VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

poprosim kontrolu logu (spomaleny až zasekany PC)

https://forum.viry.cz:443/viewtopic.php?t=159903

Stránka 1 z 1

poprosim kontrolu logu (spomaleny až zasekany PC)

Napsal: 23 srp 2024 18:30
od PureHate44
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-08.2024
Ran by PC1 (administrator) on DESKTOP-NORVJE6 (MSI MS-7A39) (23-08-2024 19:28:17)
Running from C:\Users\PC1\Desktop\FRST64 (1).exe
Loaded Profiles: PC1
Platform: Microsoft Windows 10 Home Version 22H2 19045.4780 (X64) Language: Slovenčina (Slovensko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE ->) (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files (x86)\WeatherZero\WeatherZeroService.exe ->) (Reaction Software Limited -> Weather Zero) C:\Program Files (x86)\WeatherZero\WeatherZero.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.125.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(cmd.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Discord Inc. -> Discord Inc.) C:\Users\PC1\AppData\Local\Discord\app-1.0.9159\Discord.exe <6>
(DriverStore\FileRepository\u0405203.inf_amd64_f475de4b004ff0ca\B405281\atiesrxx.exe ->) (Advanced Micro Devices -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0405203.inf_amd64_f475de4b004ff0ca\B405281\atieclxx.exe
(explorer.exe ->) (Adguard Software Limited -> Adguard Software Limited) C:\Program Files (x86)\Adguard\Adguard.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.125.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe <6>
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <17>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(services.exe ->) (Adguard Software Limited -> Adguard Software Limited) C:\Program Files (x86)\Adguard\AdguardSvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0405203.inf_amd64_f475de4b004ff0ca\B405281\atiesrxx.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\NisSrv.exe
(services.exe ->) (Reaction Software Limited -> Weather Information Service) C:\Program Files (x86)\WeatherZero\WeatherZeroService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11102816 2022-01-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [ACUW17EN] => C:\Program Files\ACD Systems\ACDSee Ultimate\17.0\acdIDInTouch2.exe [3508784 2024-01-13] (ACD Systems International Inc. -> ACD Systems International Inc.) [File not signed]
HKLM\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [7233056 2024-07-08] (Adguard Software Limited -> Adguard Software Limited)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2015-01-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [36733928 2024-08-17] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4407656 2024-07-17] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Run: [PC1] => cmd.exe /c start www.exinariuminix.info (No File) <==== ATTENTION
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [482128 2023-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44970408 2024-07-16] (Gen Digital Inc. -> Piriform Software Ltd)
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Run: [MicrosoftEdgeAutoLaunch_3ED1524B1F1362DAB86361CACD0A8016] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3814952 2024-08-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Run: [ACDSeeCommanderUltimate17] => C:\Program Files\ACD Systems\ACDSee Ultimate\17.0\ACDSeeCommanderUltimate17.exe [8257104 2024-01-13] (ACD Systems International Inc. -> ) [File not signed]
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Run: [Discord] => C:\Users\PC1\AppData\Local\Discord\Update.exe [1526552 2024-04-29] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Run: [AMDNoiseSuppression] => C:\WINDOWS\system32\AMD\ANR\AMDNoiseSuppression.exe [145336 2023-08-10] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [7233056 2024-07-08] (Adguard Software Limited -> Adguard Software Limited)
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [3380328 2024-08-23] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\MountPoints2: {283cab94-2c81-11ea-925c-309c239b7301} - "F:\setup.exe"
HKLM\...\Windows x64\Print Processors\Canon MG3600 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCT.DLL [30208 2023-07-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3600 series: C:\WINDOWS\system32\CNMLMCT.DLL [406528 2023-07-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [375296 2015-03-17] (CANON INC.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\128.0.6613.84\Installer\chrmstp.exe [2024-08-23] (Google LLC -> Google LLC)
IFEO\osppsvc.exe: [VerifierDlls] SppExtComObjHook.dll
IFEO\SppExtComObj.Exe: [VerifierDlls] SppExtComObjHook.dll
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {5D40A70B-906F-47F3-ADB4-826F898DC794} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1563080 2024-07-31] (Adobe Inc. -> Adobe Inc.)
Task: {EB38D2D3-9854-401B-BDFF-D9F93529BCCE} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030872 2024-05-09] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {21CC9769-D945-4977-B5C7-308113D41473} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030872 2024-05-09] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {398E64A3-B801-4BE2-ABFB-0CA8B59F0647} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [184024 2024-05-08] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {C9EE2F49-9A35-4606-8064-C015B14D20E1} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-05] (Avast Software s.r.o. -> Avast Software)
Task: {EA3A7B73-9018-48A2-B9A9-ACE08C2DCBCB} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-07-16] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {FDC29122-722C-4EB3-8FD0-285260CD7859} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5074848 2024-07-16] (Gen Digital Inc. -> Gen Digital Inc. All rights reserved.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "f629c2c0-113b-48e0-87af-a975de79342f" --version "6.26.11169" --silent
Task: {8A4A45D0-D188-4B76-B6A7-55090433182C} - System32\Tasks\CCleanerSkipUAC - PC1 => C:\Program Files\CCleaner\CCleaner.exe [38931368 2024-07-16] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {93A99B83-4F2A-4BD8-8C22-25FA2926AA64} - System32\Tasks\Google Play Games Notifier => C:\Program Files\Google\Play Games\Bootstrapper.exe [374376 2024-08-17] (Google LLC -> Google LLC)
Task: {12326B1B-153A-478E-81F7-A984DA02CFD1} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem129.0.6651.0{1BE8927B-63D8-40E7-83EA-C0722ACFD7B2} => C:\Program Files (x86)\Google\GoogleUpdater\129.0.6651.0\updater.exe [4906600 2024-08-11] (Google LLC -> Google LLC)
Task: {7EE7F7E0-3F0F-4093-9B95-D073D3BF70A0} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26166200 2022-09-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {9A172CAE-E594-4004-8274-80EA84D69601} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26166200 2022-09-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {A689333B-D9AD-4A1E-BE3E-5A99BCA6022A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143248 2022-11-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {3C9669D7-9BE7-4E1F-A396-4BA2DF95DED3} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143248 2022-11-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {DC7F1F62-2A22-455E-BD63-3A83557D2C67} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [65448 2022-11-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {8487B275-D178-4E77-88A7-78C1BF6695FF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8502776 2022-11-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {C2C716A0-254D-4164-84C2-6810D9A8B11F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8502776 2022-11-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {3F6AE67B-B3ED-4923-9B36-C6AE40B44271} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {126EE5FF-146B-406A-BF81-EBF5EF264BE3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {235F13E8-6F65-4DF9-BB95-E1FE168A0ED0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {945B61AB-1DE3-4C92-B180-CB5DF8381D40} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0A869273-4468-4DF8-9C3D-F068C3BC02D8} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030872 2024-05-09] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {4FB3A957-445C-4EFB-A0F8-0C00CB583A0E} - System32\Tasks\PC1 => C:\WINDOWS\system32\cmd.exe [289792 2024-05-17] (Microsoft Windows -> Microsoft Corporation) -> /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v PC1 /t REG_SZ /d "cmd.exe /c start www.exinariuminix.info" <==== ATTENTION
Task: {29C18D88-BE9E-4778-A260-6328474FB1D1} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60632 2024-05-08] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {49E5F8B1-AF76-4BC3-A669-A999B860A808} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [324312 2024-05-08] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-31] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{a3cfb294-eb5a-46bb-8e56-15ac18209a18}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{a3cfb294-eb5a-46bb-8e56-15ac18209a18}: [DhcpDomain] home

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\PC1\AppData\Local\Microsoft\Edge\User Data\Default [2024-08-18]
Edge Extension: (Dokumenty Google v režime offline) - C:\Users\PC1\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-07-12]
Edge Extension: (Edge relevant text changes) - C:\Users\PC1\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-04-07]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-06-27] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2019-07-02] (CANON INC.) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-06] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default [2024-08-23]
CHR DownloadDir: E:\Downloads\Filmy
CHR Notifications: Default -> hxxps://jutes.ru; hxxps://sibirem.ru; hxxps://slo.wikiwiex.com; hxxps://www.giveawayoftheday.com
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (AdBlock - najlepší blokovač reklám) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-08-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Profile: C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-08-17]
CHR Profile: C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Profile 4 [2024-08-17]
CHR Extension: (Torrent Scanner) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2024-04-28]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-07-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-04-28]
CHR Profile: C:\Users\PC1\AppData\Local\Google\Chrome\User Data\System Profile [2024-08-23]
CHR HKLM\...\Chrome\Extension: [joiapjkjgbcljoopaenlplkfapolkdhp]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [joiapjkjgbcljoopaenlplkfapolkdhp]

Opera:
=======
OPR Profile: C:\Users\PC1\AppData\Roaming\Opera Software\Opera Stable [2024-08-17]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Adguard Service; C:\Program Files (x86)\Adguard\AdguardSvc.exe [806944 2024-07-08] (Adguard Software Limited -> Adguard Software Limited)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-07-31] (Adobe Inc. -> Adobe Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15737128 2024-05-11] (BattlEye Innovations e.K. -> )
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1085864 2024-07-16] (Gen Digital Inc. -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12477392 2022-09-22] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4976976 2023-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [13902952 2024-08-23] (Electronic Arts, Inc. -> Electronic Arts)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-10-10] (Epic Games Inc. -> Epic Games, Inc.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [460488 2024-04-03] (Canon Inc. -> )
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpDefenderCoreService.exe [1427024 2024-08-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [6537200 2024-08-17] (Rockstar Games, Inc. -> Rockstar Games)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13353768 2021-09-15] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 ucldr_battlegrounds_gl; C:\Program Files\Common Files\Wellbia.com\ucldr_battlegrounds_gl.exe [5084200 2024-05-11] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\NisSrv.exe [3199648 2024-08-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WeatherZeroSvc; C:\Program Files (x86)\WeatherZero\WeatherZeroService.exe [3256744 2022-06-12] (Reaction Software Limited -> Weather Information Service)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MsMpEng.exe [133704 2024-08-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 zksvc; C:\Program Files\Common Files\PUBG\zksvc.exe [12486496 2024-06-28] (KRAFTON, Inc. -> KRAFTON, Inc)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 2C50ECBD; C:\WINDOWS\System32\drivers\2C50ECBD.sys [478392 2021-04-14] (Kaspersky Lab -> Kaspersky Lab ZAO)
R1 adgnetworkwfpdrv; C:\WINDOWS\System32\drivers\adgnetworkwfpdrv.sys [88744 2024-05-23] (Microsoft Windows Hardware Compatibility Publisher -> Adguard Software Limited)
S3 AIDA64Driver; C:\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [68376 2021-03-29] (FinalWire Kft. -> )
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [25688 2024-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [33504 2024-08-11] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
R2 AMDRyzenMasterDriverV20; C:\WINDOWS\system32\AMDRyzenMasterDriver.sys [58952 2024-05-08] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_54807f69fe156f14\amdsafd.sys [113088 2023-04-13] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 amduw23g; C:\WINDOWS\System32\DriverStore\FileRepository\u0405203.inf_amd64_f475de4b004ff0ca\B405281\amdkmdag.sys [106157352 2024-08-11] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [61888 2023-05-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2020-11-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2023-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [63696 2023-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 MpKsl3026d0ab; C:\WINDOWS\system32\MpEngineStore\MpKslDrv.sys [271640 2024-08-17] (Microsoft Windows -> Microsoft Corporation)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2022-07-04] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22080 2024-08-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [602504 2024-08-02] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2024-08-02] (Microsoft Windows -> Microsoft Corporation)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2022-10-12] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [215864 2024-05-24] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.)
S3 amdwddmg; \SystemRoot\System32\DriverStore\FileRepository\u0390451.inf_amd64_39377efdd62734d1\B390182\amdkmdag.sys [X]
S3 MpKsl7cd804ff; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4EE50D74-840B-42B0-9A5C-A4FA3FF166BB}\MpKslDrv.sys [X]
S3 rsDwf; \SystemRoot\system32\DRIVERS\rsDwf.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-08-23 19:29 - 2024-08-23 19:29 - 002397184 _____ (Farbar) C:\Users\PC1\Desktop\FRST64.exe
2024-08-23 19:28 - 2024-08-23 19:28 - 000027084 _____ C:\Users\PC1\Desktop\FRST.txt
2024-08-23 19:28 - 2024-08-23 19:28 - 000000000 ____D C:\Users\PC1\Desktop\FRST-OlderVersion
2024-08-17 19:16 - 2024-08-17 19:16 - 000000000 ___HD C:\$WinREAgent
2024-08-17 09:04 - 2024-08-17 09:04 - 000000000 ____D C:\WINDOWS\system32\MpEngineStore
2024-08-11 15:22 - 2024-08-11 15:22 - 007598784 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdadlx64.dll
2024-08-11 15:22 - 2024-08-11 15:22 - 007373616 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdadlx32.dll
2024-08-11 15:22 - 2024-08-11 15:22 - 002921768 _____ C:\WINDOWS\system32\amd-smi.exe
2024-08-11 15:22 - 2024-08-11 15:22 - 002287912 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdsasrv64.dll
2024-08-11 15:22 - 2024-08-11 15:22 - 002152744 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2024-08-11 15:22 - 2024-08-11 15:22 - 002101032 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2024-08-11 15:22 - 2024-08-11 15:22 - 002101032 _____ C:\WINDOWS\system32\vulkaninfo.exe
2024-08-11 15:22 - 2024-08-11 15:22 - 001797008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2024-08-11 15:22 - 2024-08-11 15:22 - 001797008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2024-08-11 15:22 - 2024-08-11 15:22 - 001726552 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll
2024-08-11 15:22 - 2024-08-11 15:22 - 001659288 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-08-11 15:22 - 2024-08-11 15:22 - 001659288 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2024-08-11 15:22 - 2024-08-11 15:22 - 001466168 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2024-08-11 15:22 - 2024-08-11 15:22 - 001466168 _____ C:\WINDOWS\system32\vulkan-1.dll
2024-08-11 15:22 - 2024-08-11 15:22 - 001400912 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2024-08-11 15:22 - 2024-08-11 15:22 - 001347768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdsacli64.dll
2024-08-11 15:22 - 2024-08-11 15:22 - 001307624 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2024-08-11 15:22 - 2024-08-11 15:22 - 001307624 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2024-08-11 15:22 - 2024-08-11 15:22 - 001254808 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2024-08-11 15:22 - 2024-08-11 15:22 - 001077280 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdsacli32.dll
2024-08-11 15:22 - 2024-08-11 15:22 - 001055528 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2024-08-11 15:22 - 2024-08-11 15:22 - 001031464 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2024-08-11 15:22 - 2024-08-11 15:22 - 000632208 _____ C:\WINDOWS\system32\GameManager64.dll
2024-08-11 15:22 - 2024-08-11 15:22 - 000591248 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2024-08-11 15:22 - 2024-08-11 15:22 - 000558888 _____ C:\WINDOWS\system32\atieah64.exe
2024-08-11 15:22 - 2024-08-11 15:22 - 000552888 _____ C:\WINDOWS\system32\amdmiracast.dll
2024-08-11 15:22 - 2024-08-11 15:22 - 000526232 _____ C:\WINDOWS\system32\EEURestart.exe
2024-08-11 15:22 - 2024-08-11 15:22 - 000479640 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2024-08-11 15:22 - 2024-08-11 15:22 - 000473488 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2024-08-11 15:22 - 2024-08-11 15:22 - 000449424 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2024-08-11 15:22 - 2024-08-11 15:22 - 000421680 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2024-08-11 15:22 - 2024-08-11 15:22 - 000280360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2024-08-11 15:22 - 2024-08-11 15:22 - 000236848 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2024-08-11 15:22 - 2024-08-11 15:22 - 000196392 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2024-08-11 15:22 - 2024-08-11 15:22 - 000190768 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2024-08-11 15:22 - 2024-08-11 15:22 - 000178872 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2024-08-11 15:22 - 2024-08-11 15:22 - 000168656 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2024-08-11 15:22 - 2024-08-11 15:22 - 000168552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2024-08-11 15:22 - 2024-08-11 15:22 - 000161808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2024-08-11 15:22 - 2024-08-11 15:22 - 000154152 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2024-08-11 15:22 - 2024-08-11 15:22 - 000150312 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2024-08-11 15:22 - 2024-08-11 15:22 - 000142632 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2024-08-11 15:22 - 2024-08-11 15:22 - 000140648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2024-08-11 15:22 - 2024-08-11 15:22 - 000140648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2024-08-11 15:22 - 2024-08-11 15:22 - 000140080 _____ C:\WINDOWS\system32\amdxc64.dll
2024-08-11 15:22 - 2024-08-11 15:22 - 000134312 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2024-08-11 15:22 - 2024-08-11 15:22 - 000117040 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2024-08-11 15:22 - 2024-08-11 15:22 - 000116520 _____ C:\WINDOWS\SysWOW64\amdxc32.dll
2024-08-11 15:22 - 2024-08-11 15:22 - 000075160 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2024-08-11 15:21 - 2024-08-11 15:21 - 113329392 _____ C:\WINDOWS\system32\amdxc64.so
2024-08-11 15:21 - 2024-08-11 15:21 - 001344456 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2024-08-11 15:20 - 2024-08-11 15:20 - 006160840 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2024-08-11 15:20 - 2024-08-11 15:20 - 000052344 _____ (Advanced Micro Devices, Inc) C:\WINDOWS\system32\Drivers\amdgpio2.sys
2024-08-11 15:20 - 2024-08-11 15:20 - 000039048 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AMDPCIDev.sys
2024-08-11 15:20 - 2024-08-11 15:20 - 000033504 _____ (Advanced Micro Devices, Inc) C:\WINDOWS\system32\Drivers\amdgpio3.sys
2024-08-11 15:14 - 2024-08-17 14:34 - 000000000 ____D C:\ProgramData\ProductData
2024-08-11 15:13 - 2024-08-17 14:34 - 000000000 ____D C:\Program Files (x86)\IObit

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-08-23 19:28 - 2024-01-14 13:52 - 002397184 _____ (Farbar) C:\Users\PC1\Desktop\FRST64 (1).exe
2024-08-23 19:28 - 2021-06-26 13:26 - 000000000 ____D C:\Program Files (x86)\Steam
2024-08-23 19:28 - 2020-12-19 11:48 - 000000000 ____D C:\FRST
2024-08-23 19:26 - 2024-05-05 12:00 - 000000000 ____D C:\Users\PC1\AppData\Roaming\discord
2024-08-23 19:25 - 2024-07-07 21:18 - 000000000 ____D C:\ProgramData\EA Desktop
2024-08-23 19:25 - 2024-05-05 12:00 - 000000000 ____D C:\Users\PC1\AppData\Local\Discord
2024-08-23 19:24 - 2024-06-30 14:52 - 000000000 ____D C:\ProgramData\Adguard
2024-08-23 19:24 - 2024-06-14 18:50 - 000003114 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2024-08-23 19:24 - 2024-06-14 18:50 - 000003106 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2024-08-23 19:24 - 2021-03-09 16:44 - 000000000 ____D C:\Users\PC1\AppData\Local\CrashDumps
2024-08-23 19:24 - 2020-12-20 11:32 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-08-23 19:23 - 2021-01-02 13:33 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2024-08-23 19:23 - 2020-12-20 11:44 - 000000000 ____D C:\Users\PC1
2024-08-23 19:23 - 2020-12-20 11:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-08-23 19:23 - 2020-12-20 11:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-08-23 19:23 - 2020-11-07 11:27 - 000008192 ___SH C:\DumpStack.log.tmp
2024-08-23 19:15 - 2020-12-20 11:32 - 000000000 ___HD C:\Program Files\WindowsApps
2024-08-23 19:14 - 2020-12-20 11:32 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-08-23 19:13 - 2022-02-10 23:30 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3805889190-2908880830-1705731779-1001
2024-08-23 19:13 - 2022-01-22 14:11 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3805889190-2908880830-1705731779-1001
2024-08-23 19:13 - 2020-12-20 11:44 - 000002365 _____ C:\Users\PC1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-08-23 19:10 - 2021-12-16 22:47 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-08-23 19:10 - 2020-12-20 12:00 - 000002259 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-08-23 19:10 - 2020-12-20 12:00 - 000002218 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-08-23 19:09 - 2024-05-05 12:00 - 000002237 _____ C:\Users\PC1\Desktop\Discord.lnk
2024-08-23 19:08 - 2024-06-30 14:52 - 000000000 ____D C:\Program Files (x86)\Adguard
2024-08-19 04:48 - 2020-12-20 11:27 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-08-19 04:22 - 2020-12-20 11:55 - 000000000 ____D C:\Users\PC1\AppData\Local\D3DSCache
2024-08-18 20:41 - 2024-05-25 12:43 - 000000000 ____D C:\Users\PC1\Desktop\Mody
2024-08-18 20:40 - 2024-04-13 16:14 - 000000000 ____D C:\Users\PC1\AppData\Roaming\Atlas
2024-08-18 16:50 - 2022-05-12 20:30 - 000655020 _____ C:\WINDOWS\system32\perfh01B.dat
2024-08-18 16:50 - 2022-05-12 20:30 - 000126030 _____ C:\WINDOWS\system32\perfc01B.dat
2024-08-18 16:50 - 2020-12-20 11:53 - 001547408 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-08-18 16:50 - 2020-12-20 11:31 - 000000000 ____D C:\WINDOWS\INF
2024-08-18 12:38 - 2022-05-05 20:54 - 000306624 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-08-18 12:36 - 2020-12-20 11:32 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-08-18 12:36 - 2020-12-20 11:32 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-08-18 12:36 - 2020-12-20 11:32 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-08-18 12:36 - 2020-12-20 11:32 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-08-18 12:36 - 2020-12-20 11:32 - 000000000 ____D C:\WINDOWS\SystemResources
2024-08-18 12:36 - 2020-12-20 11:32 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-08-18 12:36 - 2020-12-20 11:32 - 000000000 ____D C:\WINDOWS\system32\setup
2024-08-18 12:36 - 2020-12-20 11:32 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-08-18 12:36 - 2020-12-20 11:32 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-08-18 12:36 - 2020-12-20 11:32 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-08-18 12:36 - 2020-12-20 11:32 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-08-18 12:36 - 2020-12-20 11:32 - 000000000 ____D C:\WINDOWS\Provisioning
2024-08-18 12:36 - 2020-12-20 11:32 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-08-18 10:19 - 2020-12-20 11:28 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-08-17 15:10 - 2024-03-31 14:40 - 000000000 ____D C:\Users\PC1\AppData\Roaming\Ovix
2024-08-17 15:02 - 2021-10-08 19:04 - 000000000 ____D C:\Users\PC1\AppData\Roaming\Kodi
2024-08-17 14:42 - 2023-05-17 18:09 - 000000000 ____D C:\WINDOWS\Minidump
2024-08-17 14:42 - 2023-04-05 08:10 - 000000000 ____D C:\Program Files\CCleaner
2024-08-17 14:34 - 2022-01-30 18:11 - 000000000 ____D C:\Users\PC1\AppData\Roaming\IObit
2024-08-17 10:45 - 2020-12-20 11:32 - 000000000 ____D C:\WINDOWS\schemas
2024-08-17 09:29 - 2020-12-20 11:43 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-08-17 09:02 - 2020-12-20 12:41 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-08-17 09:01 - 2020-12-20 12:41 - 197093640 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-08-17 08:58 - 2020-12-23 18:30 - 000002282 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-08-17 08:58 - 2020-06-10 21:36 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-08-17 08:46 - 2022-04-03 11:14 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-08-11 17:41 - 2023-04-05 08:10 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-08-11 15:25 - 2024-04-20 14:27 - 000000000 ____D C:\ProgramData\Package Cache
2024-08-09 20:46 - 2024-06-14 18:30 - 000000000 ____D C:\Users\PC1\AppData\Local\AMD_Common
2024-08-04 14:57 - 2020-12-20 11:55 - 000000000 ____D C:\Users\PC1\AppData\Local\Packages
2024-08-03 08:37 - 2023-05-23 21:38 - 000000000 ____D C:\Users\PC1\AppData\Local\ElevatedDiagnostics
2024-08-03 08:13 - 2023-04-05 08:10 - 000002824 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2024-08-03 08:13 - 2023-04-05 08:10 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-08-02 22:51 - 2024-07-05 08:51 - 000000000 ____D C:\ProgramData\CanonIJPLM
2024-08-02 19:09 - 2020-12-20 11:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-07-28 13:44 - 2022-01-30 15:15 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-07-28 13:44 - 2022-01-30 15:15 - 000003508 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

==================== Files in the root of some directories ========

2024-05-16 23:47 - 2024-05-16 23:47 - 000000255 _____ () C:\ProgramData\fontcacheev1.dat
2021-06-06 10:33 - 2021-07-21 21:43 - 000000055 _____ () C:\Users\PC1\AppData\Roaming\EHWID.txt
2022-08-12 17:55 - 2023-09-16 20:35 - 000208896 _____ () C:\Users\PC1\AppData\Roaming\emp.bin
2021-06-06 10:33 - 2021-12-12 19:52 - 000000011 _____ () C:\Users\PC1\AppData\Roaming\EPW.txt
2021-06-06 10:33 - 2021-07-21 21:43 - 000000009 _____ () C:\Users\PC1\AppData\Roaming\ERole.txt
2021-06-06 10:33 - 2021-12-12 19:52 - 000000012 _____ () C:\Users\PC1\AppData\Roaming\EUser.txt
2021-03-07 20:58 - 2021-03-07 20:58 - 000016438 _____ () C:\Users\PC1\AppData\Local\partner.bmp

==================== FCheck ================================

(If an entry is included in the fixlist, the file/folder will be moved.)

FCheck: C:\WINDOWS\SysWOW64\version_IObitDel.dll [2023-04-04] <==== ATTENTION (zero byte File/Folder)

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Re: poprosim kontrolu logu (spomaleny až zasekany PC)

Napsal: 23 srp 2024 18:31
od PureHate44
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-08.2024
Ran by PC1 (23-08-2024 19:29:25)
Running from C:\Users\PC1\Desktop
Microsoft Windows 10 Home Version 22H2 19045.4780 (X64) (2020-12-20 09:55:41)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3805889190-2908880830-1705731779-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3805889190-2908880830-1705731779-503 - Limited - Disabled)
Guest (S-1-5-21-3805889190-2908880830-1705731779-501 - Limited - Disabled)
PC1 (S-1-5-21-3805889190-2908880830-1705731779-1001 - Administrator - Enabled) => C:\Users\PC1
WDAGUtilityAccount (S-1-5-21-3805889190-2908880830-1705731779-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AC: Mirage CZ v2.4 (HKLM-x32\...\AC: Mirage CZ) (Version: 2.4 - Squiee)
ACDSee Photo Studio Ultimate 2024 (HKLM\...\{CC0967A6-A164-4B21-8F6B-B4BBF9CC405B}) (Version: 17.0.2.3593 - ACD Systems International Inc.)
AdGuard (HKLM\...\{A8CDCD01-B65F-4169-A3A9-F13EEBA31ED3}) (Version: 7.18.4778.0 - Adguard Software Limited) Hidden
AdGuard (HKLM-x32\...\{b19c26fb-8052-47ef-840e-b5f2fe6b3e04}) (Version: 7.18.4778.0 - Adguard Software Limited)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1051-1033-7760-BC15014EA700}) (Version: 24.002.20895 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601091}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AIDA64 Extreme v6.33 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 6.33 - FinalWire Ltd.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 24.5.1 - Advanced Micro Devices, Inc.)
Bandicam (HKLM-x32\...\Bandicam) (Version: 5.4.3.1923 - Bandicam.com)
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Branding64 (HKLM\...\{492AEFBE-1B81-4C20-A111-E6974BB98EC5}) (Version: 1.00.0009 - Advanced Micro Devices, Inc.) Hidden
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.4.4 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.7.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.20.13 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.6.0 - Canon Inc.)
Canon MG3600 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3600_series) (Version: 1.02 - Canon Inc.)
Canon MG3600 series On-screen Manual (HKLM-x32\...\Canon MG3600 series On-screen Manual) (Version: 7.8.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.4 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.26 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 11.1.0.2051 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Discord (HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Discord) (Version: 1.0.9044 - Discord Inc.)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 13.280.0.5793 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{f5596d28-8013-4658-8c2a-1f9d7e4ccaf0}) (Version: 13.280.0.5793 - Electronic Arts)
Epic Games Launcher (HKLM-x32\...\{FEF3A9BA-A962-4469-AD62-04839D4BB847}) (Version: 1.1.298.0 - Epic Games, Inc.)
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 128.0.6613.84 - Google LLC)
Hry Google Play beta (HKLM\...\GooglePlayGames) (Version: 24.7.1042.5 - Google LLC)
Cheat Engine 7.2 (HKLM\...\Cheat Engine_is1) (Version: - Cheat Engine)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kodi (HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Kodi) (Version: 19.1.0.0 - XBMC Foundation)
Listové obálky 3.0.5 (HKLM-x32\...\Listové obálky 3.0.5) (Version: 3.0.5 - SevTech Technology)
Mafia Rise and Fall (HKLM-x32\...\{4CA86A10-D29E-4A89-A3DE-15084D894E4A}) (Version: 1.5.3 - 7K Czech Studio) Hidden
Mafia Rise and Fall (HKLM-x32\...\Mafia Rise and Fall 1.5.3) (Version: 1.5.3 - 7K Czech Studio)
me.fo (HKLM\...\me.fo) (Version: 1.0 - me.fo)
Microsoft .NET Core Host - 3.1.14 (x64) (HKLM\...\{AA5D2A79-FD51-463E-8E46-A7A49E06B2B7}) (Version: 24.120.29915 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.14 (x64) (HKLM\...\{56891BC5-6A4F-4413-8F11-216CCB56C8B7}) (Version: 24.120.29915 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.14 (x64) (HKLM\...\{B6275576-0664-41E9-96A4-EEFB4636A8F1}) (Version: 24.120.29915 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 127.0.2651.105 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 127.0.2651.105 - Microsoft Corporation)
Microsoft Office LTSC Professional Plus 2021 - en-us (HKLM\...\ProPlus2021Volume - en-us) (Version: 16.0.15629.20156 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\OneDriveSetup.exe) (Version: 24.156.0804.0002 - Microsoft Corporation)
Microsoft Project Professional 2021 - en-us (HKLM\...\ProjectPro2021Volume - en-us) (Version: 16.0.15629.20156 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visio LTSC Professional 2021 - en-us (HKLM\...\VisioPro2021Volume - en-us) (Version: 16.0.15629.20156 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29016 (HKLM-x32\...\{40d3fee2-b257-46c2-bdc0-cb1088d97327}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33135 (HKLM-x32\...\{c649ede4-f16a-4486-a117-dcc2f2a35165}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.31.31103 (HKLM-x32\...\{41d7b770-418a-43b7-95a5-f925fff05789}) (Version: 14.31.31103.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.38.33135 (HKLM-x32\...\{46c3b171-c15c-4137-8e1d-67eeb2985b44}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33135 (HKLM\...\{19AFE054-CA83-45D5-A9DB-4108EF4BD391}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33135 (HKLM\...\{AA0C8AB5-7297-4D46-A0D9-08096FE59E46}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.38.33135 (HKLM-x32\...\{9C19C103-7DB1-44D1-A039-2C076A633A38}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.38.33135 (HKLM-x32\...\{286DC39B-5FB7-4AFF-9DD4-22DB47664CD7}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.14 (x64) (HKLM\...\{454826CD-4B06-4058-B225-536536F9CA93}) (Version: 24.120.29915 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15629.20156 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Outlast (HKLM-x32\...\Outlast_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
Outlook (HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 - Outlook)
PowerPoint (HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9071.1 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Registrácia používateľa produktu Canon MG3600 series (HKLM-x32\...\Registrácia používateľa produktu Canon MG3600 series) (Version: - ‭Canon Inc.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.93.2040 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.3.3.5 - Rockstar Games)
RyzenMasterSDK (HKLM\...\{A4C57FE6-B033-4436-ADB6-3BCDB7616D69}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden
Shutdown Timer (HKLM-x32\...\{5E1DDD46-A5AF-4A06-B0FC-9C3E510BE742}) (Version: 1.0.0 - Newton Software Solutions)
Silent Hill 2 (CZ Dabing) (HKLM-x32\...\FPD_SH2_is1) (Version: 1.0 - Fénix ProDabing)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.22.3 - TeamViewer)
Total Commander Extended (HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Total Commander Extended) (Version: 22.2 - BurSoft)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 151.2.11050 - Ubisoft)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
Universal Adb Driver (HKLM-x32\...\{C0E08D8D-6076-4117-B644-2AF34F35B757}) (Version: 1.0.4 - ClockworkMod)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{85C69797-7336-4E83-8D97-32A7C8465A3B}) (Version: 8.94.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.3.22 - Black Tree Gaming Ltd.)
Vysor (HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\vysor) (Version: 5.0.7 - Vysor Inc.)
Vzum (HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\6cfa0c5674100ff8) (Version: 1.0.0.46 - Vzum)
Way of the Hunter (HKLM-x32\...\1350104287_is1) (Version: 1.25e - GOG.com)
WeatherZero (HKLM-x32\...\WeatherZero) (Version: - Weather Zero)
WeMod (HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\WeMod) (Version: 7.1.22 - WeMod)
Winaero Tweaker (HKLM\...\Winaero Tweaker_is1) (Version: 1.62.1.0 - Winaero)
Windows Kontrola stavu počítača (HKLM\...\{8D6B9DC1-A437-41E0-8DF1-9F37748394AE}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Windows Kontrola stavu počítača (HKLM\...\{DC04D0BB-5702-4932-ACFF-D39065DCB089}) (Version: 3.1.2109.29003 - Microsoft Corporation)
WinRAR 5.80 Final (HKLM-x32\...\WinRAR 5.80 Final) (Version: 5.80 - Crackingpatching.com Team)
WinRAR 6.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.01.0 - win.rar GmbH)
Wise Program Uninstaller 2.5.1 (HKLM-x32\...\Wise Program Uninstaller_is1) (Version: 2.5.1 - WiseCleaner.com, Inc.)
Word (HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\1b837d0bf93d01407352736c91b7bf50) (Version: 1.0 - Word)

Packages:
=========

Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-06-22] ()
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2023-04-30] (Canon Inc.)
Doplnok mediálneho nástroja pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-04-30] (Microsoft Corporation)
Excel -> C:\Program Files\WindowsApps\excel.office.com-4362FB92_1.0.0.0_neutral__2vp2pd36ganw2 [2023-04-30] (excel.office.com)
Excel -> C:\Program Files\WindowsApps\excel.office.com-72EAE3D_1.0.0.1_neutral__2vp2pd36ganw2 [2023-10-15] (excel.office.com)
Vyhľadávanie na webe z Microsoft Bingu -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.95.0_x64__8wekyb3d8bbwe [2024-07-26] (Microsoft Corporation)
XLSX Viewer Free -> C:\Program Files\WindowsApps\62307pauljohn.XLSXViewerFree_1.1.0.2_x86__7sv5v3m8wq0b2 [2023-04-30] (pauljohn)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3805889190-2908880830-1705731779-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3805889190-2908880830-1705731779-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3805889190-2908880830-1705731779-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3805889190-2908880830-1705731779-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3805889190-2908880830-1705731779-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3805889190-2908880830-1705731779-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3805889190-2908880830-1705731779-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3805889190-2908880830-1705731779-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3805889190-2908880830-1705731779-1001_Classes\CLSID\{6282d2e9-5906-bbf9-4b71-0c2869c6a835}\localserver32 -> C:\Program Files\Google\Play Games\current\service\Service.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3805889190-2908880830-1705731779-1001_Classes\CLSID\{6a27a1a9-7be8-1491-04ca-ee68a211c258}\localserver32 -> C:\Program Files\Google\Play Games\current\service\Service.exe (Google LLC -> Google LLC)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers1: [PicaViewCtxMenuShlExt] -> {F3CBBA61-EE3F-4D6D-B1C6-B3474E579936} => C:\Program Files\Common Files\ACD Systems\PicaView\ACDSeePV.dll [2023-09-28] (ACD Systems International Inc. -> ACD Systems International Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2023-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2023-04-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.mjpg] => C:\WINDOWS\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\WINDOWS\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\WINDOWS\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> )

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\PC1\Desktop\Peter - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\PC1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb
ShortcutWithArgument: C:\Users\PC1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=opfacbhaojodjaojgocnibmklknchehf
ShortcutWithArgument: C:\Users\PC1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=hikhggiobiflkdfdgdajcfklmcibbopi
ShortcutWithArgument: C:\Users\PC1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\48499db33039e897\Katarina - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 4"

==================== Loaded Modules (Whitelisted) =============

2024-07-05 12:54 - 2023-08-02 10:59 - 000594432 _____ (CANON INC.) [File not signed] [File is in use] C:\Program Files (x86)\Canon\Quick Menu\CNQMMWRP.dll
2024-01-04 13:39 - 2015-01-09 09:44 - 000104960 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_IMG.dll
2024-01-04 13:39 - 2015-01-09 09:46 - 000008192 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNSS_SKY.DLL
2024-07-05 12:54 - 2017-07-05 13:43 - 000561152 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\Quick Menu\CCL.dll
2024-01-04 13:39 - 2015-03-17 09:51 - 000375296 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2016-06-14 01:06 - 2016-06-14 01:06 - 000447488 _____ (Newtonsoft) [File not signed] [File is in use] C:\Program Files (x86)\WeatherZero\Newtonsoft.Json.dll
2024-08-23 19:09 - 2024-08-23 19:09 - 002849280 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libcrypto-1_1-x64.dll
2024-08-23 19:09 - 2024-08-23 19:09 - 000685056 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libssl-1_1-x64.dll
2024-08-23 19:09 - 2024-08-23 19:09 - 000046592 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\bearer\qgenericbearer.dll
2024-08-23 19:09 - 2024-08-23 19:09 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Core.dll
2024-08-23 19:09 - 2024-08-23 19:09 - 001389568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Network.dll
2024-08-23 19:09 - 2024-08-23 19:09 - 000157184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebSockets.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\PC1\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\PC1\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\PC1\Documents\tata.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\PC1\Documents\tata.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\2C50ECBD.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\2C50ECBD.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-11-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-11-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-11-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-11-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-11-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-11-06] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2020-12-20 11:33 - 2024-04-07 09:46 - 000000753 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\PC1\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.100.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 0)
Windows Firewall is disabled.

Network Binding:
=============
Ethernet: Realtek PCIe GbE Family Controller -> rt640x64.sys

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "ACUW17EN"
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\StartupApproved\Run: => "utweb"
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\StartupApproved\Run: => "BitTorrent"
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_3ED1524B1F1362DAB86361CACD0A8016"
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\StartupApproved\Run: => "ut"
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\StartupApproved\Run: => "ProtonVPN"
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\StartupApproved\Run: => "ACDSeeCommanderUltimate17"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{76479D23-BABB-4B44-8CA5-99040CC858D8}] => (Allow) E:\Program Files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{B8813231-8AC4-4057-A6EB-9F8ED2076275}] => (Allow) E:\Program Files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{C264E3BA-A0C9-461A-BB44-6FF4D813E63D}] => (Allow) E:\Program Files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{25674321-2BB6-4356-AB23-C5100729084B}] => (Allow) E:\Program Files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{BC53F919-759A-4705-BB28-C3C739726D24}] => (Allow) E:\Program Files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{1D9454E8-FDFC-4A4B-89A9-87E90C5AA454}] => (Allow) E:\Program Files\txgameassistant\appmarket\DL\syzs_dl_svr.exe (Tencent Technology(Shenzhen) Company Limited -> )
FirewallRules: [{F80FBF77-6901-481B-A37C-A3C01DADD01C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7A5D25BB-4C86-4BED-9EC9-B19527115BD6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{81680637-CA08-4B3B-BA04-B74773689984}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{EB9C9D5E-7D50-49C8-A0F2-6C4DF20A864F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{067876AE-4B1F-4377-9894-02C446E96B37}C:\program files\kodi\kodi.exe] => (Allow) C:\program files\kodi\kodi.exe (XBMC Foundation) [File not signed]
FirewallRules: [UDP Query User{A8D6CCC3-8968-455D-85DF-EBB03F73D892}C:\program files\kodi\kodi.exe] => (Allow) C:\program files\kodi\kodi.exe (XBMC Foundation) [File not signed]
FirewallRules: [{D142A9B5-2F0C-44B4-BED0-F8F07DACB470}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F593AD16-ED6C-4530-89D3-90FA278E847C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{161A6779-F0A4-4190-BAF8-B3EC8B275E88}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4575926B-6A4D-48A7-9802-D730BD3D9D19}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{80305859-4AD6-4694-BEFB-44F70F84AA5E}E:\downloads\utorrent proň\app\utorrent\utorrent.exe] => (Allow) E:\downloads\utorrent proň\app\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{5EAA7E47-BF4D-4AE4-B62B-700F3DC8B91E}E:\downloads\utorrent proň\app\utorrent\utorrent.exe] => (Allow) E:\downloads\utorrent proň\app\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{BBFD9845-CC66-4908-8904-9D485F3E1D53}E:\games\gtav\gta5.exe] => (Allow) E:\games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{D4E2F7FD-69A6-4350-8F57-5775E2CFB339}E:\games\gtav\gta5.exe] => (Allow) E:\games\gtav\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{94BA773D-B0E2-445E-B4CB-539CF4E4E68F}] => (Allow) C:\Users\PC1\Desktop\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{CAD922A9-084C-40CA-AF6C-005346A88CBF}] => (Allow) C:\Users\PC1\Desktop\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{3E4F4325-09B7-4FD3-9DE6-E7DD4A2C78FF}] => (Allow) C:\Users\PC1\Desktop\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{6130ED8F-5403-429D-B165-5C9BA248C43F}] => (Allow) C:\Users\PC1\Desktop\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{D7486B0B-DB21-47E6-8650-720A542C4B04}] => (Allow) C:\Users\PC1\Desktop\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{97E56F57-7765-4CFB-BF3C-E8EF8024511D}] => (Allow) C:\Users\PC1\Desktop\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{EF71EE75-A81A-49E0-940A-37DACFECC122}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7C811459-E796-4592-A4C8-7E9FFB2D2542}] => (Allow) LPort=1688
FirewallRules: [{5B231404-9BAD-4642-9647-17C049181903}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{403A40A6-1402-42D9-8E0B-C526E70DD897}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{C9CF08FC-7AD2-4F48-8088-F19EA7764AB6}] => (Allow) E:\Downloads\Hry\Red Dead Redemption 2 - Ultimate Edition (v1.0.1436.28 + MULTi13)\Red Dead Redemption 2\RDR2.exe (Rockstar Games, Inc. -> Rockstar Games) [File not signed]
FirewallRules: [{29E40350-0986-436B-9682-946E2195CCA2}] => (Allow) E:\Downloads\Hry\Red Dead Redemption 2 - Ultimate Edition (v1.0.1436.28 + MULTi13)\Red Dead Redemption 2\RDR2.exe (Rockstar Games, Inc. -> Rockstar Games) [File not signed]
FirewallRules: [{08F1640E-752A-47DA-B0F3-0A106FB96580}] => (Allow) C:\Total Commander Extended\Soft\uTorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{FDDDA88B-1837-4ABC-9DD2-A3EB015704ED}] => (Allow) C:\Total Commander Extended\Soft\uTorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{BDCCDF2D-A885-4BA4-A86F-76509F8A8D2C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\game\bin\win64\cs2.exe (Valve Corp. -> )
FirewallRules: [{CC82E76F-7EF8-46DE-8308-2C3AD8459F6A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\game\bin\win64\cs2.exe (Valve Corp. -> )
FirewallRules: [{D6B88292-0AE8-4163-B3A5-C279AB158560}] => (Allow) E:\SteamLibrary\steamapps\common\Red Dead Redemption 2\RDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{DAA50178-2626-42D4-AC6A-F11B63E46B60}] => (Allow) E:\SteamLibrary\steamapps\common\Red Dead Redemption 2\RDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{CAC37038-71B2-45A2-B1A6-287F8ABB660A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AE8FD613-FDA8-4F92-8AA8-08203DDA00BD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DB553EDA-5E22-4050-9904-2D4A7D9C04C8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9C2462DD-3DA7-4A3E-9861-7284469F3FB3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [ACDSee Ultimate 2024 TCP] => (Allow) C:\Program Files\ACD Systems\ACDSee Ultimate\17.0\ACDSeeUltimate2024.exe (ACD Systems International Inc. -> ACD Systems International Inc.) [File not signed]
FirewallRules: [ACDSee Ultimate 2024 UDP] => (Allow) C:\Program Files\ACD Systems\ACDSee Ultimate\17.0\ACDSeeUltimate2024.exe (ACD Systems International Inc. -> ACD Systems International Inc.) [File not signed]
FirewallRules: [ACDSee Commander Ultimate 2024 TCP] => (Allow) C:\Program Files\ACD Systems\ACDSee Ultimate\17.0\ACDSeeCommanderUltimate17.exe (ACD Systems International Inc. -> ) [File not signed]
FirewallRules: [ACDSee Commander Ultimate 2024 UDP] => (Allow) C:\Program Files\ACD Systems\ACDSee Ultimate\17.0\ACDSeeCommanderUltimate17.exe (ACD Systems International Inc. -> ) [File not signed]
FirewallRules: [{24D6C2D2-685D-42D0-9041-2035A9647320}] => (Allow) C:\Users\PC1\Desktop\Mody\launcher (2).exe () [File not signed]
FirewallRules: [{BD77046E-A53D-4282-B5F3-12AE17D581F7}] => (Allow) C:\Users\PC1\Desktop\Mody\launcher (2).exe () [File not signed]
FirewallRules: [{4F8BCF85-0EB5-42BC-AFB5-2C3D631E1C0D}] => (Allow) E:\SteamLibrary\steamapps\common\Mafia\Mafia\Game.exe (Illusion Softworks) [File not signed]
FirewallRules: [{74D1EE83-9853-4AF7-BD22-3DC92DF902BA}] => (Allow) E:\SteamLibrary\steamapps\common\Mafia\Mafia\Game.exe (Illusion Softworks) [File not signed]
FirewallRules: [{19C4C11C-FA80-4688-B40B-3AE7566F2ACC}] => (Allow) E:\SteamLibrary\steamapps\common\Mafia\Mafia\setup.exe () [File not signed]
FirewallRules: [{2887F48D-BC81-44DF-A834-5413541B8334}] => (Allow) E:\SteamLibrary\steamapps\common\Mafia\Mafia\setup.exe () [File not signed]
FirewallRules: [{55610ECB-4F70-4A8A-8F3D-78CAC03FD970}] => (Allow) C:\Program Files (x86)\Adguard\AdguardSvc.exe (Adguard Software Limited -> Adguard Software Limited)
FirewallRules: [{3EF1140F-BA53-4CDA-AE09-B642844A5DD7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.125.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{657C59C2-1BD8-448B-A246-27AE7BDCE76F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.125.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A5681019-551E-42DD-B5F3-B797F4C91B56}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.125.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{ED0F3DBE-0EC4-4917-AE3B-B21D2526CF79}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.125.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6F5CEDFE-6B5A-4A1D-A506-3E1AD30F08A7}] => (Allow) C:\Program Files\Google\Play Games\current\emulator\crosvm.exe (Google LLC -> )
FirewallRules: [{757D4559-00B0-4DA6-BDDD-9ECC70F9B9A1}] => (Allow) C:\Program Files\Google\Play Games\current\emulator\crosvm.exe (Google LLC -> )
FirewallRules: [{CA729D0F-A98C-4A0C-AE02-118F744B52BB}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\127.0.2651.105\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9CC10863-4A96-45E2-901B-E7A0FCB56A24}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{9FF3EA1D-A54E-4C71-8BC9-5F2984FD05E0}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{7FD0F5C5-4C71-4603-90FE-A8126D19E35A}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{8B5B19D5-64DD-44DB-88B8-F025778BF95B}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{9DCD82FD-3E6B-4EC6-A9D3-D64D58E8F55F}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAConnect_microsoft.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{BFB13081-B486-489B-9504-F5CC463DAB84}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{9BBB3918-DEA0-42B8-94C9-CBBA0455C0B0}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EADesktop.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{7771D6ED-D88F-4524-8DD9-03763DDDA429}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{44713E80-A8D5-4C4C-B711-0D0B7CCEE833}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EAGEP.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{ACA2956E-5DB3-4451-9F7C-E4DD17029C9D}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{922E9991-497E-42BB-85A4-9EB1DA3F1B8F}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALocalHostSvc.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{B50AEBAA-FC90-440B-823B-2BFBE8916217}] => (Allow) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALaunchHelper.exe (Electronic Arts, Inc. -> Electronic Arts)

==================== Restore Points =========================

28-07-2024 20:15:37 Scheduled Checkpoint
09-08-2024 21:54:08 Scheduled Checkpoint
11-08-2024 15:18:06 Driver Booster : AMD Radeon RX 6700 XT
17-08-2024 09:17:59 Inštalátor modulov systému Windows
17-08-2024 09:18:41 Inštalátor modulov systému Windows
17-08-2024 09:19:12 Inštalátor modulov systému Windows
18-08-2024 10:08:44 Inštalátor modulov systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (08/23/2024 07:24:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: wwahost.exe, verzia: 10.0.19041.4355, časová značka: 0xebbe3963
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.4717, časová značka: 0x16b0a901
Kód výnimky: 0x8000ffff
Odstup chyby: 0x0000000000132fb2
Identifikácia chybujúceho procesu: 0x26f0
Čas spustenia chybujúcej aplikácie: 0x01daf581440c3f6c
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\wwahost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 141865d5-7257-4437-a9a9-ec1db295b1d3
Celé meno chybujúceho balíka: Microsoft.Windows.CloudExperienceHost_10.0.19041.4239_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: App

Error: (08/23/2024 07:08:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: wwahost.exe, verzia: 10.0.19041.4355, časová značka: 0xebbe3963
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.4717, časová značka: 0x16b0a901
Kód výnimky: 0x8000ffff
Odstup chyby: 0x0000000000132fb2
Identifikácia chybujúceho procesu: 0x29c8
Čas spustenia chybujúcej aplikácie: 0x01daf57f1402cdb7
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\wwahost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 254c9fe1-f23c-42a7-9164-734e3e9dbca2
Celé meno chybujúceho balíka: Microsoft.Windows.CloudExperienceHost_10.0.19041.4239_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: App

Error: (08/19/2024 04:16:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: wwahost.exe, verzia: 10.0.19041.4355, časová značka: 0xebbe3963
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.4717, časová značka: 0x16b0a901
Kód výnimky: 0x8000ffff
Odstup chyby: 0x0000000000132fb2
Identifikácia chybujúceho procesu: 0x20c0
Čas spustenia chybujúcej aplikácie: 0x01daf1ddce07ae09
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\wwahost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 386c25fa-dea9-40f5-8ce7-5d77e9c9428d
Celé meno chybujúceho balíka: Microsoft.Windows.CloudExperienceHost_10.0.19041.4239_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: App

Error: (08/18/2024 09:35:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Launcher.exe_unknown, verzia: 0.0.0.0, časová značka: 0x66bd26b5
Názov chybujúceho modulu: ucrtbase.dll, verzia: 10.0.19041.3636, časová značka: 0x81cf5d89
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000007286e
Identifikácia chybujúceho procesu: 0x96c
Čas spustenia chybujúcej aplikácie: 0x01daf19e13915d10
Cesta chybujúcej aplikácie: C:\Users\PC1\Desktop\Mody\Launcher.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\ucrtbase.dll
Identifikácia hlásenia: 4d80b59a-7ba2-495c-9a9b-5c04ee490538
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (08/18/2024 08:37:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: wwahost.exe, verzia: 10.0.19041.4355, časová značka: 0xebbe3963
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.4717, časová značka: 0x16b0a901
Kód výnimky: 0x8000ffff
Odstup chyby: 0x0000000000132fb2
Identifikácia chybujúceho procesu: 0x208c
Čas spustenia chybujúcej aplikácie: 0x01daf19da59ef9b8
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\wwahost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: fedc6aae-79f3-44fa-93fb-df18bb2578f0
Celé meno chybujúceho balíka: Microsoft.Windows.CloudExperienceHost_10.0.19041.4239_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: App

Error: (08/18/2024 06:48:14 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress..

Error: (08/18/2024 06:48:14 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.]

Error: (08/18/2024 06:10:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Launcher.exe_unknown, verzia: 0.0.0.0, časová značka: 0x66bd26b5
Názov chybujúceho modulu: ucrtbase.dll, verzia: 10.0.19041.3636, časová značka: 0x81cf5d89
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000007286e
Identifikácia chybujúceho procesu: 0x3b30
Čas spustenia chybujúcej aplikácie: 0x01daf17dbbb03d49
Cesta chybujúcej aplikácie: C:\Users\PC1\Desktop\Mody\Launcher.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\ucrtbase.dll
Identifikácia hlásenia: c9267387-5dc3-45b0-ae2f-be1821d12b6e
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:


System errors:
=============
Error: (08/23/2024 07:26:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Služba Google Update (gupdate) zlyhalo kvôli nasledujúcej chybe:
The service did not respond to the start or control request in a timely fashion.

Error: (08/23/2024 07:26:02 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Služba Google Update (gupdate) bol dosiahnutý časový limit (120000 ms).

Error: (08/23/2024 07:23:47 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 19:08:14 on ‎23. ‎8. ‎2024 was unexpected.

Error: (08/23/2024 07:10:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Služba Google Update (gupdate) zlyhalo kvôli nasledujúcej chybe:
The service did not respond to the start or control request in a timely fashion.

Error: (08/23/2024 07:10:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Služba Google Update (gupdate) bol dosiahnutý časový limit (120000 ms).

Error: (08/19/2024 04:18:24 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Služba Google Update (gupdate) zlyhalo kvôli nasledujúcej chybe:
The service did not respond to the start or control request in a timely fashion.

Error: (08/19/2024 04:18:24 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Služba Google Update (gupdate) bol dosiahnutý časový limit (120000 ms).

Error: (08/18/2024 08:40:52 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NORVJE6)
Description: The server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter did not register with DCOM within the required timeout.


Windows Defender:
================
Date: 2024-08-11 19:38:49
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2024-07-19 21:40:59
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2024-07-14 15:04:25
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2024-07-13 20:31:03
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2024-07-12 18:31:46
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Event[0]:

Date: 2023-12-24 13:53:54
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.403.1028.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.23110.2
Error code: 0x80240438
Error description: Počas vyhľadávania aktualizácií sa vyskytol neočakávaný problém. Informácie o inštalácii aktualizácií a riešení problémov s aktualizáciami nájdete v Pomoci a technickej podpore.

Date: 2023-04-30 17:12:45
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence and will attempt to revert to a previous version.
Security intelligence Attempted: Current
Error Code: 0x80070003
Error description: The system cannot find the path specified.
Security intelligence Version: 0.0.0.0;0.0.0.0
Engine Version: 0.0.0.0

CodeIntegrity:
===============
Date: 2024-08-23 19:26:18
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 2.L0 01/22/2019
Motherboard: MSI B350M GAMING PRO (MS-7A39)
Processor: AMD Ryzen 5 2600 Six-Core Processor
Percentage of memory in use: 42%
Total physical RAM: 16335.13 MB
Available physical RAM: 9346.05 MB
Total Virtual: 26063.13 MB
Available Virtual: 16314.66 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:223.07 GB) (Free:28.48 GB) (Model: WDC WDS240G2G0B-00EPW0) NTFS
Drive e: (DATA) (Fixed) (Total:931.51 GB) (Free:168.86 GB) (Model: WDC WD10EZEX-08WN4A0) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{33d4e0ca-0000-0000-0000-90c437000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: D0D77719)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Size: 223.6 GB) (Disk ID: 33D4E0CA)
Partition 1: (Not Active) - (Size=223.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=517 MB) - (Type=27)

==================== End of Addition.txt =======================

Re: poprosim kontrolu logu (spomaleny až zasekany PC)

Napsal: 23 srp 2024 19:06
od Rudy
Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:

AlternateDataStreams: C:\Users\PC1\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\PC1\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\PC1\Documents\tata.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\PC1\Documents\tata.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Run: [PC1] => cmd.exe /c start www.exinariuminix.info (No File) <==== ATTENTION
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\MountPoints2: {283cab94-2c81-11ea-925c-309c239b7301} - "F:\setup.exe"
IFEO\osppsvc.exe: [VerifierDlls] SppExtComObjHook.dll
IFEO\SppExtComObj.Exe: [VerifierDlls] SppExtComObjHook.dll
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {4FB3A957-445C-4EFB-A0F8-0C00CB583A0E} - System32\Tasks\PC1 => C:\WINDOWS\system32\cmd.exe [289792 2024-05-17] (Microsoft Windows -> Microsoft Corporation) -> /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v PC1 /t REG_SZ /d "cmd.exe /c start www.exinariuminix.info" <==== ATTENTION
FCheck: C:\WINDOWS\SysWOW64\version_IObitDel.dll [2023-04-04] <==== ATTENTION

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: poprosim kontrolu logu (spomaleny až zasekany PC)

Napsal: 23 srp 2024 19:57
od PureHate44
Fix result of Farbar Recovery Scan Tool (x64) Version: 22-08.2024
Ran by PC1 (23-08-2024 20:53:19) Run:3
Running from C:\Users\PC1\Desktop
Loaded Profiles: PC1
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:

AlternateDataStreams: C:\Users\PC1\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\PC1\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\PC1\Documents\tata.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\PC1\Documents\tata.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\Run: [PC1] => cmd.exe /c start www.exinariuminix.info (No File) <==== ATTENTION
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\...\MountPoints2: {283cab94-2c81-11ea-925c-309c239b7301} - "F:\setup.exe"
IFEO\osppsvc.exe: [VerifierDlls] SppExtComObjHook.dll
IFEO\SppExtComObj.Exe: [VerifierDlls] SppExtComObjHook.dll
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {4FB3A957-445C-4EFB-A0F8-0C00CB583A0E} - System32\Tasks\PC1 => C:\WINDOWS\system32\cmd.exe [289792 2024-05-17] (Microsoft Windows -> Microsoft Corporation) -> /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v PC1 /t REG_SZ /d "cmd.exe /c start www.exinariuminix.info" <==== ATTENTION
FCheck: C:\WINDOWS\SysWOW64\version_IObitDel.dll [2023-04-04] <==== ATTENTION

EmptyTemp:
End
*****************

Processes closed successfully.
C:\Users\PC1\Application Data => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS removed successfully
"C:\Users\PC1\AppData\Roaming" => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS not found.
C:\Users\PC1\Documents\tata.jpeg => ":3or4kl4x13tuuug3Byamue2s4b" ADS could not remove.
C:\Users\PC1\Documents\tata.jpeg => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully
"HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\Software\Microsoft\Windows\CurrentVersion\Run\\PC1" => removed successfully
HKU\S-1-5-21-3805889190-2908880830-1705731779-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{283cab94-2c81-11ea-925c-309c239b7301} => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\osppsvc.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SppExtComObj.Exe => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{4FB3A957-445C-4EFB-A0F8-0C00CB583A0E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4FB3A957-445C-4EFB-A0F8-0C00CB583A0E}" => removed successfully
C:\WINDOWS\System32\Tasks\PC1 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC1" => removed successfully
C:\WINDOWS\SysWOW64\version_IObitDel.dll => moved successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 37022646 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 490209973 B
Windows/system/drivers => 3589666 B
Edge => 0 B
Chrome => 176254077 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
PC1 => 313789764 B

RecycleBin => 4325392 B
EmptyTemp: => 977.7 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:53:38 ====

Re: poprosim kontrolu logu (spomaleny až zasekany PC)

Napsal: 23 srp 2024 20:45
od Rudy
Smazáno. Zlepšil se chod PC?

Re: poprosim kontrolu logu (spomaleny až zasekany PC)

Napsal: 23 srp 2024 21:48
od PureHate44
Je to o dosť lepšíe.....Ďakujem :)))

Re: poprosim kontrolu logu (spomaleny až zasekany PC)

Napsal: 24 srp 2024 10:03
od Rudy
Nemáte zač! :-)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz