Kontrola logu
Napsal: 26 lis 2024 18:25
Dobrý den,
prosím o kontrolu logu z důvodu podivného chování Win. Po startu naskočí hláška , že MicrosoftEdgeUpdateCore.exe execution failure atd... Ikona v liště patří dle zjištění AutoIt v3 Script, což nevím k čemu slouží, ale dočetl jsem se , že to může být havěť. Od chvíle,kdy se začala objevovat tato chybová hláška, po startu na cca 2 sekundy zčerná obraz a pak se opět vše uvede do normálu. Taky se od té doby začal všude tlačit Edge, který jsem nikdy nepoužíval. Prosím proto o kontrolu logu. Děkuju moc
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-11-2024
Ran by Sysel (administrator) on DESKTOP-SRFASFD (Gigabyte Technology Co., Ltd. H310M S2 2.0) (26-11-2024 18:07:18)
Running from C:\Users\Sysel\Desktop\FRST64.exe
Loaded Profiles: Sysel
Platform: Microsoft Windows 10 Pro Version 22H2 19045.5131 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA Overlay.exe <5>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA app\ShadowPlay\nvsphelper64.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <22>
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_a55aa2cd52a3429d\LMS.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MysticLight\MysticLight2_Service.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <4>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ab3196e1830c9b6c\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MysticLight\LEDKeeper.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [YKB 3000 Gaming Keyboard Driver] => C:\Program Files\YKB 3000\YKB 3000 Gaming Keyboard Driver.exe [2039808 2020-11-25] (TODO: <Company name>) [File not signed]
HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14916448 2021-03-26] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\Run: [Gaijin.Net Updater] => "C:\Users\Sysel\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe" (No File)
HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\Run: [MicrosoftEdgeAutoLaunch_034C0662AD04BF19A02F5311BBF66569] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3911240 2024-11-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\RunOnce: [ebhhaeg] => C:\hbcfbdf\AutoIt3.exe [943784 2024-11-02] (AutoIt Consulting Ltd -> AutoIt Team) <==== ATTENTION
HKU\S-1-5-21-11058042-1712766284-1418202981-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Users\Sysel\Desktop\Fliqlo.scr
HKLM\...\Windows x64\Print Processors\Canon TS5300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDFO.DLL [509952 2019-07-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS5300 series: C:\WINDOWS\system32\CNMLMFO.DLL [940032 2019-07-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\131.0.6778.86\Installer\chrmstp.exe [2024-11-22] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {8CE631C0-84D4-4268-94B7-0997DC47E758} - System32\Tasks\Boom 3D App Updater => C:\Program Files\Global Delight\AppUpdater\Updater.exe [6144 2021-11-12] () [File not signed]
Task: {2B329831-E56C-4318-AE81-88C4F2E99F32} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{04C9A83E-8D4D-4955-9931-D01609CBAEF4} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {DFB16853-632C-4EBE-9ACC-89BB636412A1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {82686FD0-078D-4678-A446-C2CD0A26E58A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A16C8AE8-6669-4C34-90B2-CB35C61E0AE0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {303F1604-45A3-4FCB-9B9A-29DA48A6422A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4EC1F552-1A1F-4890-8CA8-F64E1BB4B71F} - System32\Tasks\MSILEDKeeper_Host => C:\Program Files (x86)\MSI\MysticLight\LEDKeeper.exe [1071760 2019-09-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {5E91275C-A9EF-4879-9BAA-122C513DB5F7} - System32\Tasks\MSISW_Host => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {C350D121-2E30-49DD-879E-848F36BEC3CD} - System32\Tasks\NVIDIA app SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA app.exe [3333672 2024-11-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {92B46CD6-86BB-4371-85B3-38DA420599B9} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4820E98F-546D-4524-ACF1-DD6817B31658} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{2ef07428-8c3a-4cc7-a4ec-a24488856898}: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{d229fd38-bcf5-4aed-a4e4-fe3774f964d9}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{d229fd38-bcf5-4aed-a4e4-fe3774f964d9}: [DhcpDomain] home
Tcpip\..\Interfaces\{d229fd38-bcf5-4aed-a4e4-fe3774f964d9}\55053413630363036353: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{d229fd38-bcf5-4aed-a4e4-fe3774f964d9}\55053413630363036353: [DhcpDomain] docsis.vodafone.cz
Tcpip\..\Interfaces\{d229fd38-bcf5-4aed-a4e4-fe3774f964d9}\F423D294E6475627E65647D25374D2838333: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{d229fd38-bcf5-4aed-a4e4-fe3774f964d9}\F423D294E6475627E65647D25374D2838333: [DhcpDomain] home
Tcpip\..\Interfaces\{d229fd38-bcf5-4aed-a4e4-fe3774f964d9}\F423D294E6475627E65647D2735343: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{d229fd38-bcf5-4aed-a4e4-fe3774f964d9}\F423D294E6475627E65647D2735343D25374: [DhcpNameServer] 10.0.0.138
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Sysel\AppData\Local\Microsoft\Edge\User Data\Default [2024-11-26]
Edge Extension: (Dokumenty Google offline) - C:\Users\Sysel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-31]
Edge Extension: (Edge relevant text changes) - C:\Users\Sysel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-04]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Default [2024-11-26]
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.cz/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Překladač Google) - C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2024-09-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-03]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-11-26]
CHR Extension: (Violentmonkey) - C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jinjaccalgkegednnccohejagnlnfdag [2024-11-03]
CHR Extension: (Morpheon Dark) - C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad [2024-03-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-15]
CHR Profile: C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-08-27]
CHR Profile: C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\System Profile [2024-08-27]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [2568840 2024-07-21] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1874272 2021-03-26] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6840672 2021-03-26] (GOG Sp. z o.o. -> GOG.com)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 MysticLight2_Service; C:\Program Files (x86)\MSI\MysticLight\MysticLight2_Service.exe [34976 2018-12-20] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ab3196e1830c9b6c\Display.NvContainer\NVDisplay.Container.exe [1275024 2024-10-16] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Rockstar Service; D:\Programy\Launcher\RockstarService.exe [2332976 2021-10-24] (Rockstar Games, Inc. -> Rockstar Games) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559368 2024-11-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 RTLDHCPService; C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [25560 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [59920 2022-05-31] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [19968 2019-10-17] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 FXVAD; C:\WINDOWS\system32\drivers\fxvad.sys [326656 2022-05-30] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 MDA_NTDRV; C:\WINDOWS\system32\MDA_NTDRV.sys [43664 2023-11-13] (Chongqing NIUBI Technology Co., Ltd. -> )
R3 MpKslf395a729; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7521CACC-CAFE-49DA-8301-6E1658E11F52}\MpKslDrv.sys [267552 2024-11-25] (Microsoft Windows -> Microsoft Corporation)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\MysticLight\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 RTCore64; D:\Programy\MSI Afterburner\RTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22104 2024-10-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [606624 2024-10-31] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105888 2024-10-31] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-11-26 18:07 - 2024-11-26 18:07 - 000015795 _____ C:\Users\Sysel\Desktop\FRST.txt
2024-11-26 18:06 - 2024-11-26 18:06 - 002402816 _____ (Farbar) C:\Users\Sysel\Desktop\FRST64.exe
2024-11-17 17:35 - 2024-11-17 17:42 - 000000000 ____D C:\Users\Sysel\Documents\Assassin's Creed Mirage
2024-11-17 12:34 - 2024-11-17 17:51 - 000000111 _____ C:\Output.txt
2024-11-17 12:28 - 2024-11-17 12:28 - 000003834 _____ C:\WINDOWS\system32\Tasks\NVIDIA app SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-11-17 12:28 - 2024-11-08 01:29 - 003074088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2024-11-17 12:28 - 2024-11-08 01:29 - 002369064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2024-11-15 17:54 - 2024-11-15 17:54 - 000000000 ___HD C:\$WinREAgent
2024-11-11 17:28 - 2024-11-11 17:28 - 007826444 _____ C:\Users\Sysel\Documents\DESKTOP-SRFASFD.arn
2024-11-02 17:38 - 2024-11-02 17:38 - 023848001 _____ C:\Users\Sysel\Desktop\sims-4-updater-v1.4.1.exe
2024-11-02 15:14 - 2024-11-02 15:14 - 000000000 ___HD C:\temp
2024-11-02 15:14 - 2024-11-02 15:14 - 000000000 ___HD C:\hbcfbdf
2024-11-02 15:12 - 2024-11-02 15:12 - 000000000 ____D C:\Users\Sysel\AppData\Roaming\danc
2024-10-30 19:04 - 2024-10-30 19:04 - 000000851 _____ C:\Users\Public\Desktop\Until Dawn.lnk
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-11-26 18:07 - 2024-08-27 16:23 - 000000000 ____D C:\FRST
2024-11-26 18:05 - 2021-04-15 18:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-11-25 22:36 - 2023-07-15 20:09 - 000000000 ____D C:\ProgramData\NVIDIA
2024-11-25 20:11 - 2023-11-11 08:55 - 000000757 _____ C:\Users\Sysel\Desktop\TS4_x64 (always offline).lnk
2024-11-25 20:11 - 2022-06-13 17:19 - 000000000 ____D C:\Users\Sysel\AppData\Local\CrashDumps
2024-11-24 23:00 - 2021-04-15 17:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-11-24 13:29 - 2021-12-18 17:35 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-11-24 13:28 - 2020-09-27 08:58 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-11-24 13:21 - 2021-04-15 17:43 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-11-24 13:21 - 2021-04-15 17:43 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-11-24 12:31 - 2021-04-15 18:36 - 000000000 ___HD C:\Program Files\WindowsApps
2024-11-24 12:31 - 2021-04-15 18:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-11-22 19:24 - 2020-11-18 17:00 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-11-19 20:21 - 2021-04-15 18:35 - 000000000 ____D C:\WINDOWS\INF
2024-11-18 17:43 - 2021-04-15 17:52 - 000000000 ____D C:\Users\Sysel\AppData\Local\D3DSCache
2024-11-18 17:32 - 2021-04-15 18:37 - 000716874 _____ C:\WINDOWS\system32\perfh005.dat
2024-11-18 17:32 - 2021-04-15 18:37 - 000145052 _____ C:\WINDOWS\system32\perfc005.dat
2024-11-18 17:32 - 2021-04-15 17:53 - 001693568 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-11-18 17:29 - 2023-10-07 15:01 - 000000446 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2024-11-18 17:27 - 2023-07-15 19:50 - 000001134 _____ C:\WINDOWS\system32\config\VSMIDK
2024-11-18 17:27 - 2021-04-15 18:32 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-11-18 17:27 - 2021-04-15 17:42 - 000404104 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-11-18 17:27 - 2021-04-15 17:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-11-18 17:27 - 2020-09-27 06:55 - 000008192 ___SH C:\DumpStack.log.tmp
2024-11-18 17:26 - 2023-10-07 14:55 - 000000000 ____D C:\Program Files\Hyper-V
2024-11-18 17:26 - 2023-07-15 20:09 - 000000000 ___SD C:\WINDOWS\system32\lxss
2024-11-18 17:26 - 2021-04-15 18:36 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-11-18 17:26 - 2021-04-15 18:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-11-18 17:26 - 2021-04-15 18:36 - 000000000 ____D C:\WINDOWS\SystemResources
2024-11-18 17:26 - 2021-04-15 18:36 - 000000000 ____D C:\WINDOWS\system32\setup
2024-11-18 17:26 - 2021-04-15 18:36 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-11-18 17:26 - 2021-04-15 18:36 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-11-18 17:26 - 2021-04-15 18:36 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-11-18 17:26 - 2021-04-15 18:36 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-11-18 17:26 - 2021-04-15 18:36 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-11-18 17:26 - 2021-04-15 18:36 - 000000000 ____D C:\WINDOWS\DiagTrack
2024-11-18 17:26 - 2021-04-15 18:36 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-11-18 17:26 - 2021-04-15 18:36 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-11-17 15:16 - 2020-12-31 11:43 - 000000000 ____D C:\Users\Sysel\Documents\The Witcher 3
2024-11-17 14:43 - 2022-02-27 18:48 - 000000000 ____D C:\Users\Sysel\AppData\Roaming\qBittorrent
2024-11-17 12:31 - 2021-09-01 12:04 - 000000000 ____D C:\Users\Sysel\AppData\Local\NVIDIA Corporation
2024-11-17 12:28 - 2023-07-15 20:09 - 000000000 ____D C:\Users\Sysel\AppData\Local\NVIDIA
2024-11-17 12:28 - 2023-07-15 20:09 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2024-11-17 12:28 - 2023-07-15 20:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2024-11-17 12:28 - 2021-04-16 17:26 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2024-11-17 12:28 - 2021-04-16 17:26 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2024-11-15 18:05 - 2021-04-15 18:33 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-11-15 18:02 - 2021-04-15 17:44 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-11-15 17:53 - 2021-04-17 14:31 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-11-15 17:51 - 2021-04-17 14:31 - 202035632 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-11-11 17:48 - 2021-04-15 18:36 - 000000000 ____D C:\WINDOWS\appcompat
2024-11-08 01:29 - 2023-07-15 20:09 - 000270888 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2024-11-08 01:29 - 2023-07-15 20:09 - 000245288 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2024-11-08 01:09 - 2024-08-24 19:32 - 000180760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2024-11-08 01:09 - 2024-08-24 19:32 - 000159768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2024-11-08 01:08 - 2024-08-24 19:32 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2024-11-02 17:42 - 2022-08-28 10:27 - 000000000 ____D C:\Users\Sysel\AppData\Local\anadius
2024-11-02 15:12 - 2020-11-29 17:52 - 000000000 ____D C:\Users\Sysel\Documents\My Games
2024-10-31 21:29 - 2021-04-15 17:42 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-10-30 15:19 - 2021-02-21 19:46 - 000000839 _____ C:\Users\Sysel\Desktop\Grand Theft Auto V.lnk
2024-10-27 18:15 - 2020-12-31 15:10 - 000000919 _____ C:\Users\Sysel\Desktop\Assassins Creed Origins.lnk
2024-10-27 10:45 - 2024-09-24 20:33 - 000000000 ____D C:\Users\Sysel\Desktop\sims saves
==================== Files in the root of some directories ========
2022-07-25 20:38 - 2022-07-27 11:02 - 000000813 _____ () C:\Users\Sysel\AppData\Roaming\DESKTOP-SRFASFD.MTBF.txt
2021-05-01 18:41 - 2021-05-01 18:46 - 000012288 _____ () C:\Users\Sysel\AppData\Roaming\emp.bin
2023-11-10 10:28 - 2023-11-10 10:35 - 000000016 _____ () C:\Users\Sysel\AppData\Roaming\msregsvv.dll
2023-07-15 21:27 - 2023-07-15 21:27 - 000000291 _____ () C:\Users\Sysel\AppData\Local\ledConfiguration.config
2023-07-15 21:27 - 2023-07-15 21:42 - 000000747 _____ () C:\Users\Sysel\AppData\Local\NvidiaLEDVisualizer.config
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-11-2024
Ran by Sysel (26-11-2024 18:08:43)
Running from C:\Users\Sysel\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.5131 (X64) (2021-04-15 16:52:26)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-11058042-1712766284-1418202981-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-11058042-1712766284-1418202981-503 - Limited - Disabled)
Guest (S-1-5-21-11058042-1712766284-1418202981-501 - Limited - Disabled)
Sysel (S-1-5-21-11058042-1712766284-1418202981-1001 - Administrator - Enabled) => C:\Users\Sysel
WDAGUtilityAccount (S-1-5-21-11058042-1712766284-1418202981-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
A Sharper Scaling version 1.2 (HKLM-x32\...\{7CFADE53-9599-48C5-9FE3-689E56C1D96B}_is1) (Version: 1.2 - )
Aplikace NVIDIA 11.0.1.163 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NvApp) (Version: 11.0.1.163 - NVIDIA Corporation)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Audacity 3.4.2 (HKLM\...\Audacity_is1) (Version: 3.4.2 - Audacity Team)
BS.Player PRO (HKLM-x32\...\BSPlayerp) (Version: 2.74.1085 - AB Team, d.o.o.)
Creative Pack Volume 1 (HKLM\...\{997BE27F-A97F-4EF4-B841-D20ABF1CD6DC}) (Version: 4.0.0 - Corel Corporation)
CustomsForge Song Manager - Latest Build 1.6.0.1 (HKLM-x32\...\58F35625-541C-493A-A289-4B2D362DAFE0_is1) (Version: 1.6.0.1 - CustomsForge)
Days Gone (HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\FLT_Days Gone) (Version: - )
Dazzle Video Capture DVC100 X64 Driver 1.08 (HKLM-x32\...\{FB4B9EB9-68B2-4C42-8C38-B65F8FE5A5CA}) (Version: 1.08.0000 - Pinnacle)
Dynamic Application Loader Host Interface Service (HKLM\...\{F8197FEC-9FA0-4488-AC9D-38E67D58FDAC}) (Version: 1.0.0.0 - Intel Corporation) Hidden
ENE RGB HAL (HKLM\...\{B380DBDE-BA95-481B-92E9-52F2E5E84F24}) (Version: 1.00.15 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{adbc3d98-57f2-4d68-b155-138f8fb0f73d}) (Version: 1.00.15 - Ene Tech.) Hidden
ENE_DRAM_RGB_AURA42 (HKLM\...\{BC5E0A82-C638-44CB-8129-20C8ED70DE7A}) (Version: 1.00.02 - Ene Tech.) Hidden
ENE_DRAM_RGB_AURA42 (HKLM-x32\...\{f3d7fb09-b93f-4c01-a765-0b0adc5bc746}) (Version: 1.00.02 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{1CD178C9-BB49-4E59-9DA6-3C152E2A9844}) (Version: 1.00.01 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{fe81cfd3-9db4-409d-b0f9-26707d1423c6}) (Version: 1.00.01 - ENE TECHNOLOGY INC.) Hidden
Geeks3D FurMark 1.25.1.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: 1.25.1.0 - Geeks3D)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 131.0.6778.86 - Google LLC)
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.2372.2 - Rockstar Games)
Guitar Rig 6 (HKLM\...\Guitar Rig 6 Pro_is1) (Version: 6.0.3 - Native Instruments & Team V.R)
INDIKA - CZ (HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\INDIKA - CZ) (Version: - )
Intel(R) Chipset Device Software (HKLM\...\{44C34709-F068-4CBC-8A71-515EDBC3B2A6}) (Version: 10.1.18383.8213 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{afad3740-3061-4b48-a9ab-6f1435cb3dd6}) (Version: 10.1.18383.8213 - Intel(R) Corporation)
Intel(R) Icls (HKLM\...\{456B5CCF-722F-4AC9-9490-3C9FCADEEEF2}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) LMS (HKLM\...\{AD1C4C82-ED20-4DD6-A5BA-DA8748D1AF98}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2020.14.0.1600 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{B8179F2A-010B-4F9C-AFA1-FB38E4D387A8}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{BAA8CB3F-7E98-4064-8ED5-3C116C15EF13}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{E22D7631-A5A7-4483-9E20-7C91E447B94C}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Kingdom Come: Deliverance - A Woman's Lot (HKLM-x32\...\1460218995_is1) (Version: 1.9.6-404-504czj3 - GOG.com)
Kingdom Come: Deliverance – Band of Bastards (HKLM-x32\...\1957357825_is1) (Version: 1.9.6-404-504czj3 - GOG.com)
Kingdom Come: Deliverance – From the Ashes (HKLM-x32\...\1201995925_is1) (Version: 1.9.6-404-504czj3 - GOG.com)
Kingdom Come: Deliverance – The Amorous Adventures of Bold Sir Hans Capon (HKLM-x32\...\1336069439_is1) (Version: 1.9.6-404-504czj3 - GOG.com)
Kingdom Come: Deliverance (HKLM-x32\...\1719198803_is1) (Version: 1.9.6-404-504czj3 - GOG.com)
Kingdom Come: Deliverance Treasures of the Past DLC (HKLM-x32\...\1300320746_is1) (Version: 1.9.6-404-504czj3 - GOG.com)
Kontrola stavu osobního počítače s Windows (HKLM\...\{95548B78-8547-4E91-B0DA-1CBB82150917}) (Version: 3.7.2204.15001 - Microsoft Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Life is Strange 2 (HKLM-x32\...\Life is Strange 2_is1) (Version: 0.0.0 - DODI-Repacks)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 131.0.2903.63 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 131.0.2903.63 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Czech) 2007 (HKLM-x32\...\{90120000-0015-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Excel MUI (Czech) 2007 (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Czech) 2007 (HKLM-x32\...\{90120000-00BA-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2007 (HKLM-x32\...\{90120000-0044-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (HKLM\...\{90120000-002A-0000-1000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2007 (HKLM-x32\...\{90120000-00A1-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2007 (HKLM-x32\...\{90120000-001A-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2007 (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proof (Czech) 2007 (HKLM-x32\...\{90120000-001F-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2007 (HKLM-x32\...\{90120000-001F-041B-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2007 (HKLM-x32\...\{90120000-002C-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2007 (HKLM-x32\...\{90120000-0019-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2007 (HKLM\...\{90120000-002A-0405-1000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2007 (HKLM-x32\...\{90120000-006E-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2007 (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33135 (HKLM-x32\...\{c649ede4-f16a-4486-a117-dcc2f2a35165}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.38.33135 (HKLM-x32\...\{46c3b171-c15c-4137-8e1d-67eeb2985b44}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33135 (HKLM\...\{19AFE054-CA83-45D5-A9DB-4108EF4BD391}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33135 (HKLM\...\{AA0C8AB5-7297-4D46-A0D9-08096FE59E46}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.38.33135 (HKLM-x32\...\{9C19C103-7DB1-44D1-A039-2C076A633A38}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.38.33135 (HKLM-x32\...\{286DC39B-5FB7-4AFF-9DD4-22DB47664CD7}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Minimal ADB and Fastboot version 1.4.3 (HKLM-x32\...\{B561660D-8B3C-491D-9E3E-293F14FCAADA}_is1) (Version: 1.4.3 - Samuel Rodberg)
Modern Warfare Remastered v.1.15.1251288.0 (HKLM-x32\...\{6033673D-2930-7711-3AD2-EB059FC263F9}_is1) (Version: - RePack by Canek77)
MSI Afterburner 4.6.4 Beta 3 (HKLM-x32\...\Afterburner) (Version: 4.6.4 Beta 3 - MSI Co., LTD)
MSI MysticLight (HKLM-x32\...\{93874B70-6C5E-446A-AF4D-E5AC776A0386}}_is1) (Version: 3.0.0.70 - MSI)
NewBlue Effects (HKLM\...\{C68BAB1A-C7DF-4D81-83FC-981B31921924}) (Version: 2.1.0 - Corel Corporation)
NVIDIA FrameView SDK 1.4.10624.35034762 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.4.10624.35034762 - NVIDIA Corporation)
NVIDIA LED Visualizer 1.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.LEDVisualizer) (Version: 1.3 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 566.03 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 566.03 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
Paint Shop Pro 7 ESD (HKLM-x32\...\{D6DE02C7-1F47-11D4-9515-00105AE4B89A}) (Version: 7.0.0.0000 - Jasc Software Inc)
qBittorrent (HKLM-x32\...\qBittorrent) (Version: 4.6.0 - The qBittorrent project)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.46.1231.2020 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
Red Dead Redemption 2 (HKLM-x32\...\Red Dead Redemption 2_is1) (Version: - )
RivaTuner Statistics Server 7.3.2 Beta 2 (HKLM-x32\...\RTSS) (Version: 7.3.2 Beta 2 - Unwinder)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.49.529 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.9.3 - Rockstar Games)
Sapphire TRIXX 8.6.0 (HKLM-x32\...\{49272457-BEDE-4A3A-808F-7BBD4840E85B}_is1) (Version: 8.6.0 - Sapphire)
ScoreFitter Volumes 1-2 (HKLM\...\{5CA29919-6361-4A17-91C5-6819E43794B1}) (Version: 3.0 - Corel Corporation)
Sims 4 Mod Manager version b1.0.9 (HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\{0A555FCD-A8E3-47F6-B776-033D8017BFDC}_is1) (Version: b1.0.9 - GameTimeDev)
The Quarry (HKLM-x32\...\The Quarry_is1) (Version: - )
The Quarry CZ (HKLM-x32\...\The Quarry CZ) (Version: - )
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.99.305.1020 - Electronic Arts Inc.)
The Witcher 3: Wild Hunt - Game of the Year Edition (HKLM-x32\...\1495134320_is1) (Version: 4.02_Hotfix - GOG.com)
Title Extreme (HKLM\...\{3B519225-B4B2-40B7-A431-3C6AAE2831B4}) (Version: 3.0 - Corel Corporation)
TP-Link Archer T2U Plus Driver (HKLM-x32\...\{D646A985-33A6-4D98-973F-44CC267BD834}) (Version: 2.1.0 - TP-Link)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Until Dawn (HKLM-x32\...\Until Dawn_is1) (Version: - )
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
Wondershare Filmora 11(Build 11.0.10.2) (HKLM\...\Wondershare Filmora 11_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
YKB 3000 Gaming Keyboard Driver (HKLM-x32\...\YKB 3000 Gaming Keyboard Driver) (Version: V1.01n - YENKEE)
Chrome apps:
============
YouTube Music (HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\7d0759e527abc1afd161532a334cc2fe) (Version: 1.0 - Google\Chrome)
Packages:
=========
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2023-11-16] (Canon Inc.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-07-25] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-04-16] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-04-16] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-10-23] (NVIDIA Corp.)
Pantone Color of the Year 2022 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.PantoneColoroftheYear2022_1.0.0.0_neutral__8wekyb3d8bbwe [2023-11-06] (Microsoft Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.20.235.0_x64__dt26b99r8h8gj [2023-06-10] (Realtek Semiconductor Corp)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-11058042-1712766284-1418202981-1001_Classes\CLSID\{e1a7f602-67b7-44f7-ad19-439e41f06cd8}\localserver32 -> "C:\Program Files\Global Delight\Boom 3D\Boom3D.exe" -ToastActivated => No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ab3196e1830c9b6c\nvshext.dll [2024-10-16] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\WINDOWS\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2010-11-23] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2010-11-23] (Electronic Arts -> On2.com)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_cinhimbnkkaeohfgghhklpknlkffjgod\YouTube Music.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cinhimbnkkaeohfgghhklpknlkffjgod
ShortcutWithArgument: C:\Users\Sysel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube Music.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cinhimbnkkaeohfgghhklpknlkffjgod
ShortcutWithArgument: C:\Users\Sysel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\YouTube Music.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cinhimbnkkaeohfgghhklpknlkffjgod
==================== Loaded Modules (Whitelisted) =============
2023-07-15 21:55 - 2017-08-02 13:48 - 000237568 _____ () [File not signed] C:\Program Files (x86)\MSI\MysticLight\LEDControl.dll
2020-01-13 12:51 - 2020-01-13 12:51 - 000210432 _____ () [File not signed] C:\Program Files\ENE\Aac_ENE RGB HAL\x86\AacHal_x86.dll
2019-10-22 01:16 - 2019-10-22 01:16 - 000264704 _____ () [File not signed] C:\Program Files\ENE\Aac_ENE RGB HAL\x86\SB_SMBUS_SDK.dll
2019-11-06 13:09 - 2019-11-06 13:09 - 000190976 _____ () [File not signed] C:\Program Files\ENE\Aac_ENE_DRAM_RGB_AURA42\x86\AacHal_x86.dll
2019-06-28 09:51 - 2019-06-28 09:51 - 000184832 _____ () [File not signed] C:\Program Files\ENE\Aac_ENE_EHD_M2_HAL\AacHal_x86.dll
2023-07-15 21:55 - 2018-11-14 22:08 - 002200784 _____ (Dexin Corp -> MICRO-STAR INTERNATIONAL) [File not signed] C:\Program Files (x86)\MSI\MysticLight\IcMSIDll.dll
2021-04-16 17:07 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2024-11-17 12:28 - 2024-11-17 12:28 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\PlugIns\NVIDIA app\MessageBusRouter.dll] C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\PlugIns\NVIDIA Overlay\MessageBusRouter.dll
2024-11-17 12:28 - 2024-11-17 12:28 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA app\MessageBus\NvMessageBusBroadcast.dll] C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\NvMessageBusBroadcast.dll
2023-07-15 21:55 - 2016-10-03 12:43 - 000399872 _____ (TODO: <公司名稱>) [File not signed] C:\Program Files (x86)\MSI\MysticLight\Lib\SDKDLL.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2021-04-15 18:36 - 2024-08-27 18:05 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
2023-10-07 15:01 - 2024-11-18 17:29 - 000000446 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
172.26.192.1 DESKTOP-SRFASFD.mshome.net # 2029 11 6 17 16 29 45 403
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-11058042-1712766284-1418202981-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sysel\Pictures\wallpaper-mania.com_High_resolution_wallpaper_background_ID_77700001659.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi 3: TP-Link Wireless USB Adapter -> rtwlanu.sys
vEthernet (Default Switch): Hyper-V Virtual Ethernet Adapter -> VmsProxyHNic.sys
Ethernet: Realtek Gaming GbE Family Controller -> rt640x64.sys
vms_vsf: Hyper-V Virtual Switch Extension Filter
ms_vfpext: Microsoft Azure VFP Switch Extension
vms_vsp: Hyper-V Virtual Switch Extension Protocol
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "YKB 3000 Gaming Keyboard Driver"
HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\StartupApproved\StartupFolder: => "Boom3D.lnk"
HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\StartupApproved\Run: => "GogGalaxy"
HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_034C0662AD04BF19A02F5311BBF66569"
HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\StartupApproved\Run: => "WarThunderLauncher"
HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\StartupApproved\Run: => "Gaijin.Net Updater"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{C4C5FBC2-D058-4C3E-B956-5616A11F3565}] => (Allow) D:\Programy\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3A28D871-FD36-4243-9651-597AA33A826C}] => (Allow) D:\Programy\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{F7B0B944-B267-4D80-8CE6-B94DF75B746D}] => (Allow) D:\Programy\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7BF9B97D-51F3-43BF-977E-6E9CFFE0B487}] => (Allow) D:\Programy\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{762B8DC1-B6F3-4217-B868-6BBFB2501B58}] => (Allow) D:\Programy\Steam\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [{FC341532-D3FA-489F-A0CC-C86EF585F0A6}] => (Allow) D:\Programy\Steam\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [TCP Query User{689E6190-A0CF-4D0A-A189-761E02E1D4CE}D:\hry\grand theft auto v\gta5.exe] => (Block) D:\hry\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) [File not signed]
FirewallRules: [UDP Query User{559DB2A7-0A44-49A4-9716-FCCA6F92DEB6}D:\hry\grand theft auto v\gta5.exe] => (Block) D:\hry\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) [File not signed]
FirewallRules: [{C694B2A3-AA51-49DC-9847-00A31CC018F9}] => (Allow) LPort=1542
FirewallRules: [{EFA625FA-4A5C-46C3-B8B4-A200C5470FBF}] => (Allow) LPort=1542
FirewallRules: [{37153D3B-B556-4E1C-A738-820CC63E772D}] => (Allow) LPort=53
FirewallRules: [{CBF19A06-A456-4C54-A371-FA3CF28E4C53}] => (Allow) LPort=53
FirewallRules: [{7BA01785-BBEC-4FDD-B5CD-77582B42636E}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{C6CFAB22-6647-421B-A7A2-5AF6B3236466}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{4EB754EA-5E5F-4955-A908-A1D2FC9C2D57}] => (Allow) D:\Programy\Steam\steamapps\common\Rocksmith2014\Rocksmith2014.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{BFE63AB1-9C3B-4360-B4D4-4C0E3877C37A}] => (Allow) D:\Programy\Steam\steamapps\common\Rocksmith2014\Rocksmith2014.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{206093AF-1F37-4FBA-85A3-FCEAE906ADC7}] => (Allow) D:\Hry\Red Dead Redemption 2\RDR2.exe (Rockstar Games) [File not signed]
FirewallRules: [{6D4EF899-4E64-45BD-BFE6-C0527007AD17}] => (Allow) D:\Hry\Red Dead Redemption 2\RDR2.exe (Rockstar Games) [File not signed]
FirewallRules: [TCP Query User{B8B7503B-D1BF-4419-BD3A-6E1899DD18D7}D:\hry\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Block) D:\hry\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe => No File
FirewallRules: [UDP Query User{2FF3FAE1-F2A3-44A5-A6CA-D49B8CE54C74}D:\hry\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Block) D:\hry\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe => No File
FirewallRules: [{9E8A40A0-10E9-41F0-92F6-FE2AD5C5DF89}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{E7323F3B-BF56-47EC-A91C-2487934CC1C3}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [TCP Query User{113875F6-83C9-4690-A0F7-ED6E88B666F7}D:\hry\polylithic.early.access\polylithic.early.access\polylithic.exe] => (Block) D:\hry\polylithic.early.access\polylithic.early.access\polylithic.exe () [File not signed]
FirewallRules: [UDP Query User{8DFE5DD2-F82F-4F80-9802-979E63EFBB3D}D:\hry\polylithic.early.access\polylithic.early.access\polylithic.exe] => (Block) D:\hry\polylithic.early.access\polylithic.early.access\polylithic.exe () [File not signed]
FirewallRules: [TCP Query User{316CBD2F-67BA-4B56-B721-2E05AE7D3660}F:\heavy rain\heavyrain.exe] => (Block) F:\heavy rain\heavyrain.exe => No File
FirewallRules: [UDP Query User{250F37B0-B3EB-4D05-80F9-96A2A1DB09C2}F:\heavy rain\heavyrain.exe] => (Block) F:\heavy rain\heavyrain.exe => No File
FirewallRules: [TCP Query User{D979709A-D374-4383-B30A-648D667F76C3}F:\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) F:\kingdom come deliverance\bin\win64\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [UDP Query User{E1D70A88-B79B-48DF-8D79-8F10FE670566}F:\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) F:\kingdom come deliverance\bin\win64\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [TCP Query User{5CB9EF81-8469-44F0-A6CF-78F394BB2FE5}F:\warthunder\launcher.exe] => (Allow) F:\warthunder\launcher.exe => No File
FirewallRules: [UDP Query User{5352F5E2-7DC8-4569-9AD6-1829C15337EE}F:\warthunder\launcher.exe] => (Allow) F:\warthunder\launcher.exe => No File
FirewallRules: [{F0E3DC85-5C4B-43EF-AF1A-827DA713744F}] => (Block) F:\warthunder\launcher.exe => No File
FirewallRules: [{4400C81F-418C-4FDB-9ACC-389B3AABC93F}] => (Block) F:\warthunder\launcher.exe => No File
FirewallRules: [TCP Query User{C00B1D58-93E6-4AD5-AFEE-25910E13EE3E}F:\warthunder\win64\aces.exe] => (Allow) F:\warthunder\win64\aces.exe => No File
FirewallRules: [UDP Query User{E760827B-6D97-4D9F-A654-02F8CBC7A484}F:\warthunder\win64\aces.exe] => (Allow) F:\warthunder\win64\aces.exe => No File
FirewallRules: [{A4805F95-866C-469E-89BC-FEEEE08E3064}] => (Block) F:\warthunder\win64\aces.exe => No File
FirewallRules: [{AC1B2455-B576-4554-ADD9-13BC02AC97E6}] => (Block) F:\warthunder\win64\aces.exe => No File
FirewallRules: [{9AC72441-5C34-4BE5-92EB-601AD4350D8A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.132.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CA9B5064-7DAC-4B58-8CFD-CCEAC84ED890}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.132.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CD794101-1E14-4856-B076-A80E5AC2707C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.132.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7C27E85E-86D2-49AC-BC02-2F9E0E6EBDA2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.132.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F90A7E2E-5A20-4311-AE7E-A297BD58BA00}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E3405049-8C8E-44FA-A8BE-BDDD7F810D91}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.63\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{90763C9C-EB48-4D90-95D8-ADEE8B04D92B}] => (Allow) LPort=26820
FirewallRules: [{FE7D018A-EDCF-4EE5-94EB-120C29D965E8}] => (Allow) LPort=26822
==================== Restore Points =========================
07-11-2024 18:40:13 Naplánovaný kontrolní bod
15-11-2024 17:53:42 Instalační služba modulů systému Windows
24-11-2024 13:23:58 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (11/25/2024 08:11:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: TS4_x64.exe, verze: 1.110.294.1020, časové razítko: 0x671acc0a
Název chybujícího modulu: TS4_x64.exe, verze: 1.110.294.1020, časové razítko: 0x671acc0a
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000535d57
ID chybujícího procesu: 0x20fc
Čas spuštění chybující aplikace: 0x01db3f6c4d04ef83
Cesta k chybující aplikaci: F:\The Sims 4\Game\Bin\TS4_x64.exe
Cesta k chybujícímu modulu: F:\The Sims 4\Game\Bin\TS4_x64.exe
ID zprávy: f8b1d33a-cdc4-438f-9aba-767e5754df65
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/22/2024 10:20:14 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Instalace (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (11/22/2024 09:54:04 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Data (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (11/17/2024 03:22:53 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro F:\Grim Dawn\crashreporter.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.4355_none_a865f0c28672571c.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.4355_none_60b8b9eb71f62e16.manifest.
Error: (11/17/2024 12:28:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: nvcontainer.exe, verze: 1.40.3345.4032, časové razítko: 0x653a1567
Název chybujícího modulu: nvcontainer.exe, verze: 1.40.3345.4032, časové razítko: 0x653a1567
Kód výjimky: 0xc0000409
Posun chyby: 0x0000000000094e05
ID chybujícího procesu: 0x1238
Čas spuštění chybující aplikace: 0x01db3456cd7ce14e
Cesta k chybující aplikaci: C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
Cesta k chybujícímu modulu: C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
ID zprávy: 4574a44b-e1ed-47b3-b1cb-00213eb5a8b1
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/17/2024 12:17:57 PM) (Source: Microsoft-Windows-CertificateServicesClient) (EventID: 1003) (User: NT AUTHORITY)
Description: U klienta Certifikační služby se nezdařilo vyvolat poskytovatele jako odpověď na událost 256. Kód chyby 2147942593.
Error: (11/17/2024 12:17:57 PM) (Source: Microsoft-Windows-CertificateServicesClient) (EventID: 1001) (User: NT AUTHORITY)
Description: U klienta Certifikační služby se nezdařilo načíst poskytovatele pautoenr.dll. Kód chyby 193.
Error: (11/16/2024 10:21:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: TS4_x64.exe, verze: 1.110.294.1020, časové razítko: 0x671acc0a
Název chybujícího modulu: TS4_x64.exe, verze: 1.110.294.1020, časové razítko: 0x671acc0a
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000001cf4338
ID chybujícího procesu: 0x3418
Čas spuštění chybující aplikace: 0x01db386c92cab5ac
Cesta k chybující aplikaci: F:\The Sims 4\Game\Bin\TS4_x64.exe
Cesta k chybujícímu modulu: F:\The Sims 4\Game\Bin\TS4_x64.exe
ID zprávy: 845646a3-da0a-4b0e-99ee-02e20fd4c06f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (11/26/2024 05:46:43 PM) (Source: TPM) (EventID: 15) (User: )
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.
Error: (11/25/2024 08:11:25 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-SRFASFD)
Description: Server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/25/2024 08:01:04 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-SRFASFD)
Description: Server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/25/2024 07:07:26 PM) (Source: TPM) (EventID: 15) (User: )
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.
Error: (11/24/2024 09:48:47 PM) (Source: TPM) (EventID: 15) (User: )
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.
Error: (11/24/2024 07:30:48 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-SRFASFD)
Description: Server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/24/2024 02:57:30 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-SRFASFD)
Description: Server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/24/2024 12:46:06 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-SRFASFD)
Description: Server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
================
Date: 2024-11-24 13:24:42
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {6B2158AA-5A57-48F0-AE81-EB6EDFD489E4}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-11-22 21:54:00
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {00CF20B6-144E-45C6-9045-6935D59C4168}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-11-22 19:06:36
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D93E7028-84D0-47B0-A123-C048520CD8CC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-11-18 16:40:26
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {34C848A3-5B4B-495C-82BA-7FE09E372C72}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-11-17 00:31:22
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D6BAAFF3-6660-4BA0-9058-09B3FC23D4CD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:
Date: 2024-09-08 09:30:23
Description:
Antivirová ochrana v programu Microsoft Defender narazil na kritickou chybu při provádění akce s malwarem nebo jiným potenciálně nežádoucím softwarem.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: VirTool:Win32/Obfuscator.XZ
Závažnost: Vážné
Kategorie: Nástroj
Cesta: file:_G:\SOFTWARE\!!!CRACK!!!\rld.dll
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Akce: Karanténa
Stav akce: No additional actions required
Kód chyby: 0x80070005
Popis chyby: Přístup byl odepřen.
Verze bezpečnostních informací: AV: 1.417.569.0, AS: 1.417.569.0, NIS: 1.417.569.0
Verze modulu: AM: 1.1.24070.3, NIS: 1.1.24070.3
Date: 2024-09-08 09:28:34
Description:
Antivirová ochrana v programu Microsoft Defender narazil na kritickou chybu při provádění akce s malwarem nebo jiným potenciálně nežádoucím softwarem.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: VirTool:Win32/Obfuscator.XZ
Závažnost: Vážné
Kategorie: Nástroj
Cesta: file:_G:\SOFTWARE\!!!CRACK!!!\rld.dll
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Akce: Karanténa
Stav akce: No additional actions required
Kód chyby: 0x80070005
Popis chyby: Přístup byl odepřen.
Verze bezpečnostních informací: AV: 1.417.569.0, AS: 1.417.569.0, NIS: 1.417.569.0
Verze modulu: AM: 1.1.24070.3, NIS: 1.1.24070.3
Date: 2024-09-08 09:21:25
Description:
Antivirová ochrana v programu Microsoft Defender narazil na kritickou chybu při provádění akce s malwarem nebo jiným potenciálně nežádoucím softwarem.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: VirTool:Win32/Obfuscator.XZ
Závažnost: Vážné
Kategorie: Nástroj
Cesta: file:_G:\SOFTWARE\!!!CRACK!!!\rld.dll
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Akce: Karanténa
Stav akce: No additional actions required
Kód chyby: 0x80070005
Popis chyby: Přístup byl odepřen.
Verze bezpečnostních informací: AV: 1.417.569.0, AS: 1.417.569.0, NIS: 1.417.569.0
Verze modulu: AM: 1.1.24070.3, NIS: 1.1.24070.3
Date: 2024-08-29 15:27:12
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Zálohování
Kód chyby: 0x80004004
Popis chyby: Operace přerušena
Verze bezpečnostních informací: 1.417.359.0;1.417.359.0
Verze modulu: 1.1.24070.3
Date: 2024-08-29 15:27:12
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80501102
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Verze bezpečnostních informací: 1.417.375.0;1.417.375.0
Verze modulu: 1.1.24070.3
CodeIntegrity:
===============
Date: 2024-08-29 15:31:02
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume4\Programy\mbamsi64.dll that did not meet the Windows signing level requirements.
Date: 2024-08-29 15:30:48
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Programy\mbamsi64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. F12 08/13/2019
Motherboard: Gigabyte Technology Co., Ltd. H310M S2 2.0
Processor: Intel(R) Core(TM) i3-9100F CPU @ 3.60GHz
Percentage of memory in use: 35%
Total physical RAM: 16328.12 MB
Available physical RAM: 10573.07 MB
Total Virtual: 18760.12 MB
Available Virtual: 12188.28 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:118.7 GB) (Free:10.38 GB) (Model: Apacer AS350 128GB) NTFS
Drive d: (Instalace) (Fixed) (Total:931.5 GB) (Free:442.47 GB) (Model: TOSHIBA HDWD110) NTFS
Drive e: (Data) (Fixed) (Total:465.76 GB) (Free:286.63 GB) (Model: WDC WD5000AAKX-60U6AA0) NTFS
Drive f: (Gaming) (Fixed) (Total:953.87 GB) (Free:719.47 GB) (Model: Verbatim Vi550 S3) NTFS
\\?\Volume{6cbf6b1f-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS
\\?\Volume{6cbf6b1f-0000-0000-0000-40b01d000000}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==================== End of Addition.txt =======================
prosím o kontrolu logu z důvodu podivného chování Win. Po startu naskočí hláška , že MicrosoftEdgeUpdateCore.exe execution failure atd... Ikona v liště patří dle zjištění AutoIt v3 Script, což nevím k čemu slouží, ale dočetl jsem se , že to může být havěť. Od chvíle,kdy se začala objevovat tato chybová hláška, po startu na cca 2 sekundy zčerná obraz a pak se opět vše uvede do normálu. Taky se od té doby začal všude tlačit Edge, který jsem nikdy nepoužíval. Prosím proto o kontrolu logu. Děkuju moc
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-11-2024
Ran by Sysel (administrator) on DESKTOP-SRFASFD (Gigabyte Technology Co., Ltd. H310M S2 2.0) (26-11-2024 18:07:18)
Running from C:\Users\Sysel\Desktop\FRST64.exe
Loaded Profiles: Sysel
Platform: Microsoft Windows 10 Pro Version 22H2 19045.5131 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA Overlay.exe <5>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA app\ShadowPlay\nvsphelper64.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <22>
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_a55aa2cd52a3429d\LMS.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MysticLight\MysticLight2_Service.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <4>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ab3196e1830c9b6c\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MysticLight\LEDKeeper.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [YKB 3000 Gaming Keyboard Driver] => C:\Program Files\YKB 3000\YKB 3000 Gaming Keyboard Driver.exe [2039808 2020-11-25] (TODO: <Company name>) [File not signed]
HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14916448 2021-03-26] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\Run: [Gaijin.Net Updater] => "C:\Users\Sysel\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe" (No File)
HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\Run: [MicrosoftEdgeAutoLaunch_034C0662AD04BF19A02F5311BBF66569] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3911240 2024-11-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\RunOnce: [ebhhaeg] => C:\hbcfbdf\AutoIt3.exe [943784 2024-11-02] (AutoIt Consulting Ltd -> AutoIt Team) <==== ATTENTION
HKU\S-1-5-21-11058042-1712766284-1418202981-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Users\Sysel\Desktop\Fliqlo.scr
HKLM\...\Windows x64\Print Processors\Canon TS5300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDFO.DLL [509952 2019-07-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS5300 series: C:\WINDOWS\system32\CNMLMFO.DLL [940032 2019-07-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\131.0.6778.86\Installer\chrmstp.exe [2024-11-22] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {8CE631C0-84D4-4268-94B7-0997DC47E758} - System32\Tasks\Boom 3D App Updater => C:\Program Files\Global Delight\AppUpdater\Updater.exe [6144 2021-11-12] () [File not signed]
Task: {2B329831-E56C-4318-AE81-88C4F2E99F32} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{04C9A83E-8D4D-4955-9931-D01609CBAEF4} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {DFB16853-632C-4EBE-9ACC-89BB636412A1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {82686FD0-078D-4678-A446-C2CD0A26E58A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A16C8AE8-6669-4C34-90B2-CB35C61E0AE0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {303F1604-45A3-4FCB-9B9A-29DA48A6422A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4EC1F552-1A1F-4890-8CA8-F64E1BB4B71F} - System32\Tasks\MSILEDKeeper_Host => C:\Program Files (x86)\MSI\MysticLight\LEDKeeper.exe [1071760 2019-09-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {5E91275C-A9EF-4879-9BAA-122C513DB5F7} - System32\Tasks\MSISW_Host => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {C350D121-2E30-49DD-879E-848F36BEC3CD} - System32\Tasks\NVIDIA app SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA app.exe [3333672 2024-11-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {92B46CD6-86BB-4371-85B3-38DA420599B9} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4820E98F-546D-4524-ACF1-DD6817B31658} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{2ef07428-8c3a-4cc7-a4ec-a24488856898}: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{d229fd38-bcf5-4aed-a4e4-fe3774f964d9}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{d229fd38-bcf5-4aed-a4e4-fe3774f964d9}: [DhcpDomain] home
Tcpip\..\Interfaces\{d229fd38-bcf5-4aed-a4e4-fe3774f964d9}\55053413630363036353: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{d229fd38-bcf5-4aed-a4e4-fe3774f964d9}\55053413630363036353: [DhcpDomain] docsis.vodafone.cz
Tcpip\..\Interfaces\{d229fd38-bcf5-4aed-a4e4-fe3774f964d9}\F423D294E6475627E65647D25374D2838333: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{d229fd38-bcf5-4aed-a4e4-fe3774f964d9}\F423D294E6475627E65647D25374D2838333: [DhcpDomain] home
Tcpip\..\Interfaces\{d229fd38-bcf5-4aed-a4e4-fe3774f964d9}\F423D294E6475627E65647D2735343: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{d229fd38-bcf5-4aed-a4e4-fe3774f964d9}\F423D294E6475627E65647D2735343D25374: [DhcpNameServer] 10.0.0.138
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Sysel\AppData\Local\Microsoft\Edge\User Data\Default [2024-11-26]
Edge Extension: (Dokumenty Google offline) - C:\Users\Sysel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-31]
Edge Extension: (Edge relevant text changes) - C:\Users\Sysel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-04]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Default [2024-11-26]
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.cz/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Překladač Google) - C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2024-09-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-03]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-11-26]
CHR Extension: (Violentmonkey) - C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jinjaccalgkegednnccohejagnlnfdag [2024-11-03]
CHR Extension: (Morpheon Dark) - C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad [2024-03-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-15]
CHR Profile: C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-08-27]
CHR Profile: C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\System Profile [2024-08-27]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [2568840 2024-07-21] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1874272 2021-03-26] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6840672 2021-03-26] (GOG Sp. z o.o. -> GOG.com)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 MysticLight2_Service; C:\Program Files (x86)\MSI\MysticLight\MysticLight2_Service.exe [34976 2018-12-20] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ab3196e1830c9b6c\Display.NvContainer\NVDisplay.Container.exe [1275024 2024-10-16] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Rockstar Service; D:\Programy\Launcher\RockstarService.exe [2332976 2021-10-24] (Rockstar Games, Inc. -> Rockstar Games) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559368 2024-11-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 RTLDHCPService; C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [25560 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [59920 2022-05-31] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [19968 2019-10-17] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 FXVAD; C:\WINDOWS\system32\drivers\fxvad.sys [326656 2022-05-30] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 MDA_NTDRV; C:\WINDOWS\system32\MDA_NTDRV.sys [43664 2023-11-13] (Chongqing NIUBI Technology Co., Ltd. -> )
R3 MpKslf395a729; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7521CACC-CAFE-49DA-8301-6E1658E11F52}\MpKslDrv.sys [267552 2024-11-25] (Microsoft Windows -> Microsoft Corporation)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\MysticLight\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 RTCore64; D:\Programy\MSI Afterburner\RTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22104 2024-10-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [606624 2024-10-31] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105888 2024-10-31] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-11-26 18:07 - 2024-11-26 18:07 - 000015795 _____ C:\Users\Sysel\Desktop\FRST.txt
2024-11-26 18:06 - 2024-11-26 18:06 - 002402816 _____ (Farbar) C:\Users\Sysel\Desktop\FRST64.exe
2024-11-17 17:35 - 2024-11-17 17:42 - 000000000 ____D C:\Users\Sysel\Documents\Assassin's Creed Mirage
2024-11-17 12:34 - 2024-11-17 17:51 - 000000111 _____ C:\Output.txt
2024-11-17 12:28 - 2024-11-17 12:28 - 000003834 _____ C:\WINDOWS\system32\Tasks\NVIDIA app SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-11-17 12:28 - 2024-11-08 01:29 - 003074088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2024-11-17 12:28 - 2024-11-08 01:29 - 002369064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2024-11-15 17:54 - 2024-11-15 17:54 - 000000000 ___HD C:\$WinREAgent
2024-11-11 17:28 - 2024-11-11 17:28 - 007826444 _____ C:\Users\Sysel\Documents\DESKTOP-SRFASFD.arn
2024-11-02 17:38 - 2024-11-02 17:38 - 023848001 _____ C:\Users\Sysel\Desktop\sims-4-updater-v1.4.1.exe
2024-11-02 15:14 - 2024-11-02 15:14 - 000000000 ___HD C:\temp
2024-11-02 15:14 - 2024-11-02 15:14 - 000000000 ___HD C:\hbcfbdf
2024-11-02 15:12 - 2024-11-02 15:12 - 000000000 ____D C:\Users\Sysel\AppData\Roaming\danc
2024-10-30 19:04 - 2024-10-30 19:04 - 000000851 _____ C:\Users\Public\Desktop\Until Dawn.lnk
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-11-26 18:07 - 2024-08-27 16:23 - 000000000 ____D C:\FRST
2024-11-26 18:05 - 2021-04-15 18:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-11-25 22:36 - 2023-07-15 20:09 - 000000000 ____D C:\ProgramData\NVIDIA
2024-11-25 20:11 - 2023-11-11 08:55 - 000000757 _____ C:\Users\Sysel\Desktop\TS4_x64 (always offline).lnk
2024-11-25 20:11 - 2022-06-13 17:19 - 000000000 ____D C:\Users\Sysel\AppData\Local\CrashDumps
2024-11-24 23:00 - 2021-04-15 17:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-11-24 13:29 - 2021-12-18 17:35 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-11-24 13:28 - 2020-09-27 08:58 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-11-24 13:21 - 2021-04-15 17:43 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-11-24 13:21 - 2021-04-15 17:43 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-11-24 12:31 - 2021-04-15 18:36 - 000000000 ___HD C:\Program Files\WindowsApps
2024-11-24 12:31 - 2021-04-15 18:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-11-22 19:24 - 2020-11-18 17:00 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-11-19 20:21 - 2021-04-15 18:35 - 000000000 ____D C:\WINDOWS\INF
2024-11-18 17:43 - 2021-04-15 17:52 - 000000000 ____D C:\Users\Sysel\AppData\Local\D3DSCache
2024-11-18 17:32 - 2021-04-15 18:37 - 000716874 _____ C:\WINDOWS\system32\perfh005.dat
2024-11-18 17:32 - 2021-04-15 18:37 - 000145052 _____ C:\WINDOWS\system32\perfc005.dat
2024-11-18 17:32 - 2021-04-15 17:53 - 001693568 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-11-18 17:29 - 2023-10-07 15:01 - 000000446 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2024-11-18 17:27 - 2023-07-15 19:50 - 000001134 _____ C:\WINDOWS\system32\config\VSMIDK
2024-11-18 17:27 - 2021-04-15 18:32 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-11-18 17:27 - 2021-04-15 17:42 - 000404104 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-11-18 17:27 - 2021-04-15 17:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-11-18 17:27 - 2020-09-27 06:55 - 000008192 ___SH C:\DumpStack.log.tmp
2024-11-18 17:26 - 2023-10-07 14:55 - 000000000 ____D C:\Program Files\Hyper-V
2024-11-18 17:26 - 2023-07-15 20:09 - 000000000 ___SD C:\WINDOWS\system32\lxss
2024-11-18 17:26 - 2021-04-15 18:36 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-11-18 17:26 - 2021-04-15 18:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-11-18 17:26 - 2021-04-15 18:36 - 000000000 ____D C:\WINDOWS\SystemResources
2024-11-18 17:26 - 2021-04-15 18:36 - 000000000 ____D C:\WINDOWS\system32\setup
2024-11-18 17:26 - 2021-04-15 18:36 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-11-18 17:26 - 2021-04-15 18:36 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-11-18 17:26 - 2021-04-15 18:36 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-11-18 17:26 - 2021-04-15 18:36 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-11-18 17:26 - 2021-04-15 18:36 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-11-18 17:26 - 2021-04-15 18:36 - 000000000 ____D C:\WINDOWS\DiagTrack
2024-11-18 17:26 - 2021-04-15 18:36 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-11-18 17:26 - 2021-04-15 18:36 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-11-17 15:16 - 2020-12-31 11:43 - 000000000 ____D C:\Users\Sysel\Documents\The Witcher 3
2024-11-17 14:43 - 2022-02-27 18:48 - 000000000 ____D C:\Users\Sysel\AppData\Roaming\qBittorrent
2024-11-17 12:31 - 2021-09-01 12:04 - 000000000 ____D C:\Users\Sysel\AppData\Local\NVIDIA Corporation
2024-11-17 12:28 - 2023-07-15 20:09 - 000000000 ____D C:\Users\Sysel\AppData\Local\NVIDIA
2024-11-17 12:28 - 2023-07-15 20:09 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2024-11-17 12:28 - 2023-07-15 20:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2024-11-17 12:28 - 2021-04-16 17:26 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2024-11-17 12:28 - 2021-04-16 17:26 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2024-11-15 18:05 - 2021-04-15 18:33 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-11-15 18:02 - 2021-04-15 17:44 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-11-15 17:53 - 2021-04-17 14:31 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-11-15 17:51 - 2021-04-17 14:31 - 202035632 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-11-11 17:48 - 2021-04-15 18:36 - 000000000 ____D C:\WINDOWS\appcompat
2024-11-08 01:29 - 2023-07-15 20:09 - 000270888 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2024-11-08 01:29 - 2023-07-15 20:09 - 000245288 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2024-11-08 01:09 - 2024-08-24 19:32 - 000180760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2024-11-08 01:09 - 2024-08-24 19:32 - 000159768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2024-11-08 01:08 - 2024-08-24 19:32 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2024-11-02 17:42 - 2022-08-28 10:27 - 000000000 ____D C:\Users\Sysel\AppData\Local\anadius
2024-11-02 15:12 - 2020-11-29 17:52 - 000000000 ____D C:\Users\Sysel\Documents\My Games
2024-10-31 21:29 - 2021-04-15 17:42 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-10-30 15:19 - 2021-02-21 19:46 - 000000839 _____ C:\Users\Sysel\Desktop\Grand Theft Auto V.lnk
2024-10-27 18:15 - 2020-12-31 15:10 - 000000919 _____ C:\Users\Sysel\Desktop\Assassins Creed Origins.lnk
2024-10-27 10:45 - 2024-09-24 20:33 - 000000000 ____D C:\Users\Sysel\Desktop\sims saves
==================== Files in the root of some directories ========
2022-07-25 20:38 - 2022-07-27 11:02 - 000000813 _____ () C:\Users\Sysel\AppData\Roaming\DESKTOP-SRFASFD.MTBF.txt
2021-05-01 18:41 - 2021-05-01 18:46 - 000012288 _____ () C:\Users\Sysel\AppData\Roaming\emp.bin
2023-11-10 10:28 - 2023-11-10 10:35 - 000000016 _____ () C:\Users\Sysel\AppData\Roaming\msregsvv.dll
2023-07-15 21:27 - 2023-07-15 21:27 - 000000291 _____ () C:\Users\Sysel\AppData\Local\ledConfiguration.config
2023-07-15 21:27 - 2023-07-15 21:42 - 000000747 _____ () C:\Users\Sysel\AppData\Local\NvidiaLEDVisualizer.config
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-11-2024
Ran by Sysel (26-11-2024 18:08:43)
Running from C:\Users\Sysel\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.5131 (X64) (2021-04-15 16:52:26)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-11058042-1712766284-1418202981-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-11058042-1712766284-1418202981-503 - Limited - Disabled)
Guest (S-1-5-21-11058042-1712766284-1418202981-501 - Limited - Disabled)
Sysel (S-1-5-21-11058042-1712766284-1418202981-1001 - Administrator - Enabled) => C:\Users\Sysel
WDAGUtilityAccount (S-1-5-21-11058042-1712766284-1418202981-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
A Sharper Scaling version 1.2 (HKLM-x32\...\{7CFADE53-9599-48C5-9FE3-689E56C1D96B}_is1) (Version: 1.2 - )
Aplikace NVIDIA 11.0.1.163 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NvApp) (Version: 11.0.1.163 - NVIDIA Corporation)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Audacity 3.4.2 (HKLM\...\Audacity_is1) (Version: 3.4.2 - Audacity Team)
BS.Player PRO (HKLM-x32\...\BSPlayerp) (Version: 2.74.1085 - AB Team, d.o.o.)
Creative Pack Volume 1 (HKLM\...\{997BE27F-A97F-4EF4-B841-D20ABF1CD6DC}) (Version: 4.0.0 - Corel Corporation)
CustomsForge Song Manager - Latest Build 1.6.0.1 (HKLM-x32\...\58F35625-541C-493A-A289-4B2D362DAFE0_is1) (Version: 1.6.0.1 - CustomsForge)
Days Gone (HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\FLT_Days Gone) (Version: - )
Dazzle Video Capture DVC100 X64 Driver 1.08 (HKLM-x32\...\{FB4B9EB9-68B2-4C42-8C38-B65F8FE5A5CA}) (Version: 1.08.0000 - Pinnacle)
Dynamic Application Loader Host Interface Service (HKLM\...\{F8197FEC-9FA0-4488-AC9D-38E67D58FDAC}) (Version: 1.0.0.0 - Intel Corporation) Hidden
ENE RGB HAL (HKLM\...\{B380DBDE-BA95-481B-92E9-52F2E5E84F24}) (Version: 1.00.15 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{adbc3d98-57f2-4d68-b155-138f8fb0f73d}) (Version: 1.00.15 - Ene Tech.) Hidden
ENE_DRAM_RGB_AURA42 (HKLM\...\{BC5E0A82-C638-44CB-8129-20C8ED70DE7A}) (Version: 1.00.02 - Ene Tech.) Hidden
ENE_DRAM_RGB_AURA42 (HKLM-x32\...\{f3d7fb09-b93f-4c01-a765-0b0adc5bc746}) (Version: 1.00.02 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{1CD178C9-BB49-4E59-9DA6-3C152E2A9844}) (Version: 1.00.01 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{fe81cfd3-9db4-409d-b0f9-26707d1423c6}) (Version: 1.00.01 - ENE TECHNOLOGY INC.) Hidden
Geeks3D FurMark 1.25.1.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: 1.25.1.0 - Geeks3D)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 131.0.6778.86 - Google LLC)
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.2372.2 - Rockstar Games)
Guitar Rig 6 (HKLM\...\Guitar Rig 6 Pro_is1) (Version: 6.0.3 - Native Instruments & Team V.R)
INDIKA - CZ (HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\INDIKA - CZ) (Version: - )
Intel(R) Chipset Device Software (HKLM\...\{44C34709-F068-4CBC-8A71-515EDBC3B2A6}) (Version: 10.1.18383.8213 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{afad3740-3061-4b48-a9ab-6f1435cb3dd6}) (Version: 10.1.18383.8213 - Intel(R) Corporation)
Intel(R) Icls (HKLM\...\{456B5CCF-722F-4AC9-9490-3C9FCADEEEF2}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) LMS (HKLM\...\{AD1C4C82-ED20-4DD6-A5BA-DA8748D1AF98}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2020.14.0.1600 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{B8179F2A-010B-4F9C-AFA1-FB38E4D387A8}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{BAA8CB3F-7E98-4064-8ED5-3C116C15EF13}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{E22D7631-A5A7-4483-9E20-7C91E447B94C}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Kingdom Come: Deliverance - A Woman's Lot (HKLM-x32\...\1460218995_is1) (Version: 1.9.6-404-504czj3 - GOG.com)
Kingdom Come: Deliverance – Band of Bastards (HKLM-x32\...\1957357825_is1) (Version: 1.9.6-404-504czj3 - GOG.com)
Kingdom Come: Deliverance – From the Ashes (HKLM-x32\...\1201995925_is1) (Version: 1.9.6-404-504czj3 - GOG.com)
Kingdom Come: Deliverance – The Amorous Adventures of Bold Sir Hans Capon (HKLM-x32\...\1336069439_is1) (Version: 1.9.6-404-504czj3 - GOG.com)
Kingdom Come: Deliverance (HKLM-x32\...\1719198803_is1) (Version: 1.9.6-404-504czj3 - GOG.com)
Kingdom Come: Deliverance Treasures of the Past DLC (HKLM-x32\...\1300320746_is1) (Version: 1.9.6-404-504czj3 - GOG.com)
Kontrola stavu osobního počítače s Windows (HKLM\...\{95548B78-8547-4E91-B0DA-1CBB82150917}) (Version: 3.7.2204.15001 - Microsoft Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Life is Strange 2 (HKLM-x32\...\Life is Strange 2_is1) (Version: 0.0.0 - DODI-Repacks)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 131.0.2903.63 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 131.0.2903.63 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Czech) 2007 (HKLM-x32\...\{90120000-0015-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Excel MUI (Czech) 2007 (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Czech) 2007 (HKLM-x32\...\{90120000-00BA-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2007 (HKLM-x32\...\{90120000-0044-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (HKLM\...\{90120000-002A-0000-1000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2007 (HKLM-x32\...\{90120000-00A1-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2007 (HKLM-x32\...\{90120000-001A-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2007 (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proof (Czech) 2007 (HKLM-x32\...\{90120000-001F-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2007 (HKLM-x32\...\{90120000-001F-041B-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2007 (HKLM-x32\...\{90120000-002C-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2007 (HKLM-x32\...\{90120000-0019-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2007 (HKLM\...\{90120000-002A-0405-1000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2007 (HKLM-x32\...\{90120000-006E-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2007 (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33135 (HKLM-x32\...\{c649ede4-f16a-4486-a117-dcc2f2a35165}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.38.33135 (HKLM-x32\...\{46c3b171-c15c-4137-8e1d-67eeb2985b44}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33135 (HKLM\...\{19AFE054-CA83-45D5-A9DB-4108EF4BD391}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33135 (HKLM\...\{AA0C8AB5-7297-4D46-A0D9-08096FE59E46}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.38.33135 (HKLM-x32\...\{9C19C103-7DB1-44D1-A039-2C076A633A38}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.38.33135 (HKLM-x32\...\{286DC39B-5FB7-4AFF-9DD4-22DB47664CD7}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Minimal ADB and Fastboot version 1.4.3 (HKLM-x32\...\{B561660D-8B3C-491D-9E3E-293F14FCAADA}_is1) (Version: 1.4.3 - Samuel Rodberg)
Modern Warfare Remastered v.1.15.1251288.0 (HKLM-x32\...\{6033673D-2930-7711-3AD2-EB059FC263F9}_is1) (Version: - RePack by Canek77)
MSI Afterburner 4.6.4 Beta 3 (HKLM-x32\...\Afterburner) (Version: 4.6.4 Beta 3 - MSI Co., LTD)
MSI MysticLight (HKLM-x32\...\{93874B70-6C5E-446A-AF4D-E5AC776A0386}}_is1) (Version: 3.0.0.70 - MSI)
NewBlue Effects (HKLM\...\{C68BAB1A-C7DF-4D81-83FC-981B31921924}) (Version: 2.1.0 - Corel Corporation)
NVIDIA FrameView SDK 1.4.10624.35034762 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.4.10624.35034762 - NVIDIA Corporation)
NVIDIA LED Visualizer 1.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.LEDVisualizer) (Version: 1.3 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 566.03 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 566.03 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
Paint Shop Pro 7 ESD (HKLM-x32\...\{D6DE02C7-1F47-11D4-9515-00105AE4B89A}) (Version: 7.0.0.0000 - Jasc Software Inc)
qBittorrent (HKLM-x32\...\qBittorrent) (Version: 4.6.0 - The qBittorrent project)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.46.1231.2020 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
Red Dead Redemption 2 (HKLM-x32\...\Red Dead Redemption 2_is1) (Version: - )
RivaTuner Statistics Server 7.3.2 Beta 2 (HKLM-x32\...\RTSS) (Version: 7.3.2 Beta 2 - Unwinder)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.49.529 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.9.3 - Rockstar Games)
Sapphire TRIXX 8.6.0 (HKLM-x32\...\{49272457-BEDE-4A3A-808F-7BBD4840E85B}_is1) (Version: 8.6.0 - Sapphire)
ScoreFitter Volumes 1-2 (HKLM\...\{5CA29919-6361-4A17-91C5-6819E43794B1}) (Version: 3.0 - Corel Corporation)
Sims 4 Mod Manager version b1.0.9 (HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\{0A555FCD-A8E3-47F6-B776-033D8017BFDC}_is1) (Version: b1.0.9 - GameTimeDev)
The Quarry (HKLM-x32\...\The Quarry_is1) (Version: - )
The Quarry CZ (HKLM-x32\...\The Quarry CZ) (Version: - )
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.99.305.1020 - Electronic Arts Inc.)
The Witcher 3: Wild Hunt - Game of the Year Edition (HKLM-x32\...\1495134320_is1) (Version: 4.02_Hotfix - GOG.com)
Title Extreme (HKLM\...\{3B519225-B4B2-40B7-A431-3C6AAE2831B4}) (Version: 3.0 - Corel Corporation)
TP-Link Archer T2U Plus Driver (HKLM-x32\...\{D646A985-33A6-4D98-973F-44CC267BD834}) (Version: 2.1.0 - TP-Link)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Until Dawn (HKLM-x32\...\Until Dawn_is1) (Version: - )
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
Wondershare Filmora 11(Build 11.0.10.2) (HKLM\...\Wondershare Filmora 11_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
YKB 3000 Gaming Keyboard Driver (HKLM-x32\...\YKB 3000 Gaming Keyboard Driver) (Version: V1.01n - YENKEE)
Chrome apps:
============
YouTube Music (HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\7d0759e527abc1afd161532a334cc2fe) (Version: 1.0 - Google\Chrome)
Packages:
=========
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2023-11-16] (Canon Inc.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-07-25] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-04-16] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-04-16] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-10-23] (NVIDIA Corp.)
Pantone Color of the Year 2022 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.PantoneColoroftheYear2022_1.0.0.0_neutral__8wekyb3d8bbwe [2023-11-06] (Microsoft Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.20.235.0_x64__dt26b99r8h8gj [2023-06-10] (Realtek Semiconductor Corp)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-11058042-1712766284-1418202981-1001_Classes\CLSID\{e1a7f602-67b7-44f7-ad19-439e41f06cd8}\localserver32 -> "C:\Program Files\Global Delight\Boom 3D\Boom3D.exe" -ToastActivated => No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ab3196e1830c9b6c\nvshext.dll [2024-10-16] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\WINDOWS\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2010-11-23] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2010-11-23] (Electronic Arts -> On2.com)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_cinhimbnkkaeohfgghhklpknlkffjgod\YouTube Music.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cinhimbnkkaeohfgghhklpknlkffjgod
ShortcutWithArgument: C:\Users\Sysel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube Music.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cinhimbnkkaeohfgghhklpknlkffjgod
ShortcutWithArgument: C:\Users\Sysel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\YouTube Music.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cinhimbnkkaeohfgghhklpknlkffjgod
==================== Loaded Modules (Whitelisted) =============
2023-07-15 21:55 - 2017-08-02 13:48 - 000237568 _____ () [File not signed] C:\Program Files (x86)\MSI\MysticLight\LEDControl.dll
2020-01-13 12:51 - 2020-01-13 12:51 - 000210432 _____ () [File not signed] C:\Program Files\ENE\Aac_ENE RGB HAL\x86\AacHal_x86.dll
2019-10-22 01:16 - 2019-10-22 01:16 - 000264704 _____ () [File not signed] C:\Program Files\ENE\Aac_ENE RGB HAL\x86\SB_SMBUS_SDK.dll
2019-11-06 13:09 - 2019-11-06 13:09 - 000190976 _____ () [File not signed] C:\Program Files\ENE\Aac_ENE_DRAM_RGB_AURA42\x86\AacHal_x86.dll
2019-06-28 09:51 - 2019-06-28 09:51 - 000184832 _____ () [File not signed] C:\Program Files\ENE\Aac_ENE_EHD_M2_HAL\AacHal_x86.dll
2023-07-15 21:55 - 2018-11-14 22:08 - 002200784 _____ (Dexin Corp -> MICRO-STAR INTERNATIONAL) [File not signed] C:\Program Files (x86)\MSI\MysticLight\IcMSIDll.dll
2021-04-16 17:07 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2024-11-17 12:28 - 2024-11-17 12:28 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\PlugIns\NVIDIA app\MessageBusRouter.dll] C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\PlugIns\NVIDIA Overlay\MessageBusRouter.dll
2024-11-17 12:28 - 2024-11-17 12:28 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA app\MessageBus\NvMessageBusBroadcast.dll] C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\NvMessageBusBroadcast.dll
2023-07-15 21:55 - 2016-10-03 12:43 - 000399872 _____ (TODO: <公司名稱>) [File not signed] C:\Program Files (x86)\MSI\MysticLight\Lib\SDKDLL.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2021-04-15 18:36 - 2024-08-27 18:05 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
2023-10-07 15:01 - 2024-11-18 17:29 - 000000446 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
172.26.192.1 DESKTOP-SRFASFD.mshome.net # 2029 11 6 17 16 29 45 403
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-11058042-1712766284-1418202981-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sysel\Pictures\wallpaper-mania.com_High_resolution_wallpaper_background_ID_77700001659.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi 3: TP-Link Wireless USB Adapter -> rtwlanu.sys
vEthernet (Default Switch): Hyper-V Virtual Ethernet Adapter -> VmsProxyHNic.sys
Ethernet: Realtek Gaming GbE Family Controller -> rt640x64.sys
vms_vsf: Hyper-V Virtual Switch Extension Filter
ms_vfpext: Microsoft Azure VFP Switch Extension
vms_vsp: Hyper-V Virtual Switch Extension Protocol
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "YKB 3000 Gaming Keyboard Driver"
HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\StartupApproved\StartupFolder: => "Boom3D.lnk"
HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\StartupApproved\Run: => "GogGalaxy"
HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_034C0662AD04BF19A02F5311BBF66569"
HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\StartupApproved\Run: => "WarThunderLauncher"
HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\StartupApproved\Run: => "Gaijin.Net Updater"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{C4C5FBC2-D058-4C3E-B956-5616A11F3565}] => (Allow) D:\Programy\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3A28D871-FD36-4243-9651-597AA33A826C}] => (Allow) D:\Programy\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{F7B0B944-B267-4D80-8CE6-B94DF75B746D}] => (Allow) D:\Programy\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7BF9B97D-51F3-43BF-977E-6E9CFFE0B487}] => (Allow) D:\Programy\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{762B8DC1-B6F3-4217-B868-6BBFB2501B58}] => (Allow) D:\Programy\Steam\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [{FC341532-D3FA-489F-A0CC-C86EF585F0A6}] => (Allow) D:\Programy\Steam\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [TCP Query User{689E6190-A0CF-4D0A-A189-761E02E1D4CE}D:\hry\grand theft auto v\gta5.exe] => (Block) D:\hry\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) [File not signed]
FirewallRules: [UDP Query User{559DB2A7-0A44-49A4-9716-FCCA6F92DEB6}D:\hry\grand theft auto v\gta5.exe] => (Block) D:\hry\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) [File not signed]
FirewallRules: [{C694B2A3-AA51-49DC-9847-00A31CC018F9}] => (Allow) LPort=1542
FirewallRules: [{EFA625FA-4A5C-46C3-B8B4-A200C5470FBF}] => (Allow) LPort=1542
FirewallRules: [{37153D3B-B556-4E1C-A738-820CC63E772D}] => (Allow) LPort=53
FirewallRules: [{CBF19A06-A456-4C54-A371-FA3CF28E4C53}] => (Allow) LPort=53
FirewallRules: [{7BA01785-BBEC-4FDD-B5CD-77582B42636E}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{C6CFAB22-6647-421B-A7A2-5AF6B3236466}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{4EB754EA-5E5F-4955-A908-A1D2FC9C2D57}] => (Allow) D:\Programy\Steam\steamapps\common\Rocksmith2014\Rocksmith2014.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{BFE63AB1-9C3B-4360-B4D4-4C0E3877C37A}] => (Allow) D:\Programy\Steam\steamapps\common\Rocksmith2014\Rocksmith2014.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{206093AF-1F37-4FBA-85A3-FCEAE906ADC7}] => (Allow) D:\Hry\Red Dead Redemption 2\RDR2.exe (Rockstar Games) [File not signed]
FirewallRules: [{6D4EF899-4E64-45BD-BFE6-C0527007AD17}] => (Allow) D:\Hry\Red Dead Redemption 2\RDR2.exe (Rockstar Games) [File not signed]
FirewallRules: [TCP Query User{B8B7503B-D1BF-4419-BD3A-6E1899DD18D7}D:\hry\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Block) D:\hry\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe => No File
FirewallRules: [UDP Query User{2FF3FAE1-F2A3-44A5-A6CA-D49B8CE54C74}D:\hry\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Block) D:\hry\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe => No File
FirewallRules: [{9E8A40A0-10E9-41F0-92F6-FE2AD5C5DF89}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{E7323F3B-BF56-47EC-A91C-2487934CC1C3}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [TCP Query User{113875F6-83C9-4690-A0F7-ED6E88B666F7}D:\hry\polylithic.early.access\polylithic.early.access\polylithic.exe] => (Block) D:\hry\polylithic.early.access\polylithic.early.access\polylithic.exe () [File not signed]
FirewallRules: [UDP Query User{8DFE5DD2-F82F-4F80-9802-979E63EFBB3D}D:\hry\polylithic.early.access\polylithic.early.access\polylithic.exe] => (Block) D:\hry\polylithic.early.access\polylithic.early.access\polylithic.exe () [File not signed]
FirewallRules: [TCP Query User{316CBD2F-67BA-4B56-B721-2E05AE7D3660}F:\heavy rain\heavyrain.exe] => (Block) F:\heavy rain\heavyrain.exe => No File
FirewallRules: [UDP Query User{250F37B0-B3EB-4D05-80F9-96A2A1DB09C2}F:\heavy rain\heavyrain.exe] => (Block) F:\heavy rain\heavyrain.exe => No File
FirewallRules: [TCP Query User{D979709A-D374-4383-B30A-648D667F76C3}F:\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) F:\kingdom come deliverance\bin\win64\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [UDP Query User{E1D70A88-B79B-48DF-8D79-8F10FE670566}F:\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) F:\kingdom come deliverance\bin\win64\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [TCP Query User{5CB9EF81-8469-44F0-A6CF-78F394BB2FE5}F:\warthunder\launcher.exe] => (Allow) F:\warthunder\launcher.exe => No File
FirewallRules: [UDP Query User{5352F5E2-7DC8-4569-9AD6-1829C15337EE}F:\warthunder\launcher.exe] => (Allow) F:\warthunder\launcher.exe => No File
FirewallRules: [{F0E3DC85-5C4B-43EF-AF1A-827DA713744F}] => (Block) F:\warthunder\launcher.exe => No File
FirewallRules: [{4400C81F-418C-4FDB-9ACC-389B3AABC93F}] => (Block) F:\warthunder\launcher.exe => No File
FirewallRules: [TCP Query User{C00B1D58-93E6-4AD5-AFEE-25910E13EE3E}F:\warthunder\win64\aces.exe] => (Allow) F:\warthunder\win64\aces.exe => No File
FirewallRules: [UDP Query User{E760827B-6D97-4D9F-A654-02F8CBC7A484}F:\warthunder\win64\aces.exe] => (Allow) F:\warthunder\win64\aces.exe => No File
FirewallRules: [{A4805F95-866C-469E-89BC-FEEEE08E3064}] => (Block) F:\warthunder\win64\aces.exe => No File
FirewallRules: [{AC1B2455-B576-4554-ADD9-13BC02AC97E6}] => (Block) F:\warthunder\win64\aces.exe => No File
FirewallRules: [{9AC72441-5C34-4BE5-92EB-601AD4350D8A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.132.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CA9B5064-7DAC-4B58-8CFD-CCEAC84ED890}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.132.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CD794101-1E14-4856-B076-A80E5AC2707C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.132.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7C27E85E-86D2-49AC-BC02-2F9E0E6EBDA2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.132.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F90A7E2E-5A20-4311-AE7E-A297BD58BA00}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E3405049-8C8E-44FA-A8BE-BDDD7F810D91}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.63\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{90763C9C-EB48-4D90-95D8-ADEE8B04D92B}] => (Allow) LPort=26820
FirewallRules: [{FE7D018A-EDCF-4EE5-94EB-120C29D965E8}] => (Allow) LPort=26822
==================== Restore Points =========================
07-11-2024 18:40:13 Naplánovaný kontrolní bod
15-11-2024 17:53:42 Instalační služba modulů systému Windows
24-11-2024 13:23:58 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (11/25/2024 08:11:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: TS4_x64.exe, verze: 1.110.294.1020, časové razítko: 0x671acc0a
Název chybujícího modulu: TS4_x64.exe, verze: 1.110.294.1020, časové razítko: 0x671acc0a
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000535d57
ID chybujícího procesu: 0x20fc
Čas spuštění chybující aplikace: 0x01db3f6c4d04ef83
Cesta k chybující aplikaci: F:\The Sims 4\Game\Bin\TS4_x64.exe
Cesta k chybujícímu modulu: F:\The Sims 4\Game\Bin\TS4_x64.exe
ID zprávy: f8b1d33a-cdc4-438f-9aba-767e5754df65
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/22/2024 10:20:14 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Instalace (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (11/22/2024 09:54:04 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Data (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (11/17/2024 03:22:53 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro F:\Grim Dawn\crashreporter.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.4355_none_a865f0c28672571c.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.4355_none_60b8b9eb71f62e16.manifest.
Error: (11/17/2024 12:28:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: nvcontainer.exe, verze: 1.40.3345.4032, časové razítko: 0x653a1567
Název chybujícího modulu: nvcontainer.exe, verze: 1.40.3345.4032, časové razítko: 0x653a1567
Kód výjimky: 0xc0000409
Posun chyby: 0x0000000000094e05
ID chybujícího procesu: 0x1238
Čas spuštění chybující aplikace: 0x01db3456cd7ce14e
Cesta k chybující aplikaci: C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
Cesta k chybujícímu modulu: C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
ID zprávy: 4574a44b-e1ed-47b3-b1cb-00213eb5a8b1
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/17/2024 12:17:57 PM) (Source: Microsoft-Windows-CertificateServicesClient) (EventID: 1003) (User: NT AUTHORITY)
Description: U klienta Certifikační služby se nezdařilo vyvolat poskytovatele jako odpověď na událost 256. Kód chyby 2147942593.
Error: (11/17/2024 12:17:57 PM) (Source: Microsoft-Windows-CertificateServicesClient) (EventID: 1001) (User: NT AUTHORITY)
Description: U klienta Certifikační služby se nezdařilo načíst poskytovatele pautoenr.dll. Kód chyby 193.
Error: (11/16/2024 10:21:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: TS4_x64.exe, verze: 1.110.294.1020, časové razítko: 0x671acc0a
Název chybujícího modulu: TS4_x64.exe, verze: 1.110.294.1020, časové razítko: 0x671acc0a
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000001cf4338
ID chybujícího procesu: 0x3418
Čas spuštění chybující aplikace: 0x01db386c92cab5ac
Cesta k chybující aplikaci: F:\The Sims 4\Game\Bin\TS4_x64.exe
Cesta k chybujícímu modulu: F:\The Sims 4\Game\Bin\TS4_x64.exe
ID zprávy: 845646a3-da0a-4b0e-99ee-02e20fd4c06f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (11/26/2024 05:46:43 PM) (Source: TPM) (EventID: 15) (User: )
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.
Error: (11/25/2024 08:11:25 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-SRFASFD)
Description: Server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/25/2024 08:01:04 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-SRFASFD)
Description: Server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/25/2024 07:07:26 PM) (Source: TPM) (EventID: 15) (User: )
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.
Error: (11/24/2024 09:48:47 PM) (Source: TPM) (EventID: 15) (User: )
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.
Error: (11/24/2024 07:30:48 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-SRFASFD)
Description: Server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/24/2024 02:57:30 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-SRFASFD)
Description: Server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/24/2024 12:46:06 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-SRFASFD)
Description: Server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
================
Date: 2024-11-24 13:24:42
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {6B2158AA-5A57-48F0-AE81-EB6EDFD489E4}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-11-22 21:54:00
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {00CF20B6-144E-45C6-9045-6935D59C4168}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-11-22 19:06:36
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D93E7028-84D0-47B0-A123-C048520CD8CC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-11-18 16:40:26
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {34C848A3-5B4B-495C-82BA-7FE09E372C72}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-11-17 00:31:22
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D6BAAFF3-6660-4BA0-9058-09B3FC23D4CD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:
Date: 2024-09-08 09:30:23
Description:
Antivirová ochrana v programu Microsoft Defender narazil na kritickou chybu při provádění akce s malwarem nebo jiným potenciálně nežádoucím softwarem.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: VirTool:Win32/Obfuscator.XZ
Závažnost: Vážné
Kategorie: Nástroj
Cesta: file:_G:\SOFTWARE\!!!CRACK!!!\rld.dll
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Akce: Karanténa
Stav akce: No additional actions required
Kód chyby: 0x80070005
Popis chyby: Přístup byl odepřen.
Verze bezpečnostních informací: AV: 1.417.569.0, AS: 1.417.569.0, NIS: 1.417.569.0
Verze modulu: AM: 1.1.24070.3, NIS: 1.1.24070.3
Date: 2024-09-08 09:28:34
Description:
Antivirová ochrana v programu Microsoft Defender narazil na kritickou chybu při provádění akce s malwarem nebo jiným potenciálně nežádoucím softwarem.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: VirTool:Win32/Obfuscator.XZ
Závažnost: Vážné
Kategorie: Nástroj
Cesta: file:_G:\SOFTWARE\!!!CRACK!!!\rld.dll
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Akce: Karanténa
Stav akce: No additional actions required
Kód chyby: 0x80070005
Popis chyby: Přístup byl odepřen.
Verze bezpečnostních informací: AV: 1.417.569.0, AS: 1.417.569.0, NIS: 1.417.569.0
Verze modulu: AM: 1.1.24070.3, NIS: 1.1.24070.3
Date: 2024-09-08 09:21:25
Description:
Antivirová ochrana v programu Microsoft Defender narazil na kritickou chybu při provádění akce s malwarem nebo jiným potenciálně nežádoucím softwarem.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: VirTool:Win32/Obfuscator.XZ
Závažnost: Vážné
Kategorie: Nástroj
Cesta: file:_G:\SOFTWARE\!!!CRACK!!!\rld.dll
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Akce: Karanténa
Stav akce: No additional actions required
Kód chyby: 0x80070005
Popis chyby: Přístup byl odepřen.
Verze bezpečnostních informací: AV: 1.417.569.0, AS: 1.417.569.0, NIS: 1.417.569.0
Verze modulu: AM: 1.1.24070.3, NIS: 1.1.24070.3
Date: 2024-08-29 15:27:12
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Zálohování
Kód chyby: 0x80004004
Popis chyby: Operace přerušena
Verze bezpečnostních informací: 1.417.359.0;1.417.359.0
Verze modulu: 1.1.24070.3
Date: 2024-08-29 15:27:12
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80501102
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Verze bezpečnostních informací: 1.417.375.0;1.417.375.0
Verze modulu: 1.1.24070.3
CodeIntegrity:
===============
Date: 2024-08-29 15:31:02
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume4\Programy\mbamsi64.dll that did not meet the Windows signing level requirements.
Date: 2024-08-29 15:30:48
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Programy\mbamsi64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. F12 08/13/2019
Motherboard: Gigabyte Technology Co., Ltd. H310M S2 2.0
Processor: Intel(R) Core(TM) i3-9100F CPU @ 3.60GHz
Percentage of memory in use: 35%
Total physical RAM: 16328.12 MB
Available physical RAM: 10573.07 MB
Total Virtual: 18760.12 MB
Available Virtual: 12188.28 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:118.7 GB) (Free:10.38 GB) (Model: Apacer AS350 128GB) NTFS
Drive d: (Instalace) (Fixed) (Total:931.5 GB) (Free:442.47 GB) (Model: TOSHIBA HDWD110) NTFS
Drive e: (Data) (Fixed) (Total:465.76 GB) (Free:286.63 GB) (Model: WDC WD5000AAKX-60U6AA0) NTFS
Drive f: (Gaming) (Fixed) (Total:953.87 GB) (Free:719.47 GB) (Model: Verbatim Vi550 S3) NTFS
\\?\Volume{6cbf6b1f-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS
\\?\Volume{6cbf6b1f-0000-0000-0000-40b01d000000}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==================== End of Addition.txt =======================