\.\NahimicSvc64.exe [1437352 ] (A-Volute SAS -> Nahimic)
Task: {C29C609A-5AC2-42B3-BB2E-AEC20DC6DD93} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {86F38328-B421-41FF-B035-C73C93D4ABC8} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AAE73B7E-F25D-4FF7-A998-CF7F8803FD82} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {40B3AB93-D2CD-4435-9A89-C2BAFF56AE82} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7CC16CD5-9A97-4B53-A03F-98CB08AAB346} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BD74F803-73AA-4D39-A009-A5B3B5E64C8D} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3B96474D-7710-47F9-A1D1-31B4784808ED} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {256FDCB8-8DC5-48A5-87E8-481290ABF7FF} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6AFAF0F7-9648-4E3A-8D9C-840C3BD00E8D} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {24B4EE1E-3100-4B35-A82C-8ADBD3301449} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2953557184-4198598645-1749663361-1002 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {E1A67946-E35F-4CE2-BDD5-76E4FB8ED35C} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2953557184-4198598645-1749663361-1002 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {B8CCCACD-63C3-421C-B272-8BACEC08855F} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2953557184-4198598645-1749663361-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {6675C27F-3096-47DC-A842-6A30CFB9D681} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2642952 2024-03-10] (Overwolf Ltd -> Overwolf LTD) -> C:\Program Files (x86)\Overwolf\/RunningFrom Schedule
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6ecb7c76-c0a4-4ba9-99c4-395c04bd17ff}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6ecb7c76-c0a4-4ba9-99c4-395c04bd17ff}: [DhcpDomain] home
Tcpip\..\Interfaces\{d81f6edf-470e-4b70-942e-4f5b2cae3c47}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d81f6edf-470e-4b70-942e-4f5b2cae3c47}: [DhcpDomain] home
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\zelen\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-03]
Edge Notifications: Default -> hxxps://freebitco.in
Edge Extension: (Avast Online Security & Privacy) - C:\Users\zelen\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdgpikaaheckgdijjmepmdjjkbceakif [2023-06-16]
Edge Extension: (Dokumenty Google offline) - C:\Users\zelen\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-11-07]
Edge Extension: (Edge relevant text changes) - C:\Users\zelen\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-11-07]
Edge Extension: (ESET Browser Privacy & Security) - C:\Users\zelen\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nkapkmklnmidbbgjaipbgpcnbomnaakc [2023-11-30]
Edge HKLM-x32\...\Edge\Extension: [nkapkmklnmidbbgjaipbgpcnbomnaakc]
FireFox:
========
FF DefaultProfile: jyeb1nyy.default
FF ProfilePath: C:\Users\zelen\AppData\Roaming\Mozilla\Firefox\Profiles\jyeb1nyy.default [2021-08-25]
FF ProfilePath: C:\Users\zelen\AppData\Roaming\Mozilla\Firefox\Profiles\o2lcqec9.default-release [2024-03-25]
FF Extension: (Tampermonkey) - C:\Users\zelen\AppData\Roaming\Mozilla\Firefox\Profiles\o2lcqec9.default-release\Extensions\firefox@tampermonkey.net.xpi [2021-12-13]
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.19 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2021-06-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2021-06-27] (Oracle America, Inc. -> Oracle Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2024-03-25]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default [2024-03-25]
CHR Notifications: Default -> hxxps://app.ens.domains; hxxps://drive.google.com; hxxps://freebitco.in; hxxps://mail.google.com; hxxps://twitter.com; hxxps://www.aliexpress.com; hxxps://www.facebook.com; hxxps://www.instagram.com; hxxps://www.lidl.cz; hxxps://www.netflix.com; hxxps://zaletsi.cz
CHR HomePage: Default -> hxxps://www.google.com/
CHR Session Restore: Default -> is enabled.
CHR Extension: (Překladač Google) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-03-22]
CHR Extension: (DuckDuckGo) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2024-03-13]
CHR Extension: (uBlock Origin) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-02-24]
CHR Extension: (Tampermonkey) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2024-01-12]
CHR Extension: (uMatrix development build) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\eckgcipdkhcfghnmincccnhpdmnbefki [2021-02-03]
CHR Extension: (VT4Browsers) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\efbjojhplkelaegfbieplglfidafgoka [2023-11-13]
CHR Extension: (Stylish - Custom themes for any website) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2024-01-15]
CHR Extension: (Wayback Machine) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpnmgdkabkmnadcjpehmlllkndpkmiak [2023-11-22]
CHR Extension: (Authy) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaedmjdfmmahhbjefcbgaolhhanlaolb [2021-02-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-22]
CHR Extension: (Wappalyzer - Technology profiler) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gppongmhjkpfnbhagpmjfkannfbllamg [2024-02-21]
CHR Extension: (feedly) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2021-02-03]
CHR Extension: (Social Fixer for Facebook) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb [2023-09-11]
CHR Extension: (SEMOR) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\igcjcgdkngjanadjligggkimempkknnp [2021-02-03]
CHR Extension: (WavesLiteApp) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfmcaklajknfekomaflnhkjjkcjabogm [2021-02-03]
CHR Extension: (dlvr.it) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnbmafaeknhpeabpppkieambfcnlcipb [2022-05-30]
CHR Extension: (Morpheon Dark) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad [2024-03-13]
CHR Extension: (Ghostery Tracker Ad Blocker - Privacy AdBlock) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2024-03-10]
CHR Extension: (MetaMask) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2024-03-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-03]
CHR Extension: (AMP Validator) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmoffdblmcmgeicmolmhobpoocbbmknc [2024-01-18]
CHR Extension: (Instant Data Scraper) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofaokhiedipichpaobibbnahnkdoiiah [2024-01-31]
CHR Extension: (Web Server for Chrome) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofhbbkphhbklhfoeikjpcbhemlocgigb [2021-04-07]
CHR Extension: (ESET Browser Privacy & Security) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\oombnmpbbhbakfpfgdflaajkhicgfaam [2024-02-13]
CHR Extension: (Amino: Live CSS Editor) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcpfbcibpcbfbmddogfhcijfpboeaaf [2023-11-13]
CHR Extension: (Hlídač Shopů) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlonggbfebcjelncogcnclagkmkikk [2023-11-15]
CHR Profile: C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-03-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-15]
CHR Extension: (ESET Browser Privacy & Security) - C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oombnmpbbhbakfpfgdflaajkhicgfaam [2024-02-12]
CHR Profile: C:\Users\zelen\AppData\Local\Google\Chrome\User Data\System Profile [2024-03-25]
CHR HKLM-x32\...\Chrome\Extension: [oombnmpbbhbakfpfgdflaajkhicgfaam]
Brave:
=======
BRA DefaultProfile: Default
BRA Profile: C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-11-10]
BRA Extension: (Překladač Google) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-11-10]
BRA Extension: (Authenticator) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\bhghoamapcdpbohphigoooaddinpkbai [2023-11-10]
BRA Extension: (Adblock Plus - free ad blocker) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-11-10]
BRA Extension: (Pushbullet) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2023-11-10]
BRA Extension: (Plasma Integration) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cimiefiiaegbelhefglklhhakcgmhkai [2023-11-10]
BRA Extension: (Simple Auto Scroll) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\dccjkemhmffnljlnnoffljpkhkfpldff [2021-02-05]
BRA Extension: (Tampermonkey) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2023-11-10]
BRA Extension: (uMatrix development build) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\eckgcipdkhcfghnmincccnhpdmnbefki [2021-02-05]
BRA Extension: (VT4Browsers) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\efbjojhplkelaegfbieplglfidafgoka [2023-11-10]
BRA Extension: (Dark Reader) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2023-11-10]
BRA Extension: (Stylish - Custom themes for any website) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2023-11-10]
BRA Extension: (Social Fixer for Facebook) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb [2023-11-10]
BRA Extension: (SEMOR) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\igcjcgdkngjanadjligggkimempkknnp [2021-02-05]
BRA Extension: (Bandzone Downloader) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\kdolellaicjnehmfidkjkkehmkkapngp [2021-02-05]
BRA Extension: (Social Book Post Manager) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ljfidlkcmdmmibngdfikhffffdmphjae [2021-02-05]
BRA Extension: (dlvr.it) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\lnbmafaeknhpeabpppkieambfcnlcipb [2023-11-10]
BRA Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2023-11-10]
BRA Extension: (Givee.Club - Get games for free!) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\modkgipgommbdobanfinadelfafeiadk [2023-11-10]
BRA Extension: (MetaMask) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2023-11-10]
BRA Extension: (AMP Validator) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\nmoffdblmcmgeicmolmhobpoocbbmknc [2023-11-10]
BRA Extension: (Amino: Live CSS Editor) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\pbcpfbcibpcbfbmddogfhcijfpboeaaf [2023-11-10]
BRA Extension: (SEOInfo) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ppbdklaincgliegpfolkjjfncpgobneb [2023-11-10]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block First Party Filters (plaintext))) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2023-11-10]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2023-11-10]
BRA Extension: (Brave NTP background images) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2023-11-10]
BRA Extension: (Wallet Data Files Updater) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2023-11-10]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2023-11-10]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-11-06]
BRA Extension: (Brave NTP sponsored images) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\efkihffiamafhbhefjaljejgdpkelpal [2023-11-10]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2023-11-10]
BRA Extension: (Brave Ads Resources) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\iejekkikpddbbockoldagmfcdbffomfc [2023-11-10]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block Updater (plaintext))) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2023-11-10]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-11-06]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2023-11-10]
BRA Extension: (Brave Ad Block Updater (EasyList Czech and Slovak (plaintext))) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\oegebjahecghlckbhkmojgnpcgdeajdi [2023-11-10]
BRA Extension: (Brave Ad Block Updater (CZE, SVK: EasyList Czech and Slovak)) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\omkkefoeihpbpebhhbhmjekpnegokpbj [2021-11-06]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\zelen\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-11-10]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162384 2021-02-05] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 BraveElevationService; C:\Program Files\BraveSoftware\Brave-Browser\Application\123.1.64.109\elevation_service.exe [2671128 2024-03-20] (Brave Software, Inc. -> Brave Software, Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162384 2021-02-05] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [602376 2021-07-29] (cFos Software GmbH -> cFos Software GmbH)
R2 CleanupPSvc; C:\Program Files\AVG\TuneUp\TuneupSvc.exe [18727360 2024-03-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [2539384 2024-01-24] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3890064 2024-01-24] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3890064 2024-01-24] (ESET, spol. s r.o. -> ESET)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2021-10-01] (Epic Games Inc. -> Epic Games, Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1874272 2021-03-26] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6840672 2021-03-26] (GOG Sp. z o.o. -> GOG.com)
S2 GoogleUpdaterInternalService124.0.6359.0; C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC)
S2 GoogleUpdaterService124.0.6359.0; C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC)
R2 LightKeeperService; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\LightKeeperService.exe [86776 2020-12-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9423680 2024-03-25] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-03-25] (Malwarebytes Inc. -> Malwarebytes)
R2 MSI Foundation Service; C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\FoundationService\MSIAPService.exe [75216 2020-09-23] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
R2 MSI_Central_Service; C:\Program Files (x86)\MSI\One Dragon Center\MSI_Central_Service.exe [147088 2020-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_Companion_Service; C:\Program Files (x86)\MSI\One Dragon Center\Game_Summary\MSI_Companion_Service.exe [143160 2021-03-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_Super_Charger_Service; C:\Program Files (x86)\MSI\One Dragon Center\Super_Charger\MSI_Super_Charger_Service.exe [39224 2021-04-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\One Dragon Center\VoiceControl\VoiceControl_Service.exe [36152 2021-08-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Mystic_Light_Service.exe [39760 2021-05-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 NahimicService; C:\WINDOWS\system32\NahimicService.exe [1909416 2024-01-01] (A-Volute SAS -> Nahimic)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_509c7440ad905b9c\Display.NvContainer\NVDisplay.Container.exe [1275528 2024-03-13] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2579272 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3497808 2022-08-09] (Electronic Arts, Inc. -> Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2642952 2024-03-10] (Overwolf Ltd -> Overwolf LTD)
S3 PrintNotify; C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll [3595776 2021-06-09] (Microsoft Corporation) [File not signed]
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [749640 2022-10-11] (Oracle Corporation -> Oracle Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2021-02-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2021-02-03] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2021-03-12] (AVAST Software s.r.o. -> The OpenVPN Project)
S3 aswWintun; C:\WINDOWS\System32\drivers\aswWintun.sys [37104 2021-07-07] (Avast Software s.r.o. -> WireGuard LLC)
S3 BlueStacksDrv_msi2; C:\Program Files\BlueStacks_msi2\BstkDrv.sys [313112 2019-05-29] (Bluestack Systems, Inc. -> Bluestack System Inc.)
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 cFosSpeed; C:\WINDOWS\system32\DRIVERS\cfosspeed6.sys [1695016 2021-07-29] (cFos Software GmbH -> cFos Software GmbH)
R1 CTIIO; C:\WINDOWS\system32\drivers\CtiIo64.sys [29208 2024-03-12] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [215616 2023-11-28] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [120032 2023-11-28] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [16336 2022-08-23] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [254344 2023-11-28] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [55528 2023-11-28] (ESET, spol. s r.o. -> ESET)
R2 EneTechIo; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\EneIo64.sys [32504 2022-07-10] (ENE TECHNOLOGY INC. -> )
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [81824 2023-11-28] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [124168 2023-11-28] (ESET, spol. s r.o. -> ESET)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2024-03-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 iaLPSS2_GPIO2; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_skl.inf_amd64_2a35efc43f1a612e\iaLPSS2_GPIO2_ICL.sys [132872 2020-04-27] (Intel Corporation -> Intel Corporation)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223296 2024-03-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-03-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [200104 2024-03-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [78400 2024-03-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-03-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [188784 2024-03-25] (Malwarebytes Inc. -> Malwarebytes)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [19000 2023-04-05] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 Nahimic_Mirroring; C:\WINDOWS\System32\drivers\Nahimic_Mirroring.sys [85616 2021-08-16] (A-Volute -> Windows (R) Win 7 DDK provider)
S3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\One Dragon Center\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\One Dragon Center\Lib\SYS\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_CPU; C:\Program Files (x86)\MSI\One Dragon Center\Super_Charger\NTIOLib_X64.sys [32592 2024-01-02] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Lib\NTIOLib_X64.sys [32488 2023-12-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R1 UimBus; C:\WINDOWS\System32\drivers\uimbus.sys [109504 2018-11-27] (Paragon Software GmbH -> Paragon Software GmbH)
R1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uimdevim.sys [46016 2018-11-27] (Paragon Software GmbH -> Paragon Software GmbH)
R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [242632 2022-10-11] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [252536 2022-10-11] (Oracle Corporation -> Oracle Corporation)
R1 VBoxSup; C:\WINDOWS\system32\DRIVERS\VBoxSup.sys [1082080 2022-10-11] (Oracle Corporation -> Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2021-02-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2021-02-03] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2021-02-03] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-03-25 18:27 - 2024-03-25 18:27 - 000188784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2024-03-25 18:13 - 2024-03-25 18:14 - 000000000 ____D C:\AdwCleaner
2024-03-25 18:13 - 2024-03-25 18:13 - 008790880 _____ (Malwarebytes) C:\Users\zelen\Desktop\adwcleaner(1).exe
2024-03-25 18:12 - 2024-03-25 18:13 - 008791352 _____ (Malwarebytes) C:\Users\zelen\Desktop\AdwCleaner.exe
2024-03-25 18:04 - 2024-03-25 18:27 - 000000000 ____D C:\Users\zelen\AppData\LocalLow\IGDump
2024-03-25 18:03 - 2024-03-25 19:02 - 000000000 ____D C:\Users\zelen\AppData\Local\Malwarebytes
2024-03-25 18:03 - 2024-03-25 18:03 - 000002060 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-03-25 18:03 - 2024-03-25 18:03 - 000002048 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2024-03-25 18:02 - 2024-03-25 18:02 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-03-25 18:02 - 2024-03-25 18:02 - 000000000 ____D C:\Program Files\Malwarebytes
2024-03-25 18:01 - 2024-03-25 18:01 - 002589624 _____ (Malwarebytes) C:\Users\zelen\Desktop\MBSetup.exe
2024-03-25 17:57 - 2024-03-25 17:57 - 000005249 _____ C:\Users\zelen\AppData\Local\recently-used.xbel
2024-03-25 17:33 - 2024-03-25 17:36 - 000063824 _____ C:\Users\zelen\Desktop\Addition.txt
2024-03-25 17:32 - 2024-03-25 19:09 - 000048856 _____ C:\Users\zelen\Desktop\FRST.txt
2024-03-25 17:32 - 2024-03-25 19:09 - 000000000 ____D C:\FRST
2024-03-25 17:28 - 2024-03-25 17:31 - 002391552 _____ (Farbar) C:\Users\zelen\Desktop\FRST64.exe
2024-03-21 17:07 - 2024-03-21 17:07 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2024-03-21 16:55 - 2024-03-13 18:36 - 002031360 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2024-03-21 16:55 - 2024-03-13 18:36 - 002031360 _____ C:\WINDOWS\system32\vulkaninfo.exe
2024-03-21 16:55 - 2024-03-13 18:36 - 001578856 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-03-21 16:55 - 2024-03-13 18:36 - 001578856 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2024-03-21 16:55 - 2024-03-13 18:36 - 001488008 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2024-03-21 16:55 - 2024-03-13 18:36 - 001445224 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2024-03-21 16:55 - 2024-03-13 18:36 - 001445224 _____ C:\WINDOWS\system32\vulkan-1.dll
2024-03-21 16:55 - 2024-03-13 18:36 - 001295208 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2024-03-21 16:55 - 2024-03-13 18:36 - 001295208 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2024-03-21 16:55 - 2024-03-13 18:36 - 001226760 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2024-03-21 16:54 - 2024-03-13 18:28 - 001046152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2024-03-21 16:54 - 2024-03-13 18:28 - 000670344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2024-03-21 16:54 - 2024-03-13 18:28 - 000505352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2024-03-21 16:54 - 2024-03-13 18:27 - 001543176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2024-03-21 16:54 - 2024-03-13 18:27 - 001199624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2024-03-21 16:54 - 2024-03-13 18:26 - 002174072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2024-03-21 16:54 - 2024-03-13 18:26 - 001626760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2024-03-21 16:54 - 2024-03-13 18:26 - 001024136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2024-03-21 16:54 - 2024-03-13 18:26 - 000841840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2024-03-21 16:54 - 2024-03-13 18:26 - 000787592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2024-03-21 16:54 - 2024-03-13 18:25 - 016034440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2024-03-21 16:54 - 2024-03-13 18:25 - 012929144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2024-03-21 16:54 - 2024-03-13 18:25 - 006780960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2024-03-21 16:54 - 2024-03-13 18:25 - 003721224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2024-03-21 16:54 - 2024-03-13 18:25 - 000459912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2024-03-21 16:54 - 2024-03-13 18:24 - 005913096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2024-03-21 16:54 - 2024-03-13 18:24 - 005773344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2024-03-21 16:54 - 2024-03-13 18:23 - 000853104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2024-03-21 16:54 - 2024-03-13 06:29 - 000119399 _____ C:\WINDOWS\system32\nvinfo.pb
2024-03-17 15:45 - 2024-03-17 15:45 - 000000000 ____D C:\Program Files\dotnet
2024-03-13 18:30 - 2024-03-13 18:30 - 000015882 _____ C:\Users\zelen\README.md
2024-03-13 04:44 - 2024-03-13 04:44 - 000019530 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-03-13 04:44 - 2024-03-13 04:44 - 000019530 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-03-13 04:38 - 2024-03-13 04:38 - 000000000 ___HD C:\$WinREAgent
2024-03-13 04:33 - 2024-03-13 04:33 - 000003236 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - ControlVoiceBoost
2024-03-12 19:05 - 2024-03-12 19:05 - 000003190 _____ C:\WINDOWS\system32\Tasks\MSI Task Host - LEDKeeper2_Host
2024-03-12 19:05 - 2024-03-12 19:05 - 000000000 ____D C:\Program Files\ENE
2024-03-12 19:04 - 2024-03-12 19:04 - 000002685 _____ C:\Users\Public\Desktop\Intel(R) Extreme Tuning Utility.lnk
2024-03-12 19:04 - 2024-03-12 19:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2024-03-10 17:26 - 2024-03-10 17:26 - 000000000 ___HD C:\$Windows.~WS
2024-03-09 22:37 - 2024-03-09 22:37 - 000031414 _____ C:\Users\zelen\Downloads\65ec0bf85e355.webp
2024-03-09 11:49 - 2024-03-09 11:49 - 419594592 _____ C:\Users\zelen\Downloads\MOV_0334.mp4
2024-03-09 07:29 - 2024-03-09 07:29 - 000054660 _____ C:\Users\zelen\Downloads\hcdMvnn.jpeg
2024-03-08 05:24 - 2024-03-08 05:24 - 000167537 _____ C:\Users\zelen\Downloads\9238227.pdf
2024-03-06 17:22 - 2024-03-06 17:22 - 000043380 _____ C:\Users\zelen\Downloads\1643672604_1_DF_e65gg31uh8367591.ged
2024-03-06 15:27 - 2024-03-11 04:30 - 000000000 ____D C:\WINDOWS\Panther
2024-03-04 18:47 - 2024-03-04 18:47 - 000685384 _____ (Mobirise.com) C:\Users\zelen\Downloads\MobiriseSetup.exe
2024-03-04 18:43 - 2024-03-06 18:37 - 000000000 ____D C:\Users\zelen\Downloads\RPRFFnzCKPIl6TBCZPxGs
2024-03-04 18:32 - 2024-03-04 18:32 - 005234364 _____ C:\Users\zelen\Downloads\RPRFFnzCKPIl6TBCZPxGs.zip
2024-03-04 05:26 - 2024-03-04 05:26 - 000000000 ____D C:\WINDOWS\InboxApps
2024-03-04 05:25 - 2024-03-04 05:25 - 000000270 __RSH C:\ProgramData\ntuser.pol
2024-03-03 15:09 - 2024-03-03 15:09 - 000019035 _____ C:\Users\zelen\Downloads\[SkT]Windows_8.1_(64bit)(CZ).torrent
2024-03-03 10:59 - 2024-03-03 10:59 - 000000000 ____D C:\WINDOWS\SysWOW64\Tasks.BackupByDriver Booster
2024-03-03 10:59 - 2024-03-03 10:59 - 000000000 ____D C:\WINDOWS\IObit
2024-03-03 10:59 - 2024-03-03 10:59 - 000000000 ____D C:\Users\zelen\AppData\Roaming\IObit
2024-03-03 10:59 - 2024-03-03 10:59 - 000000000 ____D C:\Users\zelen\AppData\LocalLow\IObit
2024-03-03 10:59 - 2024-03-03 10:59 - 000000000 ____D C:\Users\zelen\AppData\Local\IObit
2024-03-03 10:59 - 2024-03-03 10:59 - 000000000 ____D C:\ProgramData\ProductData
2024-03-03 10:59 - 2024-03-03 10:59 - 000000000 ____D C:\ProgramData\IObit
2024-03-03 09:03 - 2024-03-25 18:08 - 000000000 ____D C:\Users\zelen\Downloads\KMSAuto Lite Portable v1.6.5
2024-03-01 11:43 - 2024-03-01 11:43 - 002498035 _____ C:\Users\zelen\Downloads\Radosovice1.pdf
2024-03-01 10:43 - 2024-03-01 10:43 - 002236790 _____ C:\Users\zelen\Downloads\Radosovice.pdf
2024-03-01 04:04 - 2024-03-01 04:04 - 051062649 _____ C:\Users\zelen\Desktop\SDR Scan ,pá bře 1 2024 04-04-07.DAT
2024-02-29 19:24 - 2024-02-29 19:24 - 000000000 ____D C:\Users\zelen\Downloads\Windows 7 4v1 x86 9.2015 cz-sk
2024-02-29 15:22 - 2024-03-01 04:05 - 000003300 _____ C:\WINDOWS\system32\Tasks\klcp_update
2024-02-29 15:22 - 2024-03-01 04:05 - 000001854 _____ C:\Users\Public\Desktop\Stellar Data Recovery.lnk
2024-02-29 15:22 - 2024-03-01 04:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellar Data Recovery
2024-02-29 15:22 - 2024-03-01 04:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2024-02-29 15:22 - 2024-03-01 04:05 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2024-02-29 15:21 - 2024-03-01 04:05 - 000000000 ____D C:\Program Files\Stellar Data Recovery
2024-02-29 13:14 - 2024-02-29 13:14 - 000020072 _____ C:\Users\zelen\Downloads\[SkT]Windows_7_SP1_4v1_(x86)(9_2015)(CZ_SK).torrent
2024-02-29 12:59 - 2024-02-29 12:59 - 000038460 _____ C:\Users\zelen\Downloads\[SkT]Windows_7_32-bit_a_64-bit_-_Activated_DVD5.torrent
2024-02-29 10:23 - 2024-02-29 10:23 - 001432648 _____ (Akeo Consulting) C:\Users\zelen\Downloads\rufus-4.4.exe
2024-02-26 22:57 - 2024-02-26 22:57 - 000070612 _____ C:\Users\zelen\Downloads\101129_talkcmmntillu_p886.webp
2024-02-26 09:32 - 2024-02-26 09:32 - 000007110 _____ C:\Users\zelen\Downloads\1000126076-usedlost včetně valů a bývalého tvrziště.xlsx
2024-02-26 09:32 - 2024-02-26 09:32 - 000000000 ____D C:\Users\zelen\AppData\Roaming\NVIDIA
2024-02-25 18:10 - 2024-02-25 18:12 - 000000000 ____D C:\Users\zelen\Downloads\autodraha
2024-02-25 14:15 - 2024-02-25 14:15 - 000015478 _____ C:\Users\zelen\Downloads\[SkT]Windows_10Pro_2009.630_Lite.SE_ML_oprekin.com.iso.torrent
2024-02-24 16:27 - 2024-02-15 17:42 - 000121880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2024-02-24 16:25 - 2024-03-13 18:21 - 006033568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2024-02-24 14:58 - 2024-02-24 14:58 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2024-02-24 14:55 - 2024-03-13 18:22 - 006946400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-03-25 18:58 - 2021-02-03 17:21 - 000000000 ____D C:\Program Files (x86)\Steam
2024-03-25 18:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-03-25 18:42 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-03-25 18:33 - 2022-05-11 17:41 - 000659932 _____ C:\WINDOWS\system32\perfh005.dat
2024-03-25 18:33 - 2022-05-11 17:41 - 000136202 _____ C:\WINDOWS\system32\perfc005.dat
2024-03-25 18:33 - 2021-02-27 19:28 - 001562480 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-03-25 18:33 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-03-25 18:27 - 2023-04-27 19:58 - 000000000 ____D C:\Users\zelen\AppData\Local\LogiBolt
2024-03-25 18:27 - 2022-03-19 08:33 - 000000000 ____D C:\ProgramData\AVG
2024-03-25 18:27 - 2021-05-19 08:18 - 000003108 _____ C:\WINDOWS\system32\Tasks\NahimicTask32
2024-03-25 18:27 - 2021-05-19 08:18 - 000003088 _____ C:\WINDOWS\system32\Tasks\NahimicTask64
2024-03-25 18:27 - 2021-05-17 18:28 - 000000000 ____D C:\Users\zelen\AppData\Roaming\Messenger
2024-03-25 18:27 - 2021-03-26 01:09 - 000002328 _____ C:\Users\zelen\Desktop\MSI companion.lnk
2024-03-25 18:27 - 2021-03-26 01:08 - 000000000 ____D C:\Users\zelen\AppData\Local\Overwolf
2024-03-25 18:27 - 2021-02-27 19:24 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-03-25 18:27 - 2021-02-27 18:15 - 000008192 ___SH C:\DumpStack.log.tmp
2024-03-25 18:27 - 2021-02-03 18:23 - 000000000 ____D C:\Users\zelen\AppData\Local\CrashDumps
2024-03-25 18:27 - 2020-06-04 20:09 - 000000000 ____D C:\ProgramData\NVIDIA
2024-03-25 18:26 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-03-25 18:03 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-03-25 18:02 - 2021-03-10 20:51 - 000000000 ____D C:\Users\zelen\AppData\Local\babl-0.1
2024-03-25 17:02 - 2021-02-27 19:20 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-03-25 02:58 - 2021-03-03 03:34 - 000000000 ____D C:\Users\zelen\AppData\Roaming\FileZilla
2024-03-24 19:43 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-03-23 04:36 - 2022-02-18 00:11 - 000000000 ____D C:\Program Files\RUXIM
2024-03-21 21:24 - 2021-12-17 20:16 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-03-21 21:24 - 2021-02-03 16:08 - 000002214 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-03-21 21:24 - 2021-02-03 16:08 - 000002173 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-03-21 17:07 - 2021-02-03 16:48 - 000000000 ____D C:\Users\zelen\AppData\Local\NVIDIA
2024-03-20 20:19 - 2021-02-05 14:16 - 000002331 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2024-03-20 20:19 - 2021-02-05 14:16 - 000002290 _____ C:\Users\Public\Desktop\Brave.lnk
2024-03-19 19:15 - 2021-02-03 19:00 - 000000000 ____D C:\Users\zelen\AppData\Roaming\vlc
2024-03-19 19:10 - 2021-02-03 18:59 - 000000883 _____ C:\Users\Public\Desktop\VLC media player.lnk
2024-03-18 19:05 - 2021-05-17 18:28 - 000000000 ____D C:\Users\zelen\AppData\Local\Messenger
2024-03-18 19:05 - 2021-02-03 15:55 - 000000000 ___SD C:\Users\zelen\AppData\Roaming\Microsoft\Credentials
2024-03-18 15:00 - 2021-02-03 17:22 - 000000000 ____D C:\Users\zelen\AppData\Local\Steam
2024-03-17 15:45 - 2021-02-03 16:01 - 000000000 ____D C:\Users\zelen\AppData\Local\Packages
2024-03-17 15:45 - 2020-06-04 20:08 - 000000000 ____D C:\ProgramData\Package Cache
2024-03-17 15:45 - 2019-10-30 14:46 - 000000000 ____D C:\ProgramData\Packages
2024-03-17 15:44 - 2021-02-03 16:05 - 000000000 ____D C:\Users\zelen\AppData\Local\PlaceholderTileLogoFolder
2024-03-17 09:54 - 2021-02-03 18:10 - 000000000 ____D C:\Users\zelen\AppData\Local\D3DSCache
2024-03-16 09:28 - 2022-09-18 05:44 - 000000000 ____D C:\Users\zelen\.VirtualBox
2024-03-16 01:29 - 2021-02-03 15:50 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-03-16 01:29 - 2021-02-03 15:50 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-03-15 19:57 - 2024-02-17 02:58 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_4.dll
2024-03-15 19:57 - 2022-10-22 20:36 - 000108136 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2024-03-15 19:57 - 2022-10-22 20:36 - 000075368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2024-03-15 19:57 - 2021-11-19 05:11 - 000206440 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2024-03-15 19:57 - 2021-02-03 16:22 - 000145000 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2024-03-15 19:57 - 2021-02-03 16:17 - 002709096 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2024-03-15 19:57 - 2021-02-03 16:17 - 000706152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2024-03-15 19:57 - 2021-02-03 16:17 - 000218728 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2024-03-15 19:45 - 2022-09-18 05:44 - 000000000 ____D C:\ProgramData\VirtualBox
2024-03-14 15:11 - 2021-03-26 01:09 - 000000000 ____D C:\Program Files (x86)\Overwolf
2024-03-13 18:30 - 2021-03-06 10:50 - 000000000 ____D C:\Users\zelen\.bluefish
2024-03-13 18:30 - 2021-02-27 19:21 - 000000000 ____D C:\Users\zelen
2024-03-13 15:19 - 2020-06-04 20:09 - 000000000 ____D C:\ProgramData\Intel
2024-03-13 05:30 - 2023-03-16 03:54 - 000644104 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-03-13 05:29 - 2021-02-27 18:04 - 000000000 ___SD C:\WINDOWS\SysWOW64\lxss
2024-03-13 05:29 - 2021-02-27 18:04 - 000000000 ___SD C:\WINDOWS\system32\lxss
2024-03-13 05:29 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-03-13 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-03-13 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-03-13 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-03-13 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-03-13 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-03-13 05:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-03-13 05:29 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2024-03-13 04:47 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-03-13 04:33 - 2021-02-04 09:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-03-13 04:33 - 2020-06-04 20:28 - 000000000 ____D C:\MSI
2024-03-13 04:27 - 2021-02-04 09:07 - 190470136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-03-12 19:06 - 2020-06-04 20:31 - 000000000 ____D C:\ProgramData\MSI
2024-03-12 19:04 - 2021-02-27 19:24 - 000000000 ____D C:\WINDOWS\system32\Tasks\Intel
2024-03-12 19:04 - 2020-06-04 20:08 - 000000000 ____D C:\Program Files\Intel
2024-03-11 04:30 - 2021-09-04 10:38 - 000000000 ____D C:\ESD
2024-03-08 17:19 - 2021-03-10 20:57 - 000000000 ____D C:\Users\zelen\AppData\Local\gtk-2.0
2024-03-07 19:10 - 2021-05-14 21:36 - 000000000 ____D C:\Users\zelen\AppData\Local\ElevatedDiagnostics
2024-03-06 18:33 - 2021-03-10 06:38 - 000000000 ____D C:\Users\zelen\AppData\Roaming\Mobirise
2024-03-05 15:24 - 2021-02-27 19:24 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-03-05 15:24 - 2021-02-27 19:24 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-03-04 23:17 - 2021-02-21 20:14 - 000000000 ____D C:\ProgramData\Transmission
2024-03-04 18:48 - 2021-03-10 06:38 - 000000963 _____ C:\Users\Public\Desktop\Mobirise.lnk
2024-03-04 18:48 - 2021-03-10 06:38 - 000000963 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobirise.lnk
2024-03-04 18:48 - 2021-03-10 06:38 - 000000000 ____D C:\Users\zelen\AppData\Local\mobirise-updater
2024-03-04 05:27 - 2019-12-07 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2024-03-04 05:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2024-03-04 05:26 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2024-03-04 05:26 - 2019-12-07 15:44 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2024-03-04 05:26 - 2019-12-07 15:41 - 000000000 ____D C:\WINDOWS\system32\cs
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2024-03-04 05:26 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2024-03-04 01:11 - 2019-12-07 15:44 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2024-03-04 01:11 - 2019-12-07 15:44 - 000020827 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2024-03-04 01:11 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2024-03-04 01:11 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2024-03-04 01:10 - 2024-02-22 19:27 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\CodeIntegrityAggregator.dll
2024-03-04 01:10 - 2024-02-22 19:27 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AutomaticAppSignInPolicy.dll
2024-03-04 01:10 - 2024-02-22 19:27 - 000034112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DiagnosticDataSettings.dll
2024-03-04 01:10 - 2024-02-22 19:26 - 000849280 _____ C:\WINDOWS\system32\aemarebackup.dll
2024-03-04 01:10 - 2024-02-22 19:26 - 000741376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccount.TokenProvider.Core.dll
2024-03-04 01:10 - 2024-02-22 19:26 - 000225280 _____ C:\WINDOWS\system32\CloudIdWxhExtension.dll
2024-03-04 01:10 - 2024-02-22 19:26 - 000104448 _____ C:\WINDOWS\system32\CloudExperienceHostRedirection.dll
2024-03-04 01:10 - 2024-02-22 19:26 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AutomaticAppSignInPolicy.dll
2024-03-03 23:36 - 2021-02-21 20:13 - 000000000 ____D C:\Users\zelen\AppData\Local\transmission
2024-03-03 18:10 - 2022-09-17 05:05 - 000000000 ____D C:\Users\zelen\AppData\Local\Bluestacks
2024-03-03 18:10 - 2021-03-26 01:09 - 000000000 ____D C:\Users\zelen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2024-03-03 15:51 - 2023-02-07 06:22 - 000000206 _____ C:\Users\zelen\Downloads\rufus.ini
2024-02-29 13:44 - 2023-02-07 06:40 - 000000000 ____D C:\Users\zelen\Downloads\Rufus
2024-02-24 16:29 - 2020-06-04 20:09 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
==================== Files in the root of some directories ========
2022-03-20 17:01 - 2022-03-20 17:04 - 000108928 _____ () C:\Program Files (x86)\CMS Setup Log.txt
2022-02-05 10:29 - 2022-05-07 08:07 - 000034269 _____ () C:\Program Files (x86)\DiskPlayer Setup Log.txt
2022-02-05 10:30 - 2022-02-05 10:30 - 000007597 _____ () C:\Program Files (x86)\DiskPlayer Uninstall Log.txt
2021-08-04 15:16 - 2021-08-04 18:04 - 000000012 _____ () C:\Users\zelen\AppData\Roaming\2457fe3357cbf1220231e8917326f70f
2021-08-04 15:28 - 2021-08-04 15:28 - 000000012 _____ () C:\Users\zelen\AppData\Roaming\67fa1b1ba5b0ed2fad9c840a61e47ada
2023-08-07 17:34 - 2023-09-11 14:58 - 000000016 _____ () C:\Users\zelen\AppData\Roaming\msregsvv.dll
2021-03-06 10:21 - 2021-03-06 10:21 - 000000128 _____ () C:\Users\zelen\AppData\Local\PUTTY.RND
2024-03-25 17:57 - 2024-03-25 17:57 - 000005249 _____ () C:\Users\zelen\AppData\Local\recently-used.xbel
2021-03-25 01:01 - 2021-03-25 01:01 - 000000017 _____ () C:\Users\zelen\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25.03.2024
Ran by zelen (25-03-2024 19:10:28)
Running from C:\Users\zelen\Desktop
Microsoft Windows 10 Home Version 22H2 19045.4170 (X64) (2021-02-27 18:24:51)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2953557184-4198598645-1749663361-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2953557184-4198598645-1749663361-503 - Limited - Disabled)
Guest (S-1-5-21-2953557184-4198598645-1749663361-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2953557184-4198598645-1749663361-504 - Limited - Disabled)
Zedko (S-1-5-21-2953557184-4198598645-1749663361-1002 - Limited - Enabled) => C:\Users\Zedko
zelen (S-1-5-21-2953557184-4198598645-1749663361-1001 - Administrator - Enabled) => C:\Users\zelen
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Security (Enabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516}
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {26E0861C-6FB9-CEF9-E4F0-531986211ACE}
FW: ESET Firewall (Enabled) {E7B06BEE-DEA6-20D2-58F2-0EB69C7B826D}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}
FW: ESET Firewall (Enabled) {1EDB0739-25D6-CFA1-CFAF-FA2C78F25DB5}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
3StepIcon version 1.0.0 (HKLM-x32\...\{44F8E787-21B1-4EED-83A7-37C6998D6F6D}_is1) (Version: 1.0.0 - )
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
7-Zip 22.01 (x64 edition) (HKLM\...\{23170F69-40C1-2702-2201-000001000000}) (Version: 22.01.00.0 - Igor Pavlov)
AmpliTube 5 version 5.7.0 (HKLM\...\{D831D61F-EBF5-4158-AEE1-F58A7B8C04C8}_is1) (Version: 5.7.0 - IK Multimedia)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.15 - tippach engineering)
balenaEtcher 1.10.6 (HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b) (Version: 1.10.6 - Balena Inc.)
Bluefish 2.2.12 (HKLM-x32\...\Bluefish) (Version: 2.2.12 - The Bluefish Developers)
BlueStacks X (HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\BlueStacks X) (Version: 0.18.30.9 - BlueStack Systems, Inc.)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 123.1.64.109 - Autoři prohlížeče Brave)
cFosSpeed 12.01 (HKLM\...\cFosSpeed) (Version: 12.01 - cFos Software GmbH, Bonn)
CMS (HKLM-x32\...\CMS) (Version: - )
DiskPlayer (HKLM-x32\...\DiskPlayer) (Version: - )
Documentation Manager (HKLM\...\{ECFBCE39-F4EE-43C7-8EE7-D28EE703617D}) (Version: 21.90.0.9 - Intel Corporation) Hidden
Dogecoin (HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\Dogecoin) (Version: 1.5.1.0 - Dogecoin)
Dynamic Application Loader Host Interface Service (HKLM\...\{9958AC82-2FDD-4124-9A9E-6699BBD044CC}) (Version: 1.0.0.0 - Intel Corporation) Hidden
EmbeddedIQ Searchmonkey version 3.2.0 (HKLM\...\{89CAA77F-6F11-476C-BA53-3AEA14214E1E}_is1) (Version: 3.2.0 - EmbeddedIQ)
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.3.31 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{cb8809b0-c2ad-40f3-80c7-8ebf6c6f8f63}) (Version: 1.0.3.31 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.9.10 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{7c1089bb-6d30-4461-a52c-65839a41d745}) (Version: 1.0.9.10 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_X-JMI_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.5.1 - ENE Tech) Hidden
ENE_X-JMI_HAL (HKLM-x32\...\{50ec3a07-291b-463e-be86-487eb8cbb71c}) (Version: 1.0.5.1 - ENE Tech) Hidden
Epic Games Launcher (HKLM-x32\...\{209F4B4B-3DF2-4825-9906-D4D6A80EC09E}) (Version: 1.3.0.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
ESET Security (HKLM\...\{C8113C9E-3025-4DC5-89E8-71F7C080967A}) (Version: 17.0.16.0 - ESET, spol. s r.o.)
FileZilla 3.66.5 (HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\FileZilla Client) (Version: 3.66.5 - Tim Kosse)
G-EXTRACTOR V.18 INBUILT BROWSER (HKLM-x32\...\{5E64E6DF-BD28-4FCA-B6A1-C795994ADC21}) (Version: 18.0.0 - Tiger Vikram)
GIMP 2.10.32 (HKLM\...\GIMP-2_is1) (Version: 2.10.32 - The GIMP Team)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 122.0.6261.131 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.101.0 - Google LLC) Hidden
HDR projects 5 (64-Bit) (HKLM\...\HDR_PROJECTS_5_2_3BF7CE82_is1) (Version: 5.52 - Franzis Verlag GmbH)
honestech VHS to DVD 3.0 SE (HKLM-x32\...\{2856F5EA-E98A-40E4-BAD6-8C644A4A3F3C}) (Version: 3.0 - honestech)
iDealshare VideoGo 6.5.0.7675 (HKLM-x32\...\{CC4C06C4-7C78-4AAB-B5AF-33FB11CCD850}_is1) (Version: - iDealshare Corporation)
IK Product Manager 1.0.5 (HKLM\...\a401809f-3509-5ed7-a6dc-34dc618bf372) (Version: 1.0.5 - IK Multimedia)
Intel(R) Extreme Tuning Utility (HKLM-x32\...\{96d90b75-794d-49b2-9c6a-fb35a86c32a1}) (Version: 7.3.0.33 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM\...\{9796DAAB-D3AD-4FA4-B8F3-6061DBBE1352}) (Version: 10.1.18295.8201 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{b666e502-9089-483b-9816-0774ccc9cb61}) (Version: 10.1.18295.8201 - Intel(R) Corporation)
Intel(R) Icls (HKLM\...\{8A72FDBD-8AD3-4C27-9A60-FF2837337B71}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) LMS (HKLM\...\{5DD7767A-9935-45D3-A012-5F4707E93AC5}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2007.14.0.1488 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{80C61169-91EF-4104-BECD-CF58486979A3}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{DA32477F-B10F-4028-A351-98B464F34A2F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{3C4E6ADF-F07E-4B2B-A674-959EE7CFB887}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000080-0210-1033-84C8-B8D95FA3C8C3}) (Version: 21.80.0.3 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{71e5eda7-14f9-4a67-b930-17e31afe19be}) (Version: 21.90.0.9 - Intel Corporation) Hidden
IPCam Admin 3.0.4 (HKLM-x32\...\IPCam Admin Utility_is1) (Version: - OvisLink Technologies Corp.)
IPCam Surveillance Software 3.0.0.8 (HKLM-x32\...\IPCam Surveillance Software_is1) (Version: - OvisLink Technologies Corp.)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Java(TM) SE Development Kit 11.0.11 (64-bit) (HKLM\...\{7383FAC9-7481-5A92-A58B-85830D7B2AD3}) (Version: 11.0.11.0 - Oracle Corporation)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-IE) (HKLM-x32\...\{998D5259-3BED-4710-98FF-D63387B5429E}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-NZ) (HKLM-x32\...\{07FC9CAD-FCEC-4186-BB83-EF7CCC9372BA}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
K-Lite Codec Pack 17.6.6 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 17.6.6 - KLCP)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LibreOffice 7.3.7.2 (HKLM\...\{1CC94CCB-0957-4A62-8B29-D215EDF8D483}) (Version: 7.3.7.2 - The Document Foundation)
Logi Bolt (HKLM\...\LogiBolt) (Version: 1.2.6024.0 - Logi)
Logitech Options (HKLM\...\LogiOptions) (Version: 9.70.68 - Logitech)
Malwarebytes version 5.1.0.102 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.1.0.102 - Malwarebytes)
Messenger (HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\c1b3adcf-2068-5e8d-b25d-30ce588e3a4c) (Version: 182.0.455264854 - Facebook, Inc.)
Microsoft .NET Host - 8.0.3 (x64) (HKLM\...\{0511E062-77E0-4F80-ABA3-0F99B9EF8C4B}) (Version: 64.12.10343 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.3 (x64) (HKLM\...\{E79D3B29-C9A2-42D5-8703-85B73C452D8B}) (Version: 64.12.10343 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.3 (x64) (HKLM\...\{D98088DE-EDA4-4E1A-BF0F-ED9A9145CC70}) (Version: 64.12.10343 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 122.0.2365.92 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 122.0.2365.92 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{1F2B6AF3-C260-8666-5950-E3FEDBC851D6}) (Version: 10.1.22621.3036 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2953557184-4198598645-1749663361-1002\...\OneDriveSetup.exe) (Version: 24.015.0121.0003 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-IN) (HKLM-x32\...\{3B06AC90-DE68-44A9-95EB-0A3C1AF1514F}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{8e24fb65-31aa-446d-9c3e-35c5e11cb367}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29913 (HKLM-x32\...\{03d1453c-7d5c-479c-afea-8482f406e036}) (Version: 14.28.29913.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.31.31103 (HKLM-x32\...\{2aaf1df0-eb13-4099-9992-962bb4e596d1}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29913 (HKLM-x32\...\{572DCD10-CF2E-43D1-8151-8BD9AC9086D0}) (Version: 14.28.29913 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29913 (HKLM-x32\...\{6236EBBD-F50F-40B3-B819-8DB0C608308C}) (Version: 14.28.29913 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.31.31103 (HKLM\...\{A977984B-9244-49E3-BD24-43F0A8009667}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.31.31103 (HKLM\...\{A181A302-3F6D-4BAD-97A8-A426A6499D78}) (Version: 14.31.31103 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.3 (x64) (HKLM\...\{CE0906F2-6C11-4A2B-880B-AFB92474B13E}) (Version: 64.12.10377 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.3 (x64) (HKLM-x32\...\{fb8f4657-2b60-4298-b83e-aaccb07ef793}) (Version: 8.0.3.33416 - Microsoft Corporation)
Mobirise 5.9.13 (HKLM-x32\...\a651c295-23f6-5815-8016-69ff822d3275) (Version: 5.9.13 - Mobirise.com)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 94.0.2 (x64 cs)) (Version: 94.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 91.0.2 - Mozilla)
MSI App Player (HKLM\...\BlueStacks_msi2) (Version: 4.80.5.1004 - BlueStack Systems, Inc.)
MSI companion (HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\Overwolf_ddlhcmnbjcondncokaaocnpbhbmhchohknbhpnbd) (Version: 2.0.39 - Overwolf app)
MSI SDK (HKLM-x32\...\{EE7D557C-3AE7-4348-8DCA-3A89790D0002}}_is1) (Version: 2.2021.1110.01 - MSI)
Node.js (HKLM\...\{A5930352-39BC-48D0-9F6D-38B984914E5D}) (Version: 14.18.0 - Node.js Foundation)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 551.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 551.86 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA USBC Driver 1.50.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.50.831.832 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Oracle VM VirtualBox 6.1.40 (HKLM\...\{43A0F3F1-1A26-43F3-ABD6-30E8A54D407E}) (Version: 6.1.40 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.115.51547 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.242.1.6 - Overwolf Ltd.)
Paragon Hard Disk Manager™ 25 Anniversary LE (HKLM\...\{14EEF044-2FC6-40AA-9285-F430B3D90EF6}) (Version: 17.10.2.5049 - Paragon Software) Hidden
Paragon Hard Disk Manager™ 25 Anniversary LE (HKLM-x32\...\{f541ba6a-92bf-466b-b956-5efa58ffe017}) (Version: 17.10.2.5049 - Paragon Software GmbH)
Paragon UIM (HKLM\...\{06B4D67B-9ECB-41E5-B4C1-92F529BB703D}) (Version: 24.65.0.487 - Paragon Software) Hidden
Poedit (HKLM-x32\...\{68EB2C37-083A-4303-B5D8-41FA67E50B8F}_is1) (Version: 3.0.1 - Vaclav Slavik)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8931.1 - Realtek Semiconductor Corp.)
SecondLifeViewer (HKLM\...\SecondLifeViewer) (Version: 6.4.22.561752 - Linden Research, Inc.)
Služba Xperia Companion (HKLM\...\{0BFCDF65-FA11-431A-B059-4F58984C0D80}) (Version: 2.12.4.0 - Sony) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stellar Data Recovery (HKLM\...\Stellar Data Recovery_is1) (Version: 11.0.0.5 - Stellar Information Technology Pvt Ltd.)
Telegram Desktop (HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 4.11.1 - Telegram FZ-LLC)
Transmission 3.00 (bb6b5a062e) (HKLM-x32\...\{E98621B6-AA42-4390-93AF-4C3D2C557258}) (Version: 3.00.0 - Transmission Project)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 119.0.10382 - Ubisoft)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{B9A7A138-BFD5-4C73-A269-F78CCA28150E}) (Version: 8.94.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{9c94735f-73fd-4b0f-9ddb-8be7b3cc4681}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinToUSB verze 5.8 (HKLM\...\WinToUSB_is1) (Version: 5.8 - Hasleo Software.)
WonderFox DVD Video Converter 25.8 (HKLM-x32\...\WonderFox DVD Video Converter) (Version: 25.8 - WonderFox Soft, Inc.)
Xperia Companion (HKLM-x32\...\{8CE04ADB-E536-480B-B61F-9D16C6392A0D}) (Version: 2.12.4.0 - Sony) Hidden
Chrome apps:
============
Google Password Manager (HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\0e3d311605493bd78ad4c7dcd1baa0c3) (Version: 1.0 - Google\Chrome)
Packages:
=========
7-Zip File Manager (Unofficial) -> C:\Program Files\WindowsApps\HaukeGtze.7-ZipFileManagerUnofficial_1.2201.1.0_x64__6bk20wvc8rfx2 [2022-12-30] (Hauke Hasselberg)
AudioDirector for MSI -> C:\Program Files\WindowsApps\CyberLink.AudioDirectorforMSI_7.0.9105.0_x64__jtmmp2jxy9gb6 [2023-10-21] (CyberLink)
ColorDirector for MSI -> C:\Program Files\WindowsApps\CyberLink.ColorDirectorforMSI_5.0.8107.0_x64__jtmmp2jxy9gb6 [2023-10-21] (CyberLink)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.21.269.0_x64__rz1tebttyb220 [2024-03-21] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-10-28] (Microsoft Corporation)
DragonCenter -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.121.0_x64__kzh8wxbdkxb8p [2023-10-21] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
GEDCOM Validator -> C:\Program Files\WindowsApps\5864ChronoplexSoftware.GEDCOMValidator_10.0.2.0_x64__cfn0exghkdxkm [2024-03-17] (Chronoplex Software)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_2070.12.228.0_x64__8xx8rvfyw5nnt [2024-03-16] (Meta) [Startup Task]
Microsoft Jigsaw -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJigsaw_2.7.1181.0_x86__8wekyb3d8bbwe [2024-02-08] (Microsoft Studios)
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_4.5.2130.0_x64__8wekyb3d8bbwe [2024-02-29] (Microsoft Studios) [MS Ad]
Microsoft Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.3012.0_x64__8wekyb3d8bbwe [2023-10-21] (Microsoft Corporation)
Microsoft Sudoku -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSudoku_2.9.2291.0_x64__8wekyb3d8bbwe [2024-03-11] (Microsoft Studios) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2023-10-21] (MAGIX)
Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.9.22.0_x64__w2gh52qy24etm [2023-10-21] (A-Volute)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-17] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2024-03-21] (NVIDIA Corp.)
PhotoDirector 10 Essential for MSI -> C:\Program Files\WindowsApps\CyberLink.PhotoDirector10EssentialforMSI_10.0.2326.0_x64__jtmmp2jxy9gb6 [2023-10-21] (CyberLink)
PowerDirector 17 Essential for MSI -> C:\Program Files\WindowsApps\CyberLink.PowerDirector17EssentialforMSI_17.0.2712.0_x64__jtmmp2jxy9gb6 [2023-10-21] (CyberLink)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.38.277.0_x64__dt26b99r8h8gj [2023-10-21] (Realtek Semiconductor Corp)
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.617.655.0_x64__55nm5eh3cm0pr [2024-03-24] (Roblox Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.19.1262.0_x64__8wekyb3d8bbwe [2024-02-08] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0 [2024-03-22] (Spotify AB) [Startup Task]
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2024-02-01] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2953557184-4198598645-1749663361-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\zelen\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute)
CustomCLSID: HKU\S-1-5-21-2953557184-4198598645-1749663361-1001_Classes\CLSID\{FD848478-65F5-4F01-ACD9-69195EC3631F}\localserver32 -> C:\Program Files\cFosSpeed\cfosspeed.exe (cFos Software GmbH -> cFos Software GmbH)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-01-24] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-01-24] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-03-25] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_509c7440ad905b9c\nvshext.dll [2024-03-13] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-01-24] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2024-03-25] (Malwarebytes Inc. -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\zelen\Desktop\David - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\zelen\Desktop\Google Developers.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=nbijalpneffngbkfkdikjeolmphefghm
ShortcutWithArgument: C:\Users\zelen\Desktop\Google Password Manager.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\zelen\Desktop\Kalendář akcí Luděk Blovský.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=dgbchiokgdepijhnlecgdhbbnocdkcep
ShortcutWithArgument: C:\Users\zelen\Desktop\YouTube Music.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cinhimbnkkaeohfgghhklpknlkffjgod
ShortcutWithArgument: C:\Users\zelen\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_kajebgjangihfbkjfejcanhanjmmbcfd\Google Password Manager.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Authy.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=gaedmjdfmmahhbjefcbgaolhhanlaolb
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Google Developers.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=nbijalpneffngbkfkdikjeolmphefghm
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Google Password Manager.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Kalendář akcí Luděk Blovský.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=dgbchiokgdepijhnlecgdhbbnocdkcep
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\WavesLiteApp.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kfmcaklajknfekomaflnhkjjkcjabogm
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Web Server for Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ofhbbkphhbklhfoeikjpcbhemlocgigb
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube Music.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cinhimbnkkaeohfgghhklpknlkffjgod
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Password Manager.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Password Manager.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\c8d89645c188b327\Instant Data Scraper.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=ofaokhiedipichpaobibbnahnkdoiiah
ShortcutWithArgument: C:\Users\zelen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\6ddfdda7e648aa1f\MetaMask.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=nkbihfbeogaeaoehlefnkodbefgpgknn
==================== Loaded Modules (Whitelisted) =============
2020-06-04 20:31 - 2018-11-23 07:01 - 000344576 _____ (A-Volute) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Voice Boost\YooMixCOM.dll
2024-03-12 19:05 - 2018-11-15 14:08 - 002200784 _____ (Dexin Corp -> MICRO-STAR INTERNATIONAL) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\IcMSIDll.dll
2023-11-20 15:14 - 2023-11-20 15:14 - 005855744 _____ (ESET, spol. s r.o. -> ESET) [File not signed] C:\Program Files\ESET\ESET Security\Modules\em045_64\1087\em045_64.dll
2022-07-15 18:00 - 2022-07-15 18:00 - 000094720 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2024-03-12 19:05 - 2018-08-31 07:26 - 000053760 _____ (MS) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\MsIo32_Galax.dll
2021-02-10 12:45 - 2021-12-22 21:03 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2021-02-10 12:45 - 2021-12-22 21:03 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2021-02-10 12:45 - 2021-12-22 21:03 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2022-11-05 09:35 - 2021-12-22 21:03 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2022-11-05 09:35 - 2021-12-22 21:03 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2022-11-05 09:35 - 2021-12-22 21:03 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2022-11-05 09:35 - 2021-12-22 21:03 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2022-11-05 09:35 - 2021-12-22 21:03 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2022-11-05 09:35 - 2021-12-22 21:03 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2024-03-12 19:05 - 2016-10-04 04:43 - 000399872 _____ (TODO: <公司名稱>) [File not signed] C:\Program Files (x86)\MSI\One Dragon Center\Mystic_Light\Lib\SDKDLL.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\zelen\Desktop\AdwCleaner.exe:MBAM.Zone.Identifier [229]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\S-1-5-21-2953557184-4198598645-1749663361-1001 -> DefaultScope {5A1D52C7-4FE7-4767-8087-2D82AFE80702} URL =
SearchScopes: HKU\S-1-5-21-2953557184-4198598645-1749663361-1001 -> {5A1D52C7-4FE7-4767-8087-2D82AFE80702} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2021-06-27] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2021-06-27] (Oracle America, Inc. -> Oracle Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2021-02-07 21:16 - 2023-10-17 17:48 - 000000526 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
0 606
192.168.137.1 DESKTOP-2K8AIVB.mshome.net # 2028 10 0 15 16 48 45 925
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Git\cmd;C:\Program Files\nodejs\;C:\Program Files\dotnet\
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\zelen\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\wallpaper_msi.jpg
HKU\S-1-5-21-2953557184-4198598645-1749663361-1002\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Wi-Fi: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)
VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
VirtualBox Host-Only Network: cFosSpeed for faster Internet connections (NDIS 6) -> cfosspeed (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\StartupApproved\Run: => "GogGalaxy"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\StartupApproved\Run: => "SharewareOnSale Notifier"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\StartupApproved\Run: => "XperiaCompanionAgent"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\StartupApproved\Run: => "Software Informer"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{A7F94DF6-8AAD-4DC6-84DF-DD94640F1D24}C:\program files (x86)\transmission\transmission-qt.exe] => (Allow) C:\program files (x86)\transmission\transmission-qt.exe (SignPath Foundation -> Transmission Project)
FirewallRules: [TCP Query User{2016545F-F445-4436-A8B9-0488AB8B1B29}C:\program files (x86)\transmission\transmission-qt.exe] => (Allow) C:\program files (x86)\transmission\transmission-qt.exe (SignPath Foundation -> Transmission Project)
FirewallRules: [UDP Query User{A02AF340-9084-41C2-8F5D-0096DD51FA24}C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe] => (Allow) C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe => No File
FirewallRules: [TCP Query User{BD733FF3-1232-431E-B935-3AAF844C1639}C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe] => (Allow) C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe => No File
FirewallRules: [{783FBF56-AA5D-41E1-B3DF-E506462E35AD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{BC007AE8-B798-4DCB-B46D-8ABF06EE1E81}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{DC1C63FA-C7E8-49BC-9B11-41E75E4AB409}C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe] => (Allow) C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe => No File
FirewallRules: [TCP Query User{CABFD30B-7FE1-48F8-9C24-A40EFEA785C4}C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe] => (Allow) C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe => No File
FirewallRules: [UDP Query User{F8A4C2F7-56E2-45A5-AF0D-C04A0B3BE0E2}C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe] => (Allow) C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe => No File
FirewallRules: [TCP Query User{7E7F907D-BA23-4C05-A070-4B74A546581A}C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe] => (Allow) C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe => No File
FirewallRules: [{CEE77283-FE72-47BF-A2CD-AE08086E2654}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{875F819F-AAD0-4008-BB6F-5BE6F2F10D64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{BFCC9E9D-2493-4780-B5E8-EB694098797F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [{F1876F77-1677-463E-AF35-986A75BADE88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [UDP Query User{417B87DF-C840-49D0-B781-B482097B2D99}C:\program files\secondlifeviewer\llplugin\dullahan_host.exe] => (Allow) C:\program files\secondlifeviewer\llplugin\dullahan_host.exe (Linden Research Inc -> )
FirewallRules: [TCP Query User{4CBB2619-B8EE-4A0E-B035-48B0988DEB0F}C:\program files\secondlifeviewer\llplugin\dullahan_host.exe] => (Allow) C:\program files\secondlifeviewer\llplugin\dullahan_host.exe (Linden Research Inc -> )
FirewallRules: [UDP Query User{7D7F53D1-5BBE-4CDB-BACC-C6BFDC601242}C:\program files\secondlifeviewer\slvoice.exe] => (Allow) C:\program files\secondlifeviewer\slvoice.exe () [File not signed]
FirewallRules: [TCP Query User{25671E71-F1CD-42D1-91B4-14D49A2D23F9}C:\program files\secondlifeviewer\slvoice.exe] => (Allow) C:\program files\secondlifeviewer\slvoice.exe () [File not signed]
FirewallRules: [{DF4C2535-A077-4BD4-9E1C-C427F953431D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{07579DC1-996F-4F94-B404-93D3CFEFA65D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B656C835-D43D-4332-A195-5A56E2A1A687}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3EF97105-8594-422A-AB76-8E5731A7B2FC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{6EA658D7-F5C6-4670-90FE-AAF469D1E3FC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F83FE58E-28BA-4912-9A6D-290338C3EF2D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{2F580671-3688-462B-9D95-790FFE0DC5CF}D:\program files\android\android studio\jre\bin\java.exe] => (Allow) D:\program files\android\android studio\jre\bin\java.exe => No File
FirewallRules: [UDP Query User{DDBFA49E-60A3-4488-BE92-8C1F48663868}D:\program files\android\android studio\jre\bin\java.exe] => (Allow) D:\program files\android\android studio\jre\bin\java.exe => No File
FirewallRules: [{9B465E64-FA8F-49D2-8ED5-0BD3718EB7DF}] => (Allow) D:\SteamLibrary\steamapps\common\GALAXIUM\GALAXIUM.exe () [File not signed]
FirewallRules: [{9A25DD1A-57A7-420F-BEFD-ADDA4A8073BA}] => (Allow) D:\SteamLibrary\steamapps\common\GALAXIUM\GALAXIUM.exe () [File not signed]
FirewallRules: [{9A1D5291-8B49-434F-A587-94725127E2EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT Rally 2.0\dirtrally2.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{1D8A7CE9-0F20-4F46-9657-33C6C73E8807}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT Rally 2.0\dirtrally2.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{ACAD00D9-DCF8-4F2C-817C-895F2E3F77C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Intergalactic Bubbles\Intergalactic Bubbles.exe () [File not signed]
FirewallRules: [{7A0D71B3-33B9-46D7-992A-1F43AD135D0D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Intergalactic Bubbles\Intergalactic Bubbles.exe () [File not signed]
FirewallRules: [{C048214A-89D8-42B2-9011-EA213F0DD198}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe => No File
FirewallRules: [{F4004CF2-5A1E-45CC-9749-DC4923AF4F18}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1878C184-556A-4A24-B637-95474C5B4901}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5E245D6D-95BA-4DCB-B82C-A8ABAA5B3DD0}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{8F93317B-8970-49A3-B685-83A5F1794CAC}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{EC639165-1E19-47BE-8559-63422BEFF31D}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{A1A60BF8-3687-4421-B91C-68E7E13259B0}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{78B71DE3-87F2-4C49-AC3A-FBC822D9BEAC}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{FE982B74-1D68-4373-84EE-3F8DA7F29025}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{EC806B71-0A28-4DE4-9DFB-FBCCF68B8E83}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{63988F87-1F05-4392-9F38-22A4D8D9B478}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{9FD47D40-2148-440D-AC2D-415E35FEDA3F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [{8A293FCE-D369-433B-9A1A-8A45854B57E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [{29055C62-DB32-4522-897E-9AB522E923F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{9B88F1B3-EA4E-469E-9ADA-90682C7BA2E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{F7613889-0340-45B5-9AA1-DA77CD8DC1E2}] => (Allow) C:\Program Files (x86)\Origin Games\Need For Speed Hot Pursuit Remastered\NFS11Remastered.exe => No File
FirewallRules: [{36BE4E23-1370-482D-ABEA-4A7292763FA4}] => (Allow) C:\Program Files (x86)\Origin Games\Need For Speed Hot Pursuit Remastered\NFS11Remastered.exe => No File
FirewallRules: [{76FE24A5-4694-4216-840E-690DDE3A43D8}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{6283C9E0-EFE4-4EEF-9B11-77A3E0CB66A2}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{000B342C-81F1-41A5-B704-45809AA7F5C5}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{BCFD9621-95A2-4DEF-92A3-1894F76C9143}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{165A4F64-AC5A-4E14-AE75-901C6F208A5F}] => (Allow) C:\Program Files\AVG\TuneUp\TuneupUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{91FB25C6-6480-4D95-AC4E-AB6D475B9F1D}] => (Allow) C:\Program Files\AVG\TuneUp\TuneupUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{A1100A26-8604-4347-A6B2-2A37B577CC06}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.)
FirewallRules: [{9D489F3E-ACFC-43B1-B8F2-A6FE631E4F7A}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.)
FirewallRules: [{7EC1CF1C-7A8C-4424-85AA-4758B873D6FB}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => No File
FirewallRules: [{9EBF7898-9377-4DE0-9216-FC324E806EB2}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Game.exe => No File
FirewallRules: [{0B17498B-834B-4C4C-9D82-1DA023A6D11B}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Game.exe => No File
FirewallRules: [{E0F01AB7-3ECB-47D0-A916-397DFF9CC50A}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Setup.exe => No File
FirewallRules: [{E221EE32-9F52-4F12-89F7-88DFF3072D77}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Setup.exe => No File
FirewallRules: [{A71D04B6-26BF-4FDF-8DC5-C2A0BB14D056}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia\Mafia\Game.exe (Illusion Softworks) [File not signed]
FirewallRules: [{9A6DD132-7919-407D-A3D6-BCB2F7B2D4A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia\Mafia\Game.exe (Illusion Softworks) [File not signed]
FirewallRules: [{8AB27AE7-AC22-4F41-8762-C195EC48E72B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia\Mafia\Setup.exe () [File not signed]
FirewallRules: [{7B82B96C-2C01-4822-8097-483A8137AD9D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia\Mafia\Setup.exe () [File not signed]
FirewallRules: [{8CAA30C7-E97F-4B6D-8612-13F6AB7E2306}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{E4B6CDE3-7C8A-445D-A400-ECBBAE819603}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.106.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{95A72FAE-CF06-41DA-BEBC-71960F746594}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.106.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8BB518A9-3BDC-4481-9820-6EE157FE760C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.106.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{ED0F7D20-2308-47D1-BB44-32833E019320}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.106.3212.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0B56FB99-3E30-4A32-A7CD-8EE8B0E6B616}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1147E0FD-8EA4-4C4C-98E0-8EE9CE1CD427}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5339570B-3507-415C-9D7C-CB4B2DC87CCF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8B80191B-5B6C-4E98-8153-187B86C47DF2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AA35A439-9D89-4C9B-B596-63A244F93635}] => (Allow) D:\SteamLibrary\steamapps\common\CoJ Gunslinger\CoJGunslinger.exe (TECHLAND SP Z O O -> Techland)
FirewallRules: [{B832FCEC-1B2E-4AF7-878D-C64F8A460A34}] => (Allow) D:\SteamLibrary\steamapps\common\CoJ Gunslinger\CoJGunslinger.exe (TECHLAND SP Z O O -> Techland)
FirewallRules: [{AB1E3E8E-229A-4082-9DB4-5722CFD909D2}] => (Allow) C:\Program Files (x86)\Overwolf\0.242.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{6EDABE47-1673-4F65-ACDD-794C13EB47DB}] => (Allow) C:\Program Files (x86)\Overwolf\0.242.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{AB7D0A2F-3962-4852-9880-01539C6DDF16}] => (Block) C:\Program Files (x86)\Overwolf\0.242.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{6479B68E-A9C4-4B18-8AB9-BC0CE9E32F70}] => (Block) C:\Program Files (x86)\Overwolf\0.242.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{AEA9A86B-6786-4F45-8244-1AD21640FEF4}] => (Allow) C:\Program Files (x86)\Overwolf\0.242.1.6\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{6DB1BBC4-2EEE-4125-8777-741DCDDD2102}] => (Allow) C:\Program Files (x86)\Overwolf\0.242.1.6\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{8B09D785-FFB7-47A7-836B-B53D691FD319}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E7C478DA-8BA1-4DA8-B273-63199A45ED60}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{3548183A-C0E0-445F-9961-0EC1F5B54F89}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D1DD1A97-4048-4AC9-BA47-98D014239516}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D20C8D57-BEF9-4436-A814-A82F4820622B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D83D4E71-1B0F-4046-A9C2-28A422EA6860}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4D1B32A3-3B05-46F0-B803-6A57A02F390E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D25786FC-038B-4D14-964C-ECAB1B92A1D6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{AB46ED76-7DF9-4D4C-829A-7F2A4DC9D52D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{897DB355-727E-40CF-ABE0-230FB13C643C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BF533279-0CD3-4FD8-AB85-C1086A5FCCF4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A4A56CCF-BCB8-4C5B-9E93-E023D66104FC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5317C6E4-1B0A-471D-887B-28DF43CBC615}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.233.1042.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{81A92194-8567-4830-9DFE-441215A9EC6D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5E8E77AC-E8EC-40FC-9036-4B3DE433C47E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B644E846-A863-4202-8542-428ED7BF565B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D56932E4-D6F6-4ED8-9D01-C3A2E1288FD4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.114.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{561C3B9E-2122-4D91-81C8-507E032A04B9}] => (Allow) LPort=32682
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/25/2024 06:29:13 PM) (Source: SecurityCenter) (EventID: 19) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu AntiVirusProduct z úložiště dat.
Error: (03/25/2024 06:29:13 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu FirewallProduct z úložiště dat.
Error: (03/25/2024 06:27:42 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: DESKTOP-2K8AIVB)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).
Error: (03/25/2024 06:27:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: backgroundTaskHost.exe, verze: 10.0.19041.3636, časové razítko: 0xe9186526
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.3996, časové razítko: 0xb756c9ff
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000012d952
ID chybujícího procesu: 0x2d38
Čas spuštění chybující aplikace: 0x01da7ed9ab1793f1
Cesta k chybující aplikaci: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: a3abc357-30eb-4ae6-a96b-71c46a73846e
Úplný název chybujícího balíčku: Microsoft.YourPhone_1.24021.105.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
Error: (03/25/2024 06:26:34 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]
Error: (03/25/2024 06:10:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Malwarebytes.exe, verze: 5.0.0.752, časové razítko: 0x64b073ea
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.3996, časové razítko: 0xb756c9ff
Kód výjimky: 0xe0434352
Posun chyby: 0x000000000002cf19
ID chybujícího procesu: 0x4714
Čas spuštění chybující aplikace: 0x01da7ed65faf06d4
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 8c56dcbf-462a-4daf-b1a7-09e980b2b570
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (03/25/2024 06:10:17 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Malwarebytes.exe
CoreCLR Version: 6.0.2523.51912
.NET Version: 6.0.25
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Runtime.InteropServices.ExternalException (0x800401D0): Požadovaná operace se schránkou se nezdařila.
at System.Windows.Forms.Clipboard.SetDataObject(Object data, Boolean copy, Int32 retryTimes, Int32 retryDelay)
at System.Windows.Forms.Clipboard.SetText(String text, TextDataFormat format)
at System.Windows.Forms.Clipboard.SetText(String text)
at MbamUI.ViewModels.ScanReportViewModel.OnCopyToClipboard()
at Prism.Commands.DelegateCommand.Execute()
at Prism.Commands.DelegateCommand.Execute(Object parameter)
at Prism.Commands.DelegateCommandBase.System.Windows.Input.ICommand.Execute(Object parameter)
at Prism.Interactivity.InvokeCommandAction.Invoke(Object parameter)
at Microsoft.Xaml.Behaviors.TriggerBase.InvokeActions(Object parameter)
at Microsoft.Xaml.Behaviors.EventTriggerBase.OnEvent(EventArgs eventArgs)
at Microsoft.Xaml.Behaviors.EventTriggerBase.OnEventImpl(Object sender, EventArgs eventArgs)
at System.Windows.RoutedEventArgs.InvokeHandler(Delegate handler, Object target)
at System.Windows.EventRoute.InvokeHandlersImpl(Object source, RoutedEventArgs args, Boolean reRaised)
at System.Windows.UIElement.RaiseEventImpl(DependencyObject sender, RoutedEventArgs args)
at System.Windows.UIElement.RaiseTrustedEvent(RoutedEventArgs args)
at System.Windows.Input.InputManager.ProcessStagingArea()
at System.Windows.Input.InputProviderSite.ReportInput(InputReport inputReport)
at System.Windows.Interop.HwndMouseInputProvider.ReportInput(IntPtr hwnd, InputMode mode, Int32 timestamp, RawMouseActions actions, Int32 x, Int32 y, Int32 wheel)
at System.Windows.Interop.HwndMouseInputProvider.FilterMessage(IntPtr hwnd, WindowMessage msg, IntPtr wParam, IntPtr lParam, Boolean& handled)
at System.Windows.Interop.HwndSource.InputFilterMessage(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled)
at MS.Win32.HwndWrapper.WndProc(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled)
at MS.Win32.HwndSubclass.DispatcherCallbackOperation(Object o)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Int32 numArgs)
at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object source, Delegate callback, Object args, Int32 numArgs, Delegate catchHandler)
at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(DispatcherPriority priority, TimeSpan timeout, Delegate method, Object args, Int32 numArgs)
at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam)
at MS.Win32.UnsafeNativeMethods.DispatchMessage(MSG& msg)
at System.Windows.Threading.Dispatcher.PushFrameImpl(DispatcherFrame frame)
at System.Windows.Threading.Dispatcher.PushFrame(DispatcherFrame frame)
at System.Windows.Threading.Dispatcher.Run()
at System.Windows.Application.RunDispatcher(Object ignore)
at System.Windows.Application.RunInternal(Window window)
at System.Windows.Application.Run()
at MbamUI.App.Main()
Error: (03/22/2024 03:38:53 PM) (Source: SecurityCenter) (EventID: 19) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu AntiVirusProduct z úložiště dat.
System errors:
=============
Error: (03/25/2024 06:29:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (03/25/2024 06:29:13 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (120000 ms).
Error: (03/25/2024 06:27:14 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1033) (User: NT AUTHORITY)
Description: Potentially revoked boot manager was detected in EFI partition. For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931
Error: (03/25/2024 06:27:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba GameInput Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.
Error: (03/25/2024 06:27:07 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba GameInput Service byla ukončena s následující chybou:
Složený soubor GameInput Service byl vytvořen s novější verzi úložného prostoru.
Error: (03/25/2024 06:26:56 PM) (Source: iaStorAC) (EventID: 4102) (User: )
Description: Error log: Smart event occured on disk :S266J90BA13291
Error: (03/25/2024 06:19:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (03/25/2024 06:19:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba AVG TuneUp byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.
CodeIntegrity:
===============
Date: 2024-03-25 19:08:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2024-03-25 19:01:07
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 8.00 06/15/2020
Motherboard: Micro-Star International Co., Ltd. MS-B9331
Processor: Intel(R) Core(TM) i5-10400F CPU @ 2.90GHz
Percentage of memory in use: 38%
Total physical RAM: 16314.08 MB
Available physical RAM: 10091.68 MB
Total Virtual: 21946.08 MB
Available Virtual: 13497.43 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:286.16 GB) (Free:10.87 GB) (Model: WDC PC SN530 SDBPNPZ-512G-1032) NTFS
Drive d: (Data) (Fixed) (Total:167.39 GB) (Free:111.96 GB) (Model: WDC PC SN530 SDBPNPZ-512G-1032) NTFS
Drive h: (CCCOMA_X86FRE_CS-CZ_DV9) (Fixed) (Total:931.51 GB) (Free:393.5 GB) (Model: TOSHIBA MQ04ABF100 USB Device) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{631221af-abf1-4d6c-bd93-de9beb888025}\ (WINRE) (Fixed) (Total:0.78 GB) (Free:0.23 GB) NTFS
\\?\Volume{5356a5cb-377a-49ac-a83a-4eb5d0f3e331}\ (BIOS_RVY) (Fixed) (Total:22.37 GB) (Free:0.69 GB) NTFS
\\?\Volume{944a7564-3713-4d76-942c-e40bd8995cf5}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32
\\?\Volume{d6ecec97-76b8-4b1d-a1ac-c64506e9d8d6}\ () (Fixed) (Total:0.5 GB) (Free:0.49 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: C03A8003)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 596.2 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: 18BBE804)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Procesor stále pořád běží na 100%
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte. V systému jsou 2 plně funkční antiviry ESET a MBAM. Jeden z nich vypněte, nebo odinstalujte. Dochází k sw kolizi, která rovněž zpomaluje chod PC.Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\MountPoints2: {2043a99b-d507-11eb-823c-2cf05d80969f} - "F:\startme.exe"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\MountPoints2: {ce4afd11-cabd-11ee-83c5-2cf05d80969f} - "F:\CrossLink.exe"
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {0251ccb3-1cd7-46a9-b500-fb733c63a7f5} - no filepath. <==== ATTENTION
Task: {02e2d798-e0e3-40b7-84c4-e48b26eeaf9d} - no filepath. <==== ATTENTION
Task: {08a42eef-a93f-4148-9aad-c83e67deeb5d} - no filepath. <==== ATTENTION
Task: {0a52cd0c-a2a7-4d4b-9ec1-f795027a4b78} - no filepath. <==== ATTENTION
Task: {1e342d9e-bef8-4262-8f82-8a6767b97756} - no filepath. <==== ATTENTION
Task: {4c047d5f-5cba-465e-96d0-533e73d4fc83} - no filepath. <==== ATTENTION
Task: {6245ac21-cb31-4f51-9751-cfd92f12638f} - no filepath. <==== ATTENTION
Task: {67d890a9-9a0c-4fbc-a0e5-90bcb60a93d7} - no filepath. <==== ATTENTION
Task: {9f5cbfec-5b46-44e2-ad39-9d4c1ae2e08c} - no filepath. <==== ATTENTION
Task: {b306eafe-fc6d-48ef-b00f-2cada2f7cc39} - no filepath. <==== ATTENTION
Task: {da77dee6-1414-4f1a-b087-3db1da4ed5d3} - no filepath. <==== ATTENTION
Task: {dc6ad5f1-b019-4536-9280-2fd13c433b12} - no filepath. <==== ATTENTION
Task: {e1ccd1f9-3b3d-4250-b49b-fb6d7c72e035} - no filepath. <==== ATTENTION
Task: {e8a3206a-f36f-4be6-8028-7ee0eead1ee0} - no filepath. <==== ATTENTION
Task: {f77872c3-d259-4237-b6b5-b653e0fceec9} - no filepath. <==== ATTENTION
Task: {BD1E27DE-F9AA-40D1-BD56-F9397F21936B} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe (No File)
Task: {98074E30-AE19-4820-AB82-C7026512D553} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem124.0.6359.0{D807AB07-F30E-4FC0-A8A8-2A96FD097AC1} => C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC)
Task: {24B4EE1E-3100-4B35-A82C-8ADBD3301449} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2953557184-4198598645-1749663361-1002 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {E1A67946-E35F-4CE2-BDD5-76E4FB8ED35C} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2953557184-4198598645-1749663361-1002 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {B8CCCACD-63C3-421C-B272-8BACEC08855F} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2953557184-4198598645-1749663361-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
C:\Users\zelen\AppData\Roaming\2457fe3357cbf1220231e8917326f70f
C:\Users\zelen\AppData\Roaming\67fa1b1ba5b0ed2fad9c840a61e47ada
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
AlternateDataStreams: C:\Users\zelen\Desktop\AdwCleaner.exe:MBAM.Zone.Identifier [229]
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\S-1-5-21-2953557184-4198598645-1749663361-1001 -> DefaultScope {5A1D52C7-4FE7-4767-8087-2D82AFE80702} URL =
SearchScopes: HKU\S-1-5-21-2953557184-4198598645-1749663361-1001 -> {5A1D52C7-4FE7-4767-8087-2D82AFE80702} URL =
FirewallRules: [UDP Query User{A02AF340-9084-41C2-8F5D-0096DD51FA24}C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe] => (Allow) C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe => No File
FirewallRules: [TCP Query User{BD733FF3-1232-431E-B935-3AAF844C1639}C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe] => (Allow) C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe => No File
FirewallRules: [UDP Query User{DC1C63FA-C7E8-49BC-9B11-41E75E4AB409}C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe] => (Allow) C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe => No File
FirewallRules: [TCP Query User{CABFD30B-7FE1-48F8-9C24-A40EFEA785C4}C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe] => (Allow) C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe => No File
FirewallRules: [UDP Query User{F8A4C2F7-56E2-45A5-AF0D-C04A0B3BE0E2}C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe] => (Allow) C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe => No File
FirewallRules: [TCP Query User{7E7F907D-BA23-4C05-A070-4B74A546581A}C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe] => (Allow) C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe => No File
FirewallRules: [{CEE77283-FE72-47BF-A2CD-AE08086E2654}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{875F819F-AAD0-4008-BB6F-5BE6F2F10D64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{BFCC9E9D-2493-4780-B5E8-EB694098797F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [{F1876F77-1677-463E-AF35-986A75BADE88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [TCP Query User{2F580671-3688-462B-9D95-790FFE0DC5CF}D:\program files\android\android studio\jre\bin\java.exe] => (Allow) D:\program files\android\android studio\jre\bin\java.exe => No File
FirewallRules: [UDP Query User{DDBFA49E-60A3-4488-BE92-8C1F48663868}D:\program files\android\android studio\jre\bin\java.exe] => (Allow) D:\program files\android\android studio\jre\bin\java.exe => No File
FirewallRules: [{C048214A-89D8-42B2-9011-EA213F0DD198}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe => No File
FirewallRules: [{5E245D6D-95BA-4DCB-B82C-A8ABAA5B3DD0}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{8F93317B-8970-49A3-B685-83A5F1794CAC}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{EC639165-1E19-47BE-8559-63422BEFF31D}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{A1A60BF8-3687-4421-B91C-68E7E13259B0}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{78B71DE3-87F2-4C49-AC3A-FBC822D9BEAC}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{FE982B74-1D68-4373-84EE-3F8DA7F29025}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{EC806B71-0A28-4DE4-9DFB-FBCCF68B8E83}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{63988F87-1F05-4392-9F38-22A4D8D9B478}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{9FD47D40-2148-440D-AC2D-415E35FEDA3F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [{8A293FCE-D369-433B-9A1A-8A45854B57E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [{29055C62-DB32-4522-897E-9AB522E923F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{9B88F1B3-EA4E-469E-9ADA-90682C7BA2E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{F7613889-0340-45B5-9AA1-DA77CD8DC1E2}] => (Allow) C:\Program Files (x86)\Origin Games\Need For Speed Hot Pursuit Remastered\NFS11Remastered.exe => No File
FirewallRules: [{36BE4E23-1370-482D-ABEA-4A7292763FA4}] => (Allow) C:\Program Files (x86)\Origin Games\Need For Speed Hot Pursuit Remastered\NFS11Remastered.exe => No File
FirewallRules: [{76FE24A5-4694-4216-840E-690DDE3A43D8}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{6283C9E0-EFE4-4EEF-9B11-77A3E0CB66A2}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{000B342C-81F1-41A5-B704-45809AA7F5C5}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{BCFD9621-95A2-4DEF-92A3-1894F76C9143}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{7EC1CF1C-7A8C-4424-85AA-4758B873D6FB}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => No File
FirewallRules: [{9EBF7898-9377-4DE0-9216-FC324E806EB2}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Game.exe => No File
FirewallRules: [{0B17498B-834B-4C4C-9D82-1DA023A6D11B}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Game.exe => No File
FirewallRules: [{E0F01AB7-3ECB-47D0-A916-397DFF9CC50A}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Setup.exe => No File
FirewallRules: [{E221EE32-9F52-4F12-89F7-88DFF3072D77}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Setup.exe => No File
FirewallRules: [{AB1E3E8E-229A-4082-9DB4-5722CFD909D2}] => (Allow) C:\Program Files (x86)\Overwolf\0.242.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{6EDABE47-1673-4F65-ACDD-794C13EB47DB}] => (Allow) C:\Program Files (x86)\Overwolf\0.242.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{AB7D0A2F-3962-4852-9880-01539C6DDF16}] => (Block) C:\Program Files (x86)\Overwolf\0.242.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{6479B68E-A9C4-4B18-8AB9-BC0CE9E32F70}] => (Block) C:\Program Files (x86)\Overwolf\0.242.0.12\OverwolfBrowser.exe => No File
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Procesor stále pořád běží na 100%
MBAM jsem odinstaloval, ten jsem nainstaloval dnes omylem. Eset mám zakoupeno.
Fix result of Farbar Recovery Scan Tool (x64) Version: 25.03.2024
Ran by zelen (25-03-2024 20:21:45) Run:1
Running from C:\Users\zelen\Desktop
Loaded Profiles: zelen & Zedko
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\MountPoints2: {2043a99b-d507-11eb-823c-2cf05d80969f} - "F:\startme.exe"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\MountPoints2: {ce4afd11-cabd-11ee-83c5-2cf05d80969f} - "F:\CrossLink.exe"
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {0251ccb3-1cd7-46a9-b500-fb733c63a7f5} - no filepath. <==== ATTENTION
Task: {02e2d798-e0e3-40b7-84c4-e48b26eeaf9d} - no filepath. <==== ATTENTION
Task: {08a42eef-a93f-4148-9aad-c83e67deeb5d} - no filepath. <==== ATTENTION
Task: {0a52cd0c-a2a7-4d4b-9ec1-f795027a4b78} - no filepath. <==== ATTENTION
Task: {1e342d9e-bef8-4262-8f82-8a6767b97756} - no filepath. <==== ATTENTION
Task: {4c047d5f-5cba-465e-96d0-533e73d4fc83} - no filepath. <==== ATTENTION
Task: {6245ac21-cb31-4f51-9751-cfd92f12638f} - no filepath. <==== ATTENTION
Task: {67d890a9-9a0c-4fbc-a0e5-90bcb60a93d7} - no filepath. <==== ATTENTION
Task: {9f5cbfec-5b46-44e2-ad39-9d4c1ae2e08c} - no filepath. <==== ATTENTION
Task: {b306eafe-fc6d-48ef-b00f-2cada2f7cc39} - no filepath. <==== ATTENTION
Task: {da77dee6-1414-4f1a-b087-3db1da4ed5d3} - no filepath. <==== ATTENTION
Task: {dc6ad5f1-b019-4536-9280-2fd13c433b12} - no filepath. <==== ATTENTION
Task: {e1ccd1f9-3b3d-4250-b49b-fb6d7c72e035} - no filepath. <==== ATTENTION
Task: {e8a3206a-f36f-4be6-8028-7ee0eead1ee0} - no filepath. <==== ATTENTION
Task: {f77872c3-d259-4237-b6b5-b653e0fceec9} - no filepath. <==== ATTENTION
Task: {BD1E27DE-F9AA-40D1-BD56-F9397F21936B} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe (No File)
Task: {98074E30-AE19-4820-AB82-C7026512D553} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem124.0.6359.0{D807AB07-F30E-4FC0-A8A8-2A96FD097AC1} => C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC)
Task: {24B4EE1E-3100-4B35-A82C-8ADBD3301449} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2953557184-4198598645-1749663361-1002 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {E1A67946-E35F-4CE2-BDD5-76E4FB8ED35C} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2953557184-4198598645-1749663361-1002 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {B8CCCACD-63C3-421C-B272-8BACEC08855F} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2953557184-4198598645-1749663361-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
C:\Users\zelen\AppData\Roaming\2457fe3357cbf1220231e8917326f70f
C:\Users\zelen\AppData\Roaming\67fa1b1ba5b0ed2fad9c840a61e47ada
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
AlternateDataStreams: C:\Users\zelen\Desktop\AdwCleaner.exe:MBAM.Zone.Identifier [229]
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\S-1-5-21-2953557184-4198598645-1749663361-1001 -> DefaultScope {5A1D52C7-4FE7-4767-8087-2D82AFE80702} URL =
SearchScopes: HKU\S-1-5-21-2953557184-4198598645-1749663361-1001 -> {5A1D52C7-4FE7-4767-8087-2D82AFE80702} URL =
FirewallRules: [UDP Query User{A02AF340-9084-41C2-8F5D-0096DD51FA24}C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe] => (Allow) C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe => No File
FirewallRules: [TCP Query User{BD733FF3-1232-431E-B935-3AAF844C1639}C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe] => (Allow) C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe => No File
FirewallRules: [UDP Query User{DC1C63FA-C7E8-49BC-9B11-41E75E4AB409}C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe] => (Allow) C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe => No File
FirewallRules: [TCP Query User{CABFD30B-7FE1-48F8-9C24-A40EFEA785C4}C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe] => (Allow) C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe => No File
FirewallRules: [UDP Query User{F8A4C2F7-56E2-45A5-AF0D-C04A0B3BE0E2}C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe] => (Allow) C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe => No File
FirewallRules: [TCP Query User{7E7F907D-BA23-4C05-A070-4B74A546581A}C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe] => (Allow) C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe => No File
FirewallRules: [{CEE77283-FE72-47BF-A2CD-AE08086E2654}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{875F819F-AAD0-4008-BB6F-5BE6F2F10D64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{BFCC9E9D-2493-4780-B5E8-EB694098797F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [{F1876F77-1677-463E-AF35-986A75BADE88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [TCP Query User{2F580671-3688-462B-9D95-790FFE0DC5CF}D:\program files\android\android studio\jre\bin\java.exe] => (Allow) D:\program files\android\android studio\jre\bin\java.exe => No File
FirewallRules: [UDP Query User{DDBFA49E-60A3-4488-BE92-8C1F48663868}D:\program files\android\android studio\jre\bin\java.exe] => (Allow) D:\program files\android\android studio\jre\bin\java.exe => No File
FirewallRules: [{C048214A-89D8-42B2-9011-EA213F0DD198}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe => No File
FirewallRules: [{5E245D6D-95BA-4DCB-B82C-A8ABAA5B3DD0}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{8F93317B-8970-49A3-B685-83A5F1794CAC}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{EC639165-1E19-47BE-8559-63422BEFF31D}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{A1A60BF8-3687-4421-B91C-68E7E13259B0}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{78B71DE3-87F2-4C49-AC3A-FBC822D9BEAC}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{FE982B74-1D68-4373-84EE-3F8DA7F29025}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{EC806B71-0A28-4DE4-9DFB-FBCCF68B8E83}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{63988F87-1F05-4392-9F38-22A4D8D9B478}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{9FD47D40-2148-440D-AC2D-415E35FEDA3F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [{8A293FCE-D369-433B-9A1A-8A45854B57E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [{29055C62-DB32-4522-897E-9AB522E923F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{9B88F1B3-EA4E-469E-9ADA-90682C7BA2E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{F7613889-0340-45B5-9AA1-DA77CD8DC1E2}] => (Allow) C:\Program Files (x86)\Origin Games\Need For Speed Hot Pursuit Remastered\NFS11Remastered.exe => No File
FirewallRules: [{36BE4E23-1370-482D-ABEA-4A7292763FA4}] => (Allow) C:\Program Files (x86)\Origin Games\Need For Speed Hot Pursuit Remastered\NFS11Remastered.exe => No File
FirewallRules: [{76FE24A5-4694-4216-840E-690DDE3A43D8}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{6283C9E0-EFE4-4EEF-9B11-77A3E0CB66A2}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{000B342C-81F1-41A5-B704-45809AA7F5C5}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{BCFD9621-95A2-4DEF-92A3-1894F76C9143}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{7EC1CF1C-7A8C-4424-85AA-4758B873D6FB}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => No File
FirewallRules: [{9EBF7898-9377-4DE0-9216-FC324E806EB2}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Game.exe => No File
FirewallRules: [{0B17498B-834B-4C4C-9D82-1DA023A6D11B}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Game.exe => No File
FirewallRules: [{E0F01AB7-3ECB-47D0-A916-397DFF9CC50A}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Setup.exe => No File
FirewallRules: [{E221EE32-9F52-4F12-89F7-88DFF3072D77}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Setup.exe => No File
FirewallRules: [{AB1E3E8E-229A-4082-9DB4-5722CFD909D2}] => (Allow) C:\Program Files (x86)\Overwolf\0.242.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{6EDABE47-1673-4F65-ACDD-794C13EB47DB}] => (Allow) C:\Program Files (x86)\Overwolf\0.242.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{AB7D0A2F-3962-4852-9880-01539C6DDF16}] => (Block) C:\Program Files (x86)\Overwolf\0.242.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{6479B68E-A9C4-4B18-8AB9-BC0CE9E32F70}] => (Block) C:\Program Files (x86)\Overwolf\0.242.0.12\OverwolfBrowser.exe => No File
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2043a99b-d507-11eb-823c-2cf05d80969f} => removed successfully
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ce4afd11-cabd-11ee-83c5-2cf05d80969f} => removed successfully
"C:\WINDOWS\system32\GroupPolicy\Machine" Folder move:
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0251ccb3-1cd7-46a9-b500-fb733c63a7f5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{02e2d798-e0e3-40b7-84c4-e48b26eeaf9d}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08a42eef-a93f-4148-9aad-c83e67deeb5d}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0a52cd0c-a2a7-4d4b-9ec1-f795027a4b78}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1e342d9e-bef8-4262-8f82-8a6767b97756}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4c047d5f-5cba-465e-96d0-533e73d4fc83}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6245ac21-cb31-4f51-9751-cfd92f12638f}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{67d890a9-9a0c-4fbc-a0e5-90bcb60a93d7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9f5cbfec-5b46-44e2-ad39-9d4c1ae2e08c}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{b306eafe-fc6d-48ef-b00f-2cada2f7cc39}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{da77dee6-1414-4f1a-b087-3db1da4ed5d3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{dc6ad5f1-b019-4536-9280-2fd13c433b12}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{e1ccd1f9-3b3d-4250-b49b-fb6d7c72e035}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{e8a3206a-f36f-4be6-8028-7ee0eead1ee0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{f77872c3-d259-4237-b6b5-b653e0fceec9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{BD1E27DE-F9AA-40D1-BD56-F9397F21936B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BD1E27DE-F9AA-40D1-BD56-F9397F21936B}" => removed successfully
C:\WINDOWS\System32\Tasks\Avast Emergency Update => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Emergency Update" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{98074E30-AE19-4820-AB82-C7026512D553}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98074E30-AE19-4820-AB82-C7026512D553}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem124.0.6359.0{D807AB07-F30E-4FC0-A8A8-2A96FD097AC1} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem124.0.6359.0{D807AB07-F30E-4FC0-A8A8-2A96FD097AC1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{24B4EE1E-3100-4B35-A82C-8ADBD3301449}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24B4EE1E-3100-4B35-A82C-8ADBD3301449}" => removed successfully
C:\WINDOWS\System32\Tasks\OneDrive Reporting Task-S-1-5-21-2953557184-4198598645-1749663361-1002 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Reporting Task-S-1-5-21-2953557184-4198598645-1749663361-1002" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E1A67946-E35F-4CE2-BDD5-76E4FB8ED35C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E1A67946-E35F-4CE2-BDD5-76E4FB8ED35C}" => removed successfully
C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2953557184-4198598645-1749663361-1002 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Standalone Update Task-S-1-5-21-2953557184-4198598645-1749663361-1002" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B8CCCACD-63C3-421C-B272-8BACEC08855F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B8CCCACD-63C3-421C-B272-8BACEC08855F}" => removed successfully
C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2953557184-4198598645-1749663361-500 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Standalone Update Task-S-1-5-21-2953557184-4198598645-1749663361-500" => removed successfully
C:\Users\zelen\AppData\Roaming\2457fe3357cbf1220231e8917326f70f => moved successfully
C:\Users\zelen\AppData\Roaming\67fa1b1ba5b0ed2fad9c840a61e47ada => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
C:\Users\zelen\Desktop\AdwCleaner.exe => ":MBAM.Zone.Identifier" ADS removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Local Page"="C:\Windows\System32\blank.htm" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Local Page"="C:\Windows\SysWOW64\blank.htm" => value restored successfully
"HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5A1D52C7-4FE7-4767-8087-2D82AFE80702} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A02AF340-9084-41C2-8F5D-0096DD51FA24}C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{BD733FF3-1232-431E-B935-3AAF844C1639}C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DC1C63FA-C7E8-49BC-9B11-41E75E4AB409}C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CABFD30B-7FE1-48F8-9C24-A40EFEA785C4}C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F8A4C2F7-56E2-45A5-AF0D-C04A0B3BE0E2}C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7E7F907D-BA23-4C05-A070-4B74A546581A}C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CEE77283-FE72-47BF-A2CD-AE08086E2654}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{875F819F-AAD0-4008-BB6F-5BE6F2F10D64}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BFCC9E9D-2493-4780-B5E8-EB694098797F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F1876F77-1677-463E-AF35-986A75BADE88}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2F580671-3688-462B-9D95-790FFE0DC5CF}D:\program files\android\android studio\jre\bin\java.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DDBFA49E-60A3-4488-BE92-8C1F48663868}D:\program files\android\android studio\jre\bin\java.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C048214A-89D8-42B2-9011-EA213F0DD198}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5E245D6D-95BA-4DCB-B82C-A8ABAA5B3DD0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8F93317B-8970-49A3-B685-83A5F1794CAC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EC639165-1E19-47BE-8559-63422BEFF31D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A1A60BF8-3687-4421-B91C-68E7E13259B0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{78B71DE3-87F2-4C49-AC3A-FBC822D9BEAC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FE982B74-1D68-4373-84EE-3F8DA7F29025}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EC806B71-0A28-4DE4-9DFB-FBCCF68B8E83}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{63988F87-1F05-4392-9F38-22A4D8D9B478}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9FD47D40-2148-440D-AC2D-415E35FEDA3F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8A293FCE-D369-433B-9A1A-8A45854B57E3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{29055C62-DB32-4522-897E-9AB522E923F2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9B88F1B3-EA4E-469E-9ADA-90682C7BA2E7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F7613889-0340-45B5-9AA1-DA77CD8DC1E2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{36BE4E23-1370-482D-ABEA-4A7292763FA4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{76FE24A5-4694-4216-840E-690DDE3A43D8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6283C9E0-EFE4-4EEF-9B11-77A3E0CB66A2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{000B342C-81F1-41A5-B704-45809AA7F5C5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BCFD9621-95A2-4DEF-92A3-1894F76C9143}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7EC1CF1C-7A8C-4424-85AA-4758B873D6FB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9EBF7898-9377-4DE0-9216-FC324E806EB2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0B17498B-834B-4C4C-9D82-1DA023A6D11B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E0F01AB7-3ECB-47D0-A916-397DFF9CC50A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E221EE32-9F52-4F12-89F7-88DFF3072D77}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AB1E3E8E-229A-4082-9DB4-5722CFD909D2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6EDABE47-1673-4F65-ACDD-794C13EB47DB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AB7D0A2F-3962-4852-9880-01539C6DDF16}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6479B68E-A9C4-4B18-8AB9-BC0CE9E32F70}" => removed successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 63322923 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 249767220 B
Windows/system/drivers => 23722809 B
Edge => 0 B
Chrome => 684905131 B
Brave => 98332398 B
Firefox => 58112593 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 20413099 B
LocalService => 22944373 B
NetworkService => 22944373 B
zelen => 348081908 B
Zedko => 810656140 B
RecycleBin => 35954785 B
EmptyTemp: => 2.3 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 20:24:28 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 25.03.2024
Ran by zelen (25-03-2024 20:21:45) Run:1
Running from C:\Users\zelen\Desktop
Loaded Profiles: zelen & Zedko
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\MountPoints2: {2043a99b-d507-11eb-823c-2cf05d80969f} - "F:\startme.exe"
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\...\MountPoints2: {ce4afd11-cabd-11ee-83c5-2cf05d80969f} - "F:\CrossLink.exe"
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {0251ccb3-1cd7-46a9-b500-fb733c63a7f5} - no filepath. <==== ATTENTION
Task: {02e2d798-e0e3-40b7-84c4-e48b26eeaf9d} - no filepath. <==== ATTENTION
Task: {08a42eef-a93f-4148-9aad-c83e67deeb5d} - no filepath. <==== ATTENTION
Task: {0a52cd0c-a2a7-4d4b-9ec1-f795027a4b78} - no filepath. <==== ATTENTION
Task: {1e342d9e-bef8-4262-8f82-8a6767b97756} - no filepath. <==== ATTENTION
Task: {4c047d5f-5cba-465e-96d0-533e73d4fc83} - no filepath. <==== ATTENTION
Task: {6245ac21-cb31-4f51-9751-cfd92f12638f} - no filepath. <==== ATTENTION
Task: {67d890a9-9a0c-4fbc-a0e5-90bcb60a93d7} - no filepath. <==== ATTENTION
Task: {9f5cbfec-5b46-44e2-ad39-9d4c1ae2e08c} - no filepath. <==== ATTENTION
Task: {b306eafe-fc6d-48ef-b00f-2cada2f7cc39} - no filepath. <==== ATTENTION
Task: {da77dee6-1414-4f1a-b087-3db1da4ed5d3} - no filepath. <==== ATTENTION
Task: {dc6ad5f1-b019-4536-9280-2fd13c433b12} - no filepath. <==== ATTENTION
Task: {e1ccd1f9-3b3d-4250-b49b-fb6d7c72e035} - no filepath. <==== ATTENTION
Task: {e8a3206a-f36f-4be6-8028-7ee0eead1ee0} - no filepath. <==== ATTENTION
Task: {f77872c3-d259-4237-b6b5-b653e0fceec9} - no filepath. <==== ATTENTION
Task: {BD1E27DE-F9AA-40D1-BD56-F9397F21936B} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe (No File)
Task: {98074E30-AE19-4820-AB82-C7026512D553} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem124.0.6359.0{D807AB07-F30E-4FC0-A8A8-2A96FD097AC1} => C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC)
Task: {24B4EE1E-3100-4B35-A82C-8ADBD3301449} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2953557184-4198598645-1749663361-1002 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {E1A67946-E35F-4CE2-BDD5-76E4FB8ED35C} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2953557184-4198598645-1749663361-1002 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {B8CCCACD-63C3-421C-B272-8BACEC08855F} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2953557184-4198598645-1749663361-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
C:\Users\zelen\AppData\Roaming\2457fe3357cbf1220231e8917326f70f
C:\Users\zelen\AppData\Roaming\67fa1b1ba5b0ed2fad9c840a61e47ada
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
AlternateDataStreams: C:\Users\zelen\Desktop\AdwCleaner.exe:MBAM.Zone.Identifier [229]
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\S-1-5-21-2953557184-4198598645-1749663361-1001 -> DefaultScope {5A1D52C7-4FE7-4767-8087-2D82AFE80702} URL =
SearchScopes: HKU\S-1-5-21-2953557184-4198598645-1749663361-1001 -> {5A1D52C7-4FE7-4767-8087-2D82AFE80702} URL =
FirewallRules: [UDP Query User{A02AF340-9084-41C2-8F5D-0096DD51FA24}C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe] => (Allow) C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe => No File
FirewallRules: [TCP Query User{BD733FF3-1232-431E-B935-3AAF844C1639}C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe] => (Allow) C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe => No File
FirewallRules: [UDP Query User{DC1C63FA-C7E8-49BC-9B11-41E75E4AB409}C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe] => (Allow) C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe => No File
FirewallRules: [TCP Query User{CABFD30B-7FE1-48F8-9C24-A40EFEA785C4}C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe] => (Allow) C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe => No File
FirewallRules: [UDP Query User{F8A4C2F7-56E2-45A5-AF0D-C04A0B3BE0E2}C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe] => (Allow) C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe => No File
FirewallRules: [TCP Query User{7E7F907D-BA23-4C05-A070-4B74A546581A}C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe] => (Allow) C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe => No File
FirewallRules: [{CEE77283-FE72-47BF-A2CD-AE08086E2654}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{875F819F-AAD0-4008-BB6F-5BE6F2F10D64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{BFCC9E9D-2493-4780-B5E8-EB694098797F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [{F1876F77-1677-463E-AF35-986A75BADE88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [TCP Query User{2F580671-3688-462B-9D95-790FFE0DC5CF}D:\program files\android\android studio\jre\bin\java.exe] => (Allow) D:\program files\android\android studio\jre\bin\java.exe => No File
FirewallRules: [UDP Query User{DDBFA49E-60A3-4488-BE92-8C1F48663868}D:\program files\android\android studio\jre\bin\java.exe] => (Allow) D:\program files\android\android studio\jre\bin\java.exe => No File
FirewallRules: [{C048214A-89D8-42B2-9011-EA213F0DD198}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe => No File
FirewallRules: [{5E245D6D-95BA-4DCB-B82C-A8ABAA5B3DD0}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{8F93317B-8970-49A3-B685-83A5F1794CAC}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{EC639165-1E19-47BE-8559-63422BEFF31D}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{A1A60BF8-3687-4421-B91C-68E7E13259B0}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{78B71DE3-87F2-4C49-AC3A-FBC822D9BEAC}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{FE982B74-1D68-4373-84EE-3F8DA7F29025}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{EC806B71-0A28-4DE4-9DFB-FBCCF68B8E83}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{63988F87-1F05-4392-9F38-22A4D8D9B478}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{9FD47D40-2148-440D-AC2D-415E35FEDA3F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [{8A293FCE-D369-433B-9A1A-8A45854B57E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [{29055C62-DB32-4522-897E-9AB522E923F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{9B88F1B3-EA4E-469E-9ADA-90682C7BA2E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{F7613889-0340-45B5-9AA1-DA77CD8DC1E2}] => (Allow) C:\Program Files (x86)\Origin Games\Need For Speed Hot Pursuit Remastered\NFS11Remastered.exe => No File
FirewallRules: [{36BE4E23-1370-482D-ABEA-4A7292763FA4}] => (Allow) C:\Program Files (x86)\Origin Games\Need For Speed Hot Pursuit Remastered\NFS11Remastered.exe => No File
FirewallRules: [{76FE24A5-4694-4216-840E-690DDE3A43D8}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{6283C9E0-EFE4-4EEF-9B11-77A3E0CB66A2}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{000B342C-81F1-41A5-B704-45809AA7F5C5}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{BCFD9621-95A2-4DEF-92A3-1894F76C9143}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe => No File
FirewallRules: [{7EC1CF1C-7A8C-4424-85AA-4758B873D6FB}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => No File
FirewallRules: [{9EBF7898-9377-4DE0-9216-FC324E806EB2}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Game.exe => No File
FirewallRules: [{0B17498B-834B-4C4C-9D82-1DA023A6D11B}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Game.exe => No File
FirewallRules: [{E0F01AB7-3ECB-47D0-A916-397DFF9CC50A}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Setup.exe => No File
FirewallRules: [{E221EE32-9F52-4F12-89F7-88DFF3072D77}] => (Allow) D:\SteamLibrary\steamapps\common\Mafia\Mafia\Setup.exe => No File
FirewallRules: [{AB1E3E8E-229A-4082-9DB4-5722CFD909D2}] => (Allow) C:\Program Files (x86)\Overwolf\0.242.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{6EDABE47-1673-4F65-ACDD-794C13EB47DB}] => (Allow) C:\Program Files (x86)\Overwolf\0.242.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{AB7D0A2F-3962-4852-9880-01539C6DDF16}] => (Block) C:\Program Files (x86)\Overwolf\0.242.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{6479B68E-A9C4-4B18-8AB9-BC0CE9E32F70}] => (Block) C:\Program Files (x86)\Overwolf\0.242.0.12\OverwolfBrowser.exe => No File
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2043a99b-d507-11eb-823c-2cf05d80969f} => removed successfully
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ce4afd11-cabd-11ee-83c5-2cf05d80969f} => removed successfully
"C:\WINDOWS\system32\GroupPolicy\Machine" Folder move:
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0251ccb3-1cd7-46a9-b500-fb733c63a7f5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{02e2d798-e0e3-40b7-84c4-e48b26eeaf9d}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08a42eef-a93f-4148-9aad-c83e67deeb5d}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0a52cd0c-a2a7-4d4b-9ec1-f795027a4b78}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1e342d9e-bef8-4262-8f82-8a6767b97756}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4c047d5f-5cba-465e-96d0-533e73d4fc83}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6245ac21-cb31-4f51-9751-cfd92f12638f}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{67d890a9-9a0c-4fbc-a0e5-90bcb60a93d7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9f5cbfec-5b46-44e2-ad39-9d4c1ae2e08c}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{b306eafe-fc6d-48ef-b00f-2cada2f7cc39}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{da77dee6-1414-4f1a-b087-3db1da4ed5d3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{dc6ad5f1-b019-4536-9280-2fd13c433b12}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{e1ccd1f9-3b3d-4250-b49b-fb6d7c72e035}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{e8a3206a-f36f-4be6-8028-7ee0eead1ee0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{f77872c3-d259-4237-b6b5-b653e0fceec9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{BD1E27DE-F9AA-40D1-BD56-F9397F21936B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BD1E27DE-F9AA-40D1-BD56-F9397F21936B}" => removed successfully
C:\WINDOWS\System32\Tasks\Avast Emergency Update => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Emergency Update" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{98074E30-AE19-4820-AB82-C7026512D553}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98074E30-AE19-4820-AB82-C7026512D553}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem124.0.6359.0{D807AB07-F30E-4FC0-A8A8-2A96FD097AC1} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem124.0.6359.0{D807AB07-F30E-4FC0-A8A8-2A96FD097AC1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{24B4EE1E-3100-4B35-A82C-8ADBD3301449}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24B4EE1E-3100-4B35-A82C-8ADBD3301449}" => removed successfully
C:\WINDOWS\System32\Tasks\OneDrive Reporting Task-S-1-5-21-2953557184-4198598645-1749663361-1002 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Reporting Task-S-1-5-21-2953557184-4198598645-1749663361-1002" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E1A67946-E35F-4CE2-BDD5-76E4FB8ED35C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E1A67946-E35F-4CE2-BDD5-76E4FB8ED35C}" => removed successfully
C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2953557184-4198598645-1749663361-1002 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Standalone Update Task-S-1-5-21-2953557184-4198598645-1749663361-1002" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B8CCCACD-63C3-421C-B272-8BACEC08855F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B8CCCACD-63C3-421C-B272-8BACEC08855F}" => removed successfully
C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2953557184-4198598645-1749663361-500 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Standalone Update Task-S-1-5-21-2953557184-4198598645-1749663361-500" => removed successfully
C:\Users\zelen\AppData\Roaming\2457fe3357cbf1220231e8917326f70f => moved successfully
C:\Users\zelen\AppData\Roaming\67fa1b1ba5b0ed2fad9c840a61e47ada => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
C:\Users\zelen\Desktop\AdwCleaner.exe => ":MBAM.Zone.Identifier" ADS removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Local Page"="C:\Windows\System32\blank.htm" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Local Page"="C:\Windows\SysWOW64\blank.htm" => value restored successfully
"HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-2953557184-4198598645-1749663361-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5A1D52C7-4FE7-4767-8087-2D82AFE80702} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A02AF340-9084-41C2-8F5D-0096DD51FA24}C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{BD733FF3-1232-431E-B935-3AAF844C1639}C:\users\zelen\downloads\nanominer-windows-3.2.0-cuda11\nanominer-windows-3.2.0-cuda11\nanominer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DC1C63FA-C7E8-49BC-9B11-41E75E4AB409}C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CABFD30B-7FE1-48F8-9C24-A40EFEA785C4}C:\users\zelen\downloads\phoenixminer_5.5c_windows\phoenixminer_5.5c_windows\phoenixminer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F8A4C2F7-56E2-45A5-AF0D-C04A0B3BE0E2}C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7E7F907D-BA23-4C05-A070-4B74A546581A}C:\minerstat-windows\cli\clients\phoenix-eth\phoenixminer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CEE77283-FE72-47BF-A2CD-AE08086E2654}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{875F819F-AAD0-4008-BB6F-5BE6F2F10D64}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BFCC9E9D-2493-4780-B5E8-EB694098797F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F1876F77-1677-463E-AF35-986A75BADE88}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2F580671-3688-462B-9D95-790FFE0DC5CF}D:\program files\android\android studio\jre\bin\java.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DDBFA49E-60A3-4488-BE92-8C1F48663868}D:\program files\android\android studio\jre\bin\java.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C048214A-89D8-42B2-9011-EA213F0DD198}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5E245D6D-95BA-4DCB-B82C-A8ABAA5B3DD0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8F93317B-8970-49A3-B685-83A5F1794CAC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EC639165-1E19-47BE-8559-63422BEFF31D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A1A60BF8-3687-4421-B91C-68E7E13259B0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{78B71DE3-87F2-4C49-AC3A-FBC822D9BEAC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FE982B74-1D68-4373-84EE-3F8DA7F29025}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EC806B71-0A28-4DE4-9DFB-FBCCF68B8E83}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{63988F87-1F05-4392-9F38-22A4D8D9B478}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9FD47D40-2148-440D-AC2D-415E35FEDA3F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8A293FCE-D369-433B-9A1A-8A45854B57E3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{29055C62-DB32-4522-897E-9AB522E923F2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9B88F1B3-EA4E-469E-9ADA-90682C7BA2E7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F7613889-0340-45B5-9AA1-DA77CD8DC1E2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{36BE4E23-1370-482D-ABEA-4A7292763FA4}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{76FE24A5-4694-4216-840E-690DDE3A43D8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6283C9E0-EFE4-4EEF-9B11-77A3E0CB66A2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{000B342C-81F1-41A5-B704-45809AA7F5C5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BCFD9621-95A2-4DEF-92A3-1894F76C9143}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7EC1CF1C-7A8C-4424-85AA-4758B873D6FB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9EBF7898-9377-4DE0-9216-FC324E806EB2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0B17498B-834B-4C4C-9D82-1DA023A6D11B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E0F01AB7-3ECB-47D0-A916-397DFF9CC50A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E221EE32-9F52-4F12-89F7-88DFF3072D77}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AB1E3E8E-229A-4082-9DB4-5722CFD909D2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6EDABE47-1673-4F65-ACDD-794C13EB47DB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AB7D0A2F-3962-4852-9880-01539C6DDF16}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6479B68E-A9C4-4B18-8AB9-BC0CE9E32F70}" => removed successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 63322923 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 249767220 B
Windows/system/drivers => 23722809 B
Edge => 0 B
Chrome => 684905131 B
Brave => 98332398 B
Firefox => 58112593 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 20413099 B
LocalService => 22944373 B
NetworkService => 22944373 B
zelen => 348081908 B
Zedko => 810656140 B
RecycleBin => 35954785 B
EmptyTemp: => 2.3 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 20:24:28 ====
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Procesor stále pořád běží na 100%
OK. Bylo smazáno. Nastala změna k lepšímu?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Procesor stále pořád běží na 100%
Paráda, super. Podstatné zlepšení. Procesor už neběží stále na 100% ale proměnlivě a teplota CPU spadla z 90+ st. C na cca 58. Ohromný rozdíl, děkuji moc. Jste u mě jednička v řešení. Moc děkuji a klobouk dolů před Vámi upřímně. Ještě jednou moc děkuji a přeji příjemný večer a krásné dny
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Procesor stále pořád běží na 100%
Tak to jsem rád. Nemáte zač a také přeji hezký den! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?