Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Detekován PUAbundler:win32/candyopen

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
syslos
Návštěvník
Návštěvník
Příspěvky: 15
Registrován: 27 srp 2024 16:26

Detekován PUAbundler:win32/candyopen

#1 Příspěvek od syslos »

Dobrý den, prosím o pomoc s odtraněním. Defender sice detekoval, ale stále je aktivní. Děkuji
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-08.2024
Ran by Sysel (administrator) on DESKTOP-SRFASFD (Gigabyte Technology Co., Ltd. H310M S2 2.0) (27-08-2024 17:23:48)
Running from C:\Users\Sysel\Desktop\FRST64.exe
Loaded Profiles: Sysel
Platform: Microsoft Windows 10 Pro Version 22H2 19045.4780 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <34>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_a55aa2cd52a3429d\LMS.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\NisSrv.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MysticLight\MysticLight2_Service.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_78cd02ab022cd554\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MysticLight\LEDKeeper.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [YKB 3000 Gaming Keyboard Driver] => C:\Program Files\YKB 3000\YKB 3000 Gaming Keyboard Driver.exe [2039808 2020-11-25] (TODO: <Company name>) [File not signed]
HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14916448 2021-03-26] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\Run: [MicrosoftEdgeAutoLaunch_034C0662AD04BF19A02F5311BBF66569] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3741224 2024-08-22] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-11058042-1712766284-1418202981-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Users\Sysel\Desktop\Fliqlo.scr
HKLM\...\Windows x64\Print Processors\Canon TS5300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDFO.DLL [509952 2019-07-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS5300 series: C:\WINDOWS\system32\CNMLMFO.DLL [940032 2019-07-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\127.0.6533.122\Installer\chrmstp.exe [2024-08-27] (Google LLC -> Google LLC)
Startup: C:\Users\Sysel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Boom3D.lnk [2022-08-23]
ShortcutTarget: Boom3D.lnk -> C:\Program Files\Global Delight\Boom 3D\Boom3D.exe (No File)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {8CE631C0-84D4-4268-94B7-0997DC47E758} - System32\Tasks\Boom 3D App Updater => C:\Program Files\Global Delight\AppUpdater\Updater.exe [6144 2021-11-12] () [File not signed]
Task: {4ECED520-F214-4D6E-911C-47749677A34A} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem129.0.6651.0{C587A6F8-50DD-48C3-9692-4205BC4B835D} => C:\Program Files (x86)\Google\GoogleUpdater\129.0.6651.0\updater.exe [4906600 2024-08-11] (Google LLC -> Google LLC)
Task: {527440DF-0BF9-411D-8A8E-BA4FE3136370} - System32\Tasks\Microsoft\Windows\NetFramework\Microsoft .NET Framework => C:\Windows\Microsoft.NET\Framework\v3.5\mscorsvw.exe [7885824 2023-03-20] (Microsoft Corporation) [File not signed] <==== ATTENTION
Task: {C8D667DD-43A3-4AB1-9012-BCC88151F93B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E347F493-28AA-4F45-9239-3D80BE308A3B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {150E6AE8-AE84-474B-A219-69AF7712E695} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {04BF5D9E-749E-4990-8DE7-C38F1F9F78FC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4EC1F552-1A1F-4890-8CA8-F64E1BB4B71F} - System32\Tasks\MSILEDKeeper_Host => C:\Program Files (x86)\MSI\MysticLight\LEDKeeper.exe [1071760 2019-09-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {5E91275C-A9EF-4879-9BAA-122C513DB5F7} - System32\Tasks\MSISW_Host => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {9146ADBE-171F-465B-9FB3-D23B03636733} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1277480 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {AF93ECCC-979A-44EB-AAA9-26CA56E57A66} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3347496 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5A161DD9-6B8B-4F85-B021-61B2158FA249} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646696 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {92B46CD6-86BB-4371-85B3-38DA420599B9} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4820E98F-546D-4524-ACF1-DD6817B31658} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0A2B380C-7067-4C03-BF15-48E975114B31} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CD94C078-18F4-4B42-A633-6608163CFD58} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A6FDDF5C-2B2F-4B65-9098-2C5E214D013D} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3CFEAD62-653A-43F3-96B5-8FB17B844F5A} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{2ef07428-8c3a-4cc7-a4ec-a24488856898}: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{d229fd38-bcf5-4aed-a4e4-fe3774f964d9}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{d229fd38-bcf5-4aed-a4e4-fe3774f964d9}: [DhcpDomain] home
Tcpip\..\Interfaces\{d229fd38-bcf5-4aed-a4e4-fe3774f964d9}\55053413630363036353: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{d229fd38-bcf5-4aed-a4e4-fe3774f964d9}\55053413630363036353: [DhcpDomain] docsis.vodafone.cz
Tcpip\..\Interfaces\{d229fd38-bcf5-4aed-a4e4-fe3774f964d9}\F423D294E6475627E65647D25374D2838333: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{d229fd38-bcf5-4aed-a4e4-fe3774f964d9}\F423D294E6475627E65647D25374D2838333: [DhcpDomain] home
Tcpip\..\Interfaces\{d229fd38-bcf5-4aed-a4e4-fe3774f964d9}\F423D294E6475627E65647D2735343: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{d229fd38-bcf5-4aed-a4e4-fe3774f964d9}\F423D294E6475627E65647D2735343D25374: [DhcpNameServer] 10.0.0.138

Edge:
=======
Edge Profile: C:\Users\Sysel\AppData\Local\Microsoft\Edge\User Data\Default [2024-08-27]
Edge Extension: (Dokumenty Google offline) - C:\Users\Sysel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-31]
Edge Extension: (Edge relevant text changes) - C:\Users\Sysel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-04]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Default [2024-08-27]
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.cz/"
CHR Extension: (Překladač Google) - C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2024-07-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-07-01]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-08-24]
CHR Extension: (Violentmonkey) - C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jinjaccalgkegednnccohejagnlnfdag [2024-07-09]
CHR Extension: (Morpheon Dark) - C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad [2024-03-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-15]
CHR Profile: C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-12-10]
CHR Profile: C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\System Profile [2023-12-10]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [2568840 2024-07-21] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1874272 2021-03-26] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6840672 2021-03-26] (GOG Sp. z o.o. -> GOG.com)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpDefenderCoreService.exe [1427024 2024-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 MysticLight2_Service; C:\Program Files (x86)\MSI\MysticLight\MysticLight2_Service.exe [34976 2018-12-20] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_78cd02ab022cd554\Display.NvContainer\NVDisplay.Container.exe [1275016 2024-08-15] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Rockstar Service; D:\Programy\Launcher\RockstarService.exe [2332976 2021-10-24] (Rockstar Games, Inc. -> Rockstar Games) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522096 2024-08-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\NisSrv.exe [3199648 2024-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MsMpEng.exe [133704 2024-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 RTLDHCPService; C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [25560 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [59920 2022-05-31] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2020-10-09] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [19968 2019-10-17] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 FXVAD; C:\WINDOWS\system32\drivers\fxvad.sys [326656 2022-05-30] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 MDA_NTDRV; C:\WINDOWS\system32\MDA_NTDRV.sys [43664 2023-11-13] (Chongqing NIUBI Technology Co., Ltd. -> )
R3 MpKslc9c61f34; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1C39B907-B33A-4909-9617-0687C1C52CCD}\MpKslDrv.sys [271640 2024-08-27] (Microsoft Windows -> Microsoft Corporation)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\MysticLight\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [47240 2024-04-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 RTCore64; D:\Programy\MSI Afterburner\RTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22080 2024-08-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [602504 2024-08-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2024-08-10] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz149; \??\C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys [X] <==== ATTENTION
S3 TRIXX; \??\C:\Users\Sysel\AppData\Local\Temp\TRIXX.sys [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-08-27 17:43 - 2024-08-27 17:18 - 087556096 _____ C:\WINDOWS\system32\config\SOFTWARE
2024-08-27 17:42 - 2024-08-27 17:43 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2024-08-27 17:23 - 2024-08-27 17:24 - 000018782 _____ C:\Users\Sysel\Desktop\FRST.txt
2024-08-27 17:23 - 2024-08-27 17:24 - 000000000 ____D C:\FRST
2024-08-27 17:23 - 2024-08-27 17:23 - 002397184 _____ (Farbar) C:\Users\Sysel\Desktop\FRST64.exe
2024-08-27 16:27 - 2024-08-27 16:27 - 000000889 _____ C:\Users\Sysel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\adwcleaner(3).lnk
2024-08-24 20:32 - 2024-08-24 20:32 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-08-24 20:32 - 2024-08-24 20:32 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-08-24 20:32 - 2024-08-24 20:32 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-08-24 20:32 - 2024-08-24 20:32 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-08-24 20:32 - 2024-08-24 20:32 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-08-24 20:32 - 2024-08-24 20:32 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-08-24 20:32 - 2024-08-24 20:32 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-08-24 20:32 - 2024-08-24 20:32 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-08-24 20:32 - 2024-08-24 20:32 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-08-24 20:32 - 2024-06-11 22:19 - 002900520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2024-08-24 20:32 - 2024-06-11 22:19 - 002231336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2024-08-24 20:32 - 2024-06-11 22:18 - 001296936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2024-08-24 20:32 - 2024-03-26 21:11 - 000180760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2024-08-24 20:32 - 2024-03-26 21:11 - 000159768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2024-08-24 20:25 - 2024-08-24 20:25 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2024-08-24 20:22 - 2024-08-14 12:00 - 000121872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2024-08-24 20:21 - 2024-08-15 03:31 - 025312928 _____ C:\WINDOWS\system32\nvidia-pcc.exe
2024-08-24 20:21 - 2024-08-15 03:31 - 002040584 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2024-08-24 20:21 - 2024-08-15 03:31 - 002040584 _____ C:\WINDOWS\system32\vulkaninfo.exe
2024-08-24 20:21 - 2024-08-15 03:31 - 001583888 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-08-24 20:21 - 2024-08-15 03:31 - 001583888 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2024-08-24 20:21 - 2024-08-15 03:31 - 001446800 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2024-08-24 20:21 - 2024-08-15 03:31 - 001446800 _____ C:\WINDOWS\system32\vulkan-1.dll
2024-08-24 20:21 - 2024-08-15 03:31 - 001296656 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2024-08-24 20:21 - 2024-08-15 03:31 - 001296656 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2024-08-24 20:21 - 2024-08-15 03:31 - 000477824 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2024-08-24 20:21 - 2024-08-15 03:31 - 000374936 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2024-08-24 20:21 - 2024-08-15 03:28 - 001078944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2024-08-24 20:21 - 2024-08-15 03:28 - 000669824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2024-08-24 20:21 - 2024-08-15 03:28 - 000505904 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2024-08-24 20:21 - 2024-08-15 03:27 - 002178712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2024-08-24 20:21 - 2024-08-15 03:27 - 001629312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2024-08-24 20:21 - 2024-08-15 03:27 - 001547440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2024-08-24 20:21 - 2024-08-15 03:27 - 001202712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2024-08-24 20:21 - 2024-08-15 03:27 - 001034400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2024-08-24 20:21 - 2024-08-15 03:27 - 000856600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2024-08-24 20:21 - 2024-08-15 03:27 - 000796808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2024-08-24 20:21 - 2024-08-15 03:26 - 014270088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2024-08-24 20:21 - 2024-08-15 03:26 - 000461976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2024-08-24 20:21 - 2024-08-15 03:25 - 016200344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2024-08-24 20:21 - 2024-08-15 03:25 - 006914184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2024-08-24 20:21 - 2024-08-15 03:25 - 005910152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2024-08-24 20:21 - 2024-08-15 03:25 - 005349000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2024-08-24 20:21 - 2024-08-15 03:25 - 003788416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2024-08-24 20:21 - 2024-08-15 03:25 - 000853128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2024-08-24 20:21 - 2024-08-15 03:24 - 007133024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2024-08-24 20:21 - 2024-08-15 03:24 - 006212736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2024-08-24 20:21 - 2024-08-14 12:00 - 000127247 _____ C:\WINDOWS\system32\nvinfo.pb
2024-08-24 20:16 - 2024-08-24 20:20 - 701110360 _____ (NVIDIA Corporation) C:\Users\Sysel\Desktop\560.94-desktop-win10-win11-64bit-international-dch-whql.exe
2024-08-24 19:37 - 2024-03-26 21:11 - 000059928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2024-08-24 19:37 - 2024-03-26 19:21 - 000060240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2024-08-24 19:36 - 2024-08-24 19:36 - 000000000 ____D C:\Users\Sysel\Documents\Ghost of Tsushima DIRECTOR'S CUT
2024-08-24 19:36 - 2024-08-24 19:36 - 000000000 ____D C:\Users\Sysel\AppData\Roaming\Sucker Punch Productions
2024-08-24 18:59 - 2024-08-24 18:59 - 000000000 ____D C:\Users\Sysel\AppData\Roaming\kebug
2024-08-24 14:57 - 2024-08-24 14:57 - 000106496 _____ (PCGameBenchmark) C:\Users\Sysel\Desktop\PCGameBenchmark_Detector.exe
2024-08-19 21:38 - 2024-08-19 21:38 - 000000000 ___HD C:\$WinREAgent
2024-08-12 18:55 - 2024-08-12 18:55 - 000000529 _____ C:\Users\Public\Desktop\The Last of Us - Part I.lnk
2024-08-12 18:53 - 2024-08-12 18:53 - 000000000 ____D C:\Users\Sysel\AppData\Roaming\Wise
2024-07-29 09:20 - 2024-07-29 09:20 - 000000405 _____ C:\Users\Public\Desktop\Grim Dawn.lnk
2024-07-28 14:54 - 2024-07-28 15:00 - 000000000 ____D C:\Users\Sysel\AppData\LocalLow\Stunlock Studios

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-08-27 17:21 - 2021-04-15 19:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-08-27 17:20 - 2023-10-07 16:01 - 000000445 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2024-08-27 17:19 - 2023-07-15 21:09 - 000000000 ____D C:\ProgramData\NVIDIA
2024-08-27 17:18 - 2023-07-15 20:50 - 000001134 _____ C:\WINDOWS\system32\config\VSMIDK
2024-08-27 17:18 - 2021-04-15 19:32 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-08-27 17:18 - 2021-04-15 18:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-08-27 17:18 - 2020-09-27 07:55 - 000008192 ___SH C:\DumpStack.log.tmp
2024-08-27 17:08 - 2021-04-15 19:37 - 000716874 _____ C:\WINDOWS\system32\perfh005.dat
2024-08-27 17:08 - 2021-04-15 19:37 - 000145052 _____ C:\WINDOWS\system32\perfc005.dat
2024-08-27 17:08 - 2021-04-15 19:35 - 000000000 ____D C:\WINDOWS\INF
2024-08-27 17:08 - 2021-04-15 18:53 - 001693568 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-08-27 17:04 - 2021-04-15 20:09 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2024-08-27 16:55 - 2021-04-15 18:52 - 000000000 ____D C:\Users\Sysel\AppData\Local\D3DSCache
2024-08-27 16:35 - 2021-12-18 18:35 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-08-27 16:35 - 2021-04-15 19:36 - 000000000 ___HD C:\Program Files\WindowsApps
2024-08-27 16:35 - 2021-04-15 19:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-08-27 16:09 - 2020-11-18 18:00 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-08-25 16:03 - 2022-06-13 18:19 - 000000000 ____D C:\Users\Sysel\AppData\Local\CrashDumps
2024-08-25 14:26 - 2021-09-01 13:04 - 000000000 ____D C:\Users\Sysel\AppData\Local\NVIDIA Corporation
2024-08-24 21:45 - 2022-02-27 19:48 - 000000000 ____D C:\Users\Sysel\AppData\Roaming\qBittorrent
2024-08-24 20:38 - 2023-07-15 21:09 - 000000000 ____D C:\Users\Sysel\AppData\Local\NVIDIA
2024-08-24 20:38 - 2023-07-15 21:09 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2024-08-24 20:32 - 2023-07-15 21:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2024-08-24 20:32 - 2021-04-16 18:26 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2024-08-24 20:32 - 2021-04-16 18:26 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2024-08-24 20:32 - 2021-04-15 19:23 - 000000000 ____D C:\ProgramData\Package Cache
2024-08-24 20:25 - 2023-07-15 21:09 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2024-08-24 18:57 - 2021-04-15 18:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-08-24 14:57 - 2020-09-27 09:58 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-08-22 21:20 - 2021-04-15 18:42 - 000404104 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-08-22 21:19 - 2023-10-07 15:55 - 000000000 ____D C:\Program Files\Hyper-V
2024-08-22 21:19 - 2023-07-15 21:09 - 000000000 ___SD C:\WINDOWS\system32\lxss
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 ____D C:\WINDOWS\SystemResources
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 ____D C:\WINDOWS\system32\setup
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 ____D C:\WINDOWS\Provisioning
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-08-19 21:49 - 2021-04-15 19:33 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-08-19 21:45 - 2021-04-15 18:44 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-08-17 21:05 - 2021-04-17 15:31 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-08-17 21:03 - 2021-04-17 15:31 - 197093640 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-08-10 22:27 - 2021-04-15 18:42 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-07-29 09:34 - 2020-11-29 18:52 - 000000000 ____D C:\Users\Sysel\Documents\My Games
2024-07-28 14:56 - 2022-06-04 15:41 - 000000000 ____D C:\ProgramData\Battle.net
2024-07-28 14:15 - 2021-04-15 18:43 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-07-28 14:15 - 2021-04-15 18:43 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

==================== Files in the root of some directories ========

2022-07-25 21:38 - 2022-07-27 12:02 - 000000813 _____ () C:\Users\Sysel\AppData\Roaming\DESKTOP-SRFASFD.MTBF.txt
2021-05-01 19:41 - 2021-05-01 19:46 - 000012288 _____ () C:\Users\Sysel\AppData\Roaming\emp.bin
2023-11-10 11:28 - 2023-11-10 11:35 - 000000016 _____ () C:\Users\Sysel\AppData\Roaming\msregsvv.dll
2022-07-25 21:56 - 2022-07-25 21:56 - 000003584 _____ () C:\Users\Sysel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2023-07-15 22:27 - 2023-07-15 22:27 - 000000291 _____ () C:\Users\Sysel\AppData\Local\ledConfiguration.config
2023-07-15 22:27 - 2023-07-15 22:42 - 000000747 _____ () C:\Users\Sysel\AppData\Local\NvidiaLEDVisualizer.config

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-08.2024
Ran by Sysel (27-08-2024 17:25:12)
Running from C:\Users\Sysel\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.4780 (X64) (2021-04-15 16:52:26)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-11058042-1712766284-1418202981-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-11058042-1712766284-1418202981-503 - Limited - Disabled)
Guest (S-1-5-21-11058042-1712766284-1418202981-501 - Limited - Disabled)
Sysel (S-1-5-21-11058042-1712766284-1418202981-1001 - Administrator - Enabled) => C:\Users\Sysel
WDAGUtilityAccount (S-1-5-21-11058042-1712766284-1418202981-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
A Sharper Scaling version 1.2 (HKLM-x32\...\{7CFADE53-9599-48C5-9FE3-689E56C1D96B}_is1) (Version: 1.2 - )
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Assassins Creed Origins The Curse of the Pharaohs (HKLM-x32\...\Assassins Creed Origins The Curse of the Pharaohs_is1) (Version: - )
Audacity 3.4.2 (HKLM\...\Audacity_is1) (Version: 3.4.2 - Audacity Team)
BS.Player PRO (HKLM-x32\...\BSPlayerp) (Version: 2.74.1085 - AB Team, d.o.o.)
Creative Pack Volume 1 (HKLM\...\{997BE27F-A97F-4EF4-B841-D20ABF1CD6DC}) (Version: 4.0.0 - Corel Corporation)
CustomsForge Song Manager - Latest Build 1.6.0.1 (HKLM-x32\...\58F35625-541C-493A-A289-4B2D362DAFE0_is1) (Version: 1.6.0.1 - CustomsForge)
Days Gone (HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\FLT_Days Gone) (Version: - )
Dazzle Video Capture DVC100 X64 Driver 1.08 (HKLM-x32\...\{FB4B9EB9-68B2-4C42-8C38-B65F8FE5A5CA}) (Version: 1.08.0000 - Pinnacle)
Dynamic Application Loader Host Interface Service (HKLM\...\{F8197FEC-9FA0-4488-AC9D-38E67D58FDAC}) (Version: 1.0.0.0 - Intel Corporation) Hidden
ENE RGB HAL (HKLM\...\{B380DBDE-BA95-481B-92E9-52F2E5E84F24}) (Version: 1.00.15 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{adbc3d98-57f2-4d68-b155-138f8fb0f73d}) (Version: 1.00.15 - Ene Tech.) Hidden
ENE_DRAM_RGB_AURA42 (HKLM\...\{BC5E0A82-C638-44CB-8129-20C8ED70DE7A}) (Version: 1.00.02 - Ene Tech.) Hidden
ENE_DRAM_RGB_AURA42 (HKLM-x32\...\{f3d7fb09-b93f-4c01-a765-0b0adc5bc746}) (Version: 1.00.02 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{1CD178C9-BB49-4E59-9DA6-3C152E2A9844}) (Version: 1.00.01 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{fe81cfd3-9db4-409d-b0f9-26707d1423c6}) (Version: 1.00.01 - ENE TECHNOLOGY INC.) Hidden
Geeks3D FurMark 1.25.1.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: 1.25.1.0 - Geeks3D)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 127.0.6533.122 - Google LLC)
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.2372.2 - Rockstar Games)
Grim Dawn (HKLM-x32\...\Grim Dawn_is1) (Version: - )
Guitar Rig 6 (HKLM\...\Guitar Rig 6 Pro_is1) (Version: 6.0.3 - Native Instruments & Team V.R)
Heavy Rain (HKLM-x32\...\Heavy Rain_is1) (Version: - )
Hogwarts Legacy (HKLM-x32\...\Hogwarts Legacy_is1) (Version: 0.0.0 - DODI-Repacks)
INDIKA - CZ (HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\INDIKA - CZ) (Version: - )
Intel(R) Chipset Device Software (HKLM\...\{44C34709-F068-4CBC-8A71-515EDBC3B2A6}) (Version: 10.1.18383.8213 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{afad3740-3061-4b48-a9ab-6f1435cb3dd6}) (Version: 10.1.18383.8213 - Intel(R) Corporation)
Intel(R) Icls (HKLM\...\{456B5CCF-722F-4AC9-9490-3C9FCADEEEF2}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) LMS (HKLM\...\{AD1C4C82-ED20-4DD6-A5BA-DA8748D1AF98}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2020.14.0.1600 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{B8179F2A-010B-4F9C-AFA1-FB38E4D387A8}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{BAA8CB3F-7E98-4064-8ED5-3C116C15EF13}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{E22D7631-A5A7-4483-9E20-7C91E447B94C}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Kingdom Come: Deliverance - A Woman's Lot (HKLM-x32\...\1460218995_is1) (Version: 1.9.6-404-504czj3 - GOG.com)
Kingdom Come: Deliverance – Band of Bastards (HKLM-x32\...\1957357825_is1) (Version: 1.9.6-404-504czj3 - GOG.com)
Kingdom Come: Deliverance – From the Ashes (HKLM-x32\...\1201995925_is1) (Version: 1.9.6-404-504czj3 - GOG.com)
Kingdom Come: Deliverance – The Amorous Adventures of Bold Sir Hans Capon (HKLM-x32\...\1336069439_is1) (Version: 1.9.6-404-504czj3 - GOG.com)
Kingdom Come: Deliverance (HKLM-x32\...\1719198803_is1) (Version: 1.9.6-404-504czj3 - GOG.com)
Kingdom Come: Deliverance Treasures of the Past DLC (HKLM-x32\...\1300320746_is1) (Version: 1.9.6-404-504czj3 - GOG.com)
Kontrola stavu osobního počítače s Windows (HKLM\...\{95548B78-8547-4E91-B0DA-1CBB82150917}) (Version: 3.7.2204.15001 - Microsoft Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Life is Strange 2 (HKLM-x32\...\Life is Strange 2_is1) (Version: 0.0.0 - DODI-Repacks)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 128.0.2739.42 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 128.0.2739.42 - Microsoft Corporation)
Microsoft Office Access MUI (Czech) 2007 (HKLM-x32\...\{90120000-0015-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Excel MUI (Czech) 2007 (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Czech) 2007 (HKLM-x32\...\{90120000-00BA-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2007 (HKLM-x32\...\{90120000-0044-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (HKLM\...\{90120000-002A-0000-1000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2007 (HKLM-x32\...\{90120000-00A1-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2007 (HKLM-x32\...\{90120000-001A-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2007 (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proof (Czech) 2007 (HKLM-x32\...\{90120000-001F-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2007 (HKLM-x32\...\{90120000-001F-041B-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2007 (HKLM-x32\...\{90120000-002C-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2007 (HKLM-x32\...\{90120000-0019-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2007 (HKLM\...\{90120000-002A-0405-1000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2007 (HKLM-x32\...\{90120000-006E-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2007 (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33135 (HKLM-x32\...\{c649ede4-f16a-4486-a117-dcc2f2a35165}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.38.33135 (HKLM-x32\...\{46c3b171-c15c-4137-8e1d-67eeb2985b44}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33135 (HKLM\...\{19AFE054-CA83-45D5-A9DB-4108EF4BD391}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33135 (HKLM\...\{AA0C8AB5-7297-4D46-A0D9-08096FE59E46}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.38.33135 (HKLM-x32\...\{9C19C103-7DB1-44D1-A039-2C076A633A38}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.38.33135 (HKLM-x32\...\{286DC39B-5FB7-4AFF-9DD4-22DB47664CD7}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Minimal ADB and Fastboot version 1.4.3 (HKLM-x32\...\{B561660D-8B3C-491D-9E3E-293F14FCAADA}_is1) (Version: 1.4.3 - Samuel Rodberg)
Modern Warfare Remastered v.1.15.1251288.0 (HKLM-x32\...\{6033673D-2930-7711-3AD2-EB059FC263F9}_is1) (Version: - RePack by Canek77)
MSI Afterburner 4.6.4 Beta 3 (HKLM-x32\...\Afterburner) (Version: 4.6.4 Beta 3 - MSI Co., LTD)
MSI MysticLight (HKLM-x32\...\{93874B70-6C5E-446A-AF4D-E5AC776A0386}}_is1) (Version: 3.0.0.70 - MSI)
NewBlue Effects (HKLM\...\{C68BAB1A-C7DF-4D81-83FC-981B31921924}) (Version: 2.1.0 - Corel Corporation)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.28.0.417 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.28.0.417 - NVIDIA Corporation)
NVIDIA LED Visualizer 1.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.LEDVisualizer) (Version: 1.3 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.4.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.0.1 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 560.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 560.94 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
Paint Shop Pro 7 ESD (HKLM-x32\...\{D6DE02C7-1F47-11D4-9515-00105AE4B89A}) (Version: 7.0.0.0000 - Jasc Software Inc)
qBittorrent (HKLM-x32\...\qBittorrent) (Version: 4.6.0 - The qBittorrent project)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.46.1231.2020 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
Red Dead Redemption 2 (HKLM-x32\...\Red Dead Redemption 2_is1) (Version: - )
RivaTuner Statistics Server 7.3.2 Beta 2 (HKLM-x32\...\RTSS) (Version: 7.3.2 Beta 2 - Unwinder)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.37.349 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.9.3 - Rockstar Games)
Sapphire TRIXX 8.6.0 (HKLM-x32\...\{49272457-BEDE-4A3A-808F-7BBD4840E85B}_is1) (Version: 8.6.0 - Sapphire)
ScoreFitter Volumes 1-2 (HKLM\...\{5CA29919-6361-4A17-91C5-6819E43794B1}) (Version: 3.0 - Corel Corporation)
Sims 4 Mod Manager version b1.0.9 (HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\{0A555FCD-A8E3-47F6-B776-033D8017BFDC}_is1) (Version: b1.0.9 - GameTimeDev)
The Last of Us: Part I (HKLM-x32\...\The Last of Us: Part I_is1) (Version: - )
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.99.305.1020 - Electronic Arts Inc.)
The Witcher 3: Wild Hunt - Game of the Year Edition (HKLM-x32\...\1495134320_is1) (Version: 4.02_Hotfix - GOG.com)
Title Extreme (HKLM\...\{3B519225-B4B2-40B7-A431-3C6AAE2831B4}) (Version: 3.0 - Corel Corporation)
TP-Link Archer T2U Plus Driver (HKLM-x32\...\{D646A985-33A6-4D98-973F-44CC267BD834}) (Version: 2.1.0 - TP-Link)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{85C69797-7336-4E83-8D97-32A7C8465A3B}) (Version: 8.94.0.0 - Microsoft Corporation)
Wondershare Filmora 11(Build 11.0.10.2) (HKLM\...\Wondershare Filmora 11_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
YKB 3000 Gaming Keyboard Driver (HKLM-x32\...\YKB 3000 Gaming Keyboard Driver) (Version: V1.01n - YENKEE)

Chrome apps:
============
YouTube Music (HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\7d0759e527abc1afd161532a334cc2fe) (Version: 1.0 - Google\Chrome)

Packages:
=========

AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.2.1293.0_x64__8wekyb3d8bbwe [2024-06-09] (Microsoft Corporation)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2023-11-16] (Canon Inc.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-07-25] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-04-16] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-04-16] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-08-24] (NVIDIA Corp.)
Pantone Color of the Year 2022 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.PantoneColoroftheYear2022_1.0.0.0_neutral__8wekyb3d8bbwe [2023-11-07] (Microsoft Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.20.235.0_x64__dt26b99r8h8gj [2023-06-10] (Realtek Semiconductor Corp)
Vyhledávání na webu z Microsoft Bingu -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.95.0_x64__8wekyb3d8bbwe [2024-07-23] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-11058042-1712766284-1418202981-1001_Classes\CLSID\{e1a7f602-67b7-44f7-ad19-439e41f06cd8}\localserver32 -> "C:\Program Files\Global Delight\Boom 3D\Boom3D.exe" -ToastActivated => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu64.dll -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu64.dll -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_78cd02ab022cd554\nvshext.dll [2024-08-15] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.RTV1] => C:\WINDOWS\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2023-08-06] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2023-08-06] (Electronic Arts -> On2.com)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_cinhimbnkkaeohfgghhklpknlkffjgod\YouTube Music.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cinhimbnkkaeohfgghhklpknlkffjgod
ShortcutWithArgument: C:\Users\Sysel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube Music.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cinhimbnkkaeohfgghhklpknlkffjgod
ShortcutWithArgument: C:\Users\Sysel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\YouTube Music.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cinhimbnkkaeohfgghhklpknlkffjgod

==================== Loaded Modules (Whitelisted) =============

2023-07-15 22:55 - 2017-08-02 14:48 - 000237568 _____ () [File not signed] C:\Program Files (x86)\MSI\MysticLight\LEDControl.dll
2020-01-13 13:51 - 2020-01-13 13:51 - 000210432 _____ () [File not signed] C:\Program Files\ENE\Aac_ENE RGB HAL\x86\AacHal_x86.dll
2019-10-22 02:16 - 2019-10-22 02:16 - 000264704 _____ () [File not signed] C:\Program Files\ENE\Aac_ENE RGB HAL\x86\SB_SMBUS_SDK.dll
2019-11-06 14:09 - 2019-11-06 14:09 - 000190976 _____ () [File not signed] C:\Program Files\ENE\Aac_ENE_DRAM_RGB_AURA42\x86\AacHal_x86.dll
2019-06-28 10:51 - 2019-06-28 10:51 - 000184832 _____ () [File not signed] C:\Program Files\ENE\Aac_ENE_EHD_M2_HAL\AacHal_x86.dll
2023-07-15 22:55 - 2018-11-14 23:08 - 002200784 _____ (Dexin Corp -> MICRO-STAR INTERNATIONAL) [File not signed] C:\Program Files (x86)\MSI\MysticLight\IcMSIDll.dll
2021-04-16 18:07 - 2019-02-21 18:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2023-07-15 22:55 - 2016-10-03 13:43 - 000399872 _____ (TODO: <公司名稱>) [File not signed] C:\Program Files (x86)\MSI\MysticLight\Lib\SDKDLL.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2021-04-15 19:36 - 2021-04-17 17:10 - 000000965 ____R C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 disc-soft.com
0.0.0.0 secure.disc-soft.com
0.0.0.0 rp.totafofesos1.com
0.0.0.0 os.totafofesos1.com
0.0.0.0 os2.totafofesos1.com

2023-10-07 16:01 - 2024-08-27 17:20 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.32.1 DESKTOP-SRFASFD.mshome.net # 2029 8 0 26 15 20 48 831

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-11058042-1712766284-1418202981-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sysel\Pictures\wallpaper-mania.com_High_resolution_wallpaper_background_ID_77700001659.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

Network Binding:
=============
Wi-Fi 3: TP-Link Wireless USB Adapter -> rtwlanu.sys
vEthernet (Default Switch): Hyper-V Virtual Ethernet Adapter -> VmsProxyHNic.sys
Ethernet: Realtek Gaming GbE Family Controller -> rt640x64.sys

vms_vsf: Hyper-V Virtual Switch Extension Filter
ms_vfpext: Microsoft Azure VFP Switch Extension
vms_vsp: Hyper-V Virtual Switch Extension Protocol

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "YKB 3000 Gaming Keyboard Driver"
HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\StartupApproved\StartupFolder: => "Boom3D.lnk"
HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\StartupApproved\Run: => "GogGalaxy"
HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_034C0662AD04BF19A02F5311BBF66569"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{23A1CEE7-90FF-474F-842E-DABEB0919596}C:\users\sysel\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\sysel\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{8C49988C-6732-43B6-822B-06AF8D51E2B0}C:\users\sysel\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\sysel\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [{C4C5FBC2-D058-4C3E-B956-5616A11F3565}] => (Allow) D:\Programy\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3A28D871-FD36-4243-9651-597AA33A826C}] => (Allow) D:\Programy\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{F7B0B944-B267-4D80-8CE6-B94DF75B746D}] => (Allow) D:\Programy\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7BF9B97D-51F3-43BF-977E-6E9CFFE0B487}] => (Allow) D:\Programy\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{C2EAD904-A962-4430-8F18-FFEEC88DD069}] => (Allow) C:\Users\Sysel\AppData\Roaming\uTorrent\utorrent.exe => No File
FirewallRules: [{0641D0A8-0CCD-40C6-ABE6-CA0D78442D23}] => (Allow) C:\Users\Sysel\AppData\Roaming\uTorrent\utorrent.exe => No File
FirewallRules: [{D8470CA1-A98B-4A96-8BED-EBCE1A1FEC20}] => (Allow) D:\Down\Red.Dead.Redemption.2.Ultimate.Edition.RGL.Rip-InsaneRamZes\Red Dead Redemption 2\RDR2.exe => No File
FirewallRules: [{34944E95-A2F5-4698-A2CE-338DE74E646D}] => (Allow) D:\Down\Red.Dead.Redemption.2.Ultimate.Edition.RGL.Rip-InsaneRamZes\Red Dead Redemption 2\RDR2.exe => No File
FirewallRules: [{0D65A1B8-ABAB-4849-B1E3-01B81A2AF123}] => (Allow) D:\Hry\SimCity 2013 Offline\SimCity\SimCity.exe => No File
FirewallRules: [{62B8D5AA-562D-4E48-B025-6A870265D4BC}] => (Allow) D:\Hry\SimCity 2013 Offline\SimCity\SimCity.exe => No File
FirewallRules: [TCP Query User{65D25CBF-68B0-4089-B9D4-102D36ED1BF0}D:\hry\the sims 4\game\bin\ts4_x64.exe] => (Block) D:\hry\the sims 4\game\bin\ts4_x64.exe => No File
FirewallRules: [UDP Query User{8FF88867-9BB2-463B-9477-96DF2A9A04AB}D:\hry\the sims 4\game\bin\ts4_x64.exe] => (Block) D:\hry\the sims 4\game\bin\ts4_x64.exe => No File
FirewallRules: [TCP Query User{259943CC-11E9-4442-8ADD-68D4571D59C1}D:\hry\life is strange 2\lis2\binaries\win64\lis2-win64-shipping.exe] => (Block) D:\hry\life is strange 2\lis2\binaries\win64\lis2-win64-shipping.exe => No File
FirewallRules: [UDP Query User{1FE347FD-9A6B-4594-8E84-9DB13D4C8586}D:\hry\life is strange 2\lis2\binaries\win64\lis2-win64-shipping.exe] => (Block) D:\hry\life is strange 2\lis2\binaries\win64\lis2-win64-shipping.exe => No File
FirewallRules: [TCP Query User{A906A3CF-75AA-4A75-9E07-3C9DC04D6508}D:\hry\wolfenstein new order\wolfneworder_x64.exe] => (Block) D:\hry\wolfenstein new order\wolfneworder_x64.exe => No File
FirewallRules: [UDP Query User{17DE4DCB-05AA-4CB7-ADB8-3983D337793C}D:\hry\wolfenstein new order\wolfneworder_x64.exe] => (Block) D:\hry\wolfenstein new order\wolfneworder_x64.exe => No File
FirewallRules: [{762B8DC1-B6F3-4217-B868-6BBFB2501B58}] => (Allow) D:\Programy\Steam\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [{FC341532-D3FA-489F-A0CC-C86EF585F0A6}] => (Allow) D:\Programy\Steam\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [TCP Query User{81649A25-BF09-482B-8B95-523CBEEA36E5}D:\down\sniper.ghost.warrior.contracts.2.deluxe.arsenal.edition.steam.rip-insaneramzes\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe] => (Block) D:\down\sniper.ghost.warrior.contracts.2.deluxe.arsenal.edition.steam.rip-insaneramzes\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe => No File
FirewallRules: [UDP Query User{514B9B7E-2BB9-4C51-B54A-455950873C0F}D:\down\sniper.ghost.warrior.contracts.2.deluxe.arsenal.edition.steam.rip-insaneramzes\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe] => (Block) D:\down\sniper.ghost.warrior.contracts.2.deluxe.arsenal.edition.steam.rip-insaneramzes\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe => No File
FirewallRules: [TCP Query User{0D9DE676-6A1B-4E35-90D0-E4DAA82145DD}D:\games\age of empires iii definitive edition the african royals\aoe3de_s.exe] => (Block) D:\games\age of empires iii definitive edition the african royals\aoe3de_s.exe => No File
FirewallRules: [UDP Query User{9C6444D4-E496-4B5F-8B78-D13A8260F911}D:\games\age of empires iii definitive edition the african royals\aoe3de_s.exe] => (Block) D:\games\age of empires iii definitive edition the african royals\aoe3de_s.exe => No File
FirewallRules: [TCP Query User{918ECCD5-D437-4294-A772-3E9A4B45711D}D:\games\age of empires iii definitive edition the african royals\battleserver.exe] => (Block) D:\games\age of empires iii definitive edition the african royals\battleserver.exe => No File
FirewallRules: [UDP Query User{952FF2F7-81C9-4282-9FEC-43BC5A2230C0}D:\games\age of empires iii definitive edition the african royals\battleserver.exe] => (Block) D:\games\age of empires iii definitive edition the african royals\battleserver.exe => No File
FirewallRules: [TCP Query User{51433B84-45D7-4920-AC77-698466CA61D5}D:\down\dyson sphere program cz-chi v0.8.19.7863\dspgame.exe] => (Block) D:\down\dyson sphere program cz-chi v0.8.19.7863\dspgame.exe => No File
FirewallRules: [UDP Query User{82FACEA8-4F66-4103-A43F-4F5858B66F18}D:\down\dyson sphere program cz-chi v0.8.19.7863\dspgame.exe] => (Block) D:\down\dyson sphere program cz-chi v0.8.19.7863\dspgame.exe => No File
FirewallRules: [TCP Query User{F1E40901-3762-4E73-96A6-D3FC7469EFBF}D:\hry\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) D:\hry\kingdom come deliverance\bin\win64\kingdomcome.exe => No File
FirewallRules: [UDP Query User{DB197F8E-DDF9-4F47-BCC4-C68B07C2512E}D:\hry\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) D:\hry\kingdom come deliverance\bin\win64\kingdomcome.exe => No File
FirewallRules: [TCP Query User{3A96A03F-32AA-4731-8F74-F91A1C773527}D:\hry\need for speed heat\needforspeedheat.exe] => (Block) D:\hry\need for speed heat\needforspeedheat.exe => No File
FirewallRules: [UDP Query User{B9452433-3059-4969-BC57-4D30D4EECCA7}D:\hry\need for speed heat\needforspeedheat.exe] => (Block) D:\hry\need for speed heat\needforspeedheat.exe => No File
FirewallRules: [TCP Query User{0AF3056A-DA73-4ACE-9C57-338E151D1F98}D:\down\festival.tycoon.early.access\festivaltycoon.exe] => (Block) D:\down\festival.tycoon.early.access\festivaltycoon.exe => No File
FirewallRules: [UDP Query User{883B843B-DBA5-4F3F-BBA6-8EA130CACBEB}D:\down\festival.tycoon.early.access\festivaltycoon.exe] => (Block) D:\down\festival.tycoon.early.access\festivaltycoon.exe => No File
FirewallRules: [TCP Query User{989539A0-3332-4B4A-B55D-D6A299C5830C}D:\down\forza.horizon.4.ultimate.edition.steam.rip-insaneramzes\forzahorizon4\forzahorizon4.exe] => (Block) D:\down\forza.horizon.4.ultimate.edition.steam.rip-insaneramzes\forzahorizon4\forzahorizon4.exe => No File
FirewallRules: [UDP Query User{3F3A6F36-32B3-4135-B91F-4DD74717A76F}D:\down\forza.horizon.4.ultimate.edition.steam.rip-insaneramzes\forzahorizon4\forzahorizon4.exe] => (Block) D:\down\forza.horizon.4.ultimate.edition.steam.rip-insaneramzes\forzahorizon4\forzahorizon4.exe => No File
FirewallRules: [TCP Query User{689E6190-A0CF-4D0A-A189-761E02E1D4CE}D:\hry\grand theft auto v\gta5.exe] => (Block) D:\hry\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) [File not signed]
FirewallRules: [UDP Query User{559DB2A7-0A44-49A4-9716-FCCA6F92DEB6}D:\hry\grand theft auto v\gta5.exe] => (Block) D:\hry\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) [File not signed]
FirewallRules: [TCP Query User{CD67C3CE-2279-42DA-A485-AD82AF6AE751}D:\down\indoorlands.early.access\indoorlands.exe] => (Block) D:\down\indoorlands.early.access\indoorlands.exe => No File
FirewallRules: [UDP Query User{0819A883-227F-48EE-BE51-9EF011A9E889}D:\down\indoorlands.early.access\indoorlands.exe] => (Block) D:\down\indoorlands.early.access\indoorlands.exe => No File
FirewallRules: [TCP Query User{C2DCA2D7-B954-4795-9A2F-31366967DF38}D:\hry\age of empires iv\reliccardinal.exe] => (Block) D:\hry\age of empires iv\reliccardinal.exe => No File
FirewallRules: [UDP Query User{FB46B4F5-87BB-471E-B781-1605B311DF5D}D:\hry\age of empires iv\reliccardinal.exe] => (Block) D:\hry\age of empires iv\reliccardinal.exe => No File
FirewallRules: [TCP Query User{A13859C0-6191-41BD-89A4-C2F8DE145660}D:\hry\forza horizon 5\forzahorizon5.exe] => (Block) D:\hry\forza horizon 5\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{8A7B3C22-E7CB-4026-AE53-2C89998CF570}D:\hry\forza horizon 5\forzahorizon5.exe] => (Block) D:\hry\forza horizon 5\forzahorizon5.exe => No File
FirewallRules: [TCP Query User{4C6B9F0D-DC89-4C0F-BFE4-9C51A61F5242}D:\down\grand.theft.auto.the.trilogy.the.definitive.edition-p2p\gta san andreas - definitive edition\gameface\binaries\win64\sanandreas.exe] => (Block) D:\down\grand.theft.auto.the.trilogy.the.definitive.edition-p2p\gta san andreas - definitive edition\gameface\binaries\win64\sanandreas.exe => No File
FirewallRules: [UDP Query User{1BC78239-4F6B-4ADB-ADF6-E7C6CAB44535}D:\down\grand.theft.auto.the.trilogy.the.definitive.edition-p2p\gta san andreas - definitive edition\gameface\binaries\win64\sanandreas.exe] => (Block) D:\down\grand.theft.auto.the.trilogy.the.definitive.edition-p2p\gta san andreas - definitive edition\gameface\binaries\win64\sanandreas.exe => No File
FirewallRules: [{FCACA640-1964-4BC7-9DEF-F7A677353DC1}] => (Allow) C:\PROGRA~2\netis\USBWIR~1\RtWlan.exe => No File
FirewallRules: [{C694B2A3-AA51-49DC-9847-00A31CC018F9}] => (Allow) LPort=1542
FirewallRules: [{EFA625FA-4A5C-46C3-B8B4-A200C5470FBF}] => (Allow) LPort=1542
FirewallRules: [{37153D3B-B556-4E1C-A738-820CC63E772D}] => (Allow) LPort=53
FirewallRules: [{277E084D-CD12-4834-B149-2400EB5ED518}] => (Allow) C:\PROGRA~2\netis\USBWIR~1\Rtldhcp.exe => No File
FirewallRules: [{5FBBE0D4-2358-4E70-9FAD-E6479F7740B7}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe => No File
FirewallRules: [{8BA88D34-886F-49D3-8E22-023FC28856E6}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe => No File
FirewallRules: [{CBF19A06-A456-4C54-A371-FA3CF28E4C53}] => (Allow) LPort=53
FirewallRules: [{672246B4-D9F9-4760-9DDD-0CB61AD192E3}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe => No File
FirewallRules: [{2D6C2062-B12F-497B-83F6-257021AED866}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe => No File
FirewallRules: [{5F00D6D1-1DFD-4F52-A171-D5957A5C05F3}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe => No File
FirewallRules: [{DA9D1287-C545-4055-B3EC-8981BD7B25B5}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe => No File
FirewallRules: [TCP Query User{AE4F077E-A4D4-44D4-BF9D-74B38C7AA96F}D:\hry\firewatch\firewatch.exe] => (Block) D:\hry\firewatch\firewatch.exe => No File
FirewallRules: [UDP Query User{1C03A703-F818-41A7-AB27-44769CCEBB54}D:\hry\firewatch\firewatch.exe] => (Block) D:\hry\firewatch\firewatch.exe => No File
FirewallRules: [TCP Query User{98848272-7885-48DA-8C4C-E41CAD576A0B}D:\hry\firewatch.v21.12.201\firewatch.exe] => (Block) D:\hry\firewatch.v21.12.201\firewatch.exe => No File
FirewallRules: [UDP Query User{1038D012-C9C4-4FED-9767-E2F56D1F5280}D:\hry\firewatch.v21.12.201\firewatch.exe] => (Block) D:\hry\firewatch.v21.12.201\firewatch.exe => No File
FirewallRules: [TCP Query User{E8D25CAC-2335-4A73-B38F-ACC9029EEA0A}D:\hry\dying light\dyinglightgame.exe] => (Block) D:\hry\dying light\dyinglightgame.exe => No File
FirewallRules: [UDP Query User{D01CB5F3-0F67-4E69-AD27-836164DD6A9B}D:\hry\dying light\dyinglightgame.exe] => (Block) D:\hry\dying light\dyinglightgame.exe => No File
FirewallRules: [TCP Query User{BFEE9F3F-D7F3-4CF7-BF46-4822FE8D389E}D:\hry\call of duty - modern warfare remastered\h1-mod.exe] => (Block) D:\hry\call of duty - modern warfare remastered\h1-mod.exe => No File
FirewallRules: [UDP Query User{77B22D07-1D2D-45B5-880A-AEF47BF62D59}D:\hry\call of duty - modern warfare remastered\h1-mod.exe] => (Block) D:\hry\call of duty - modern warfare remastered\h1-mod.exe => No File
FirewallRules: [{E16095EB-9F07-420D-BE84-E30E2D59565B}] => (Allow) D:\Programy\programs\RM.exe => No File
FirewallRules: [{DCEB4DE8-61CD-438D-94EA-7BFEE7290E0D}] => (Allow) D:\Programy\programs\RM.exe => No File
FirewallRules: [{596C6835-35EB-498A-9BD4-45F801413581}] => (Allow) D:\Programy\programs\NGStudio.exe => No File
FirewallRules: [{44C32E63-BECC-4CA1-BE44-BC7188BA34EB}] => (Allow) D:\Programy\programs\NGStudio.exe => No File
FirewallRules: [{066C5284-EB4F-4A44-AADC-7C1511345C6E}] => (Allow) D:\Programy\programs\UMI.exe => No File
FirewallRules: [{B98A894F-DB48-424C-A587-4043F55923E5}] => (Allow) D:\Programy\programs\UMI.exe => No File
FirewallRules: [{7BA01785-BBEC-4FDD-B5CD-77582B42636E}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{C6CFAB22-6647-421B-A7A2-5AF6B3236466}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [TCP Query User{833D1E7E-1DCD-4C48-BDB6-A0CA7B3C2A4D}D:\games\uncharted - legacy of thieves collection\u4.exe] => (Block) D:\games\uncharted - legacy of thieves collection\u4.exe => No File
FirewallRules: [UDP Query User{1DB62961-6DDB-4F11-9B6A-15F75FD2DD00}D:\games\uncharted - legacy of thieves collection\u4.exe] => (Block) D:\games\uncharted - legacy of thieves collection\u4.exe => No File
FirewallRules: [TCP Query User{7A99D5B2-C6BB-4DA3-AF3F-1680002CE529}C:\program files\amd\cnext\cnext\radeonsoftware.exe] => (Block) C:\program files\amd\cnext\cnext\radeonsoftware.exe => No File
FirewallRules: [UDP Query User{C281C72C-1B34-4AC4-B9D8-DAFBFAA15B7D}C:\program files\amd\cnext\cnext\radeonsoftware.exe] => (Block) C:\program files\amd\cnext\cnext\radeonsoftware.exe => No File
FirewallRules: [{4EB754EA-5E5F-4955-A908-A1D2FC9C2D57}] => (Allow) D:\Programy\Steam\steamapps\common\Rocksmith2014\Rocksmith2014.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{BFE63AB1-9C3B-4360-B4D4-4C0E3877C37A}] => (Allow) D:\Programy\Steam\steamapps\common\Rocksmith2014\Rocksmith2014.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [TCP Query User{C8B29D35-38AC-4270-85C9-E1EEA01F6EFC}D:\hry\wolfenstein the new order\wolfneworder_x64.exe] => (Block) D:\hry\wolfenstein the new order\wolfneworder_x64.exe => No File
FirewallRules: [UDP Query User{91DB6CC1-F002-4EE3-8916-A64CC0980A6D}D:\hry\wolfenstein the new order\wolfneworder_x64.exe] => (Block) D:\hry\wolfenstein the new order\wolfneworder_x64.exe => No File
FirewallRules: [{206093AF-1F37-4FBA-85A3-FCEAE906ADC7}] => (Allow) D:\Hry\Red Dead Redemption 2\RDR2.exe (Rockstar Games) [File not signed]
FirewallRules: [{6D4EF899-4E64-45BD-BFE6-C0527007AD17}] => (Allow) D:\Hry\Red Dead Redemption 2\RDR2.exe (Rockstar Games) [File not signed]
FirewallRules: [TCP Query User{9F6332EC-599A-40D2-B37B-6CCAFB239F9C}D:\hry\surviving the aftermath\aftermath64.exe] => (Block) D:\hry\surviving the aftermath\aftermath64.exe => No File
FirewallRules: [UDP Query User{5B36DA82-1354-48E1-98D7-BAEBB4CED574}D:\hry\surviving the aftermath\aftermath64.exe] => (Block) D:\hry\surviving the aftermath\aftermath64.exe => No File
FirewallRules: [TCP Query User{6955FEE2-E660-456C-97A9-3636807C10CD}D:\hry\the last of us - part i\tlou-i.exe] => (Block) D:\hry\the last of us - part i\tlou-i.exe => No File
FirewallRules: [UDP Query User{3DF502B7-FD68-4A07-AD98-731AE0AE2FDB}D:\hry\the last of us - part i\tlou-i.exe] => (Block) D:\hry\the last of us - part i\tlou-i.exe => No File
FirewallRules: [TCP Query User{B8B7503B-D1BF-4419-BD3A-6E1899DD18D7}D:\hry\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Block) D:\hry\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe (Warner Bros. Interactive) [File not signed]
FirewallRules: [UDP Query User{2FF3FAE1-F2A3-44A5-A6CA-D49B8CE54C74}D:\hry\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Block) D:\hry\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe (Warner Bros. Interactive) [File not signed]
FirewallRules: [TCP Query User{E8338C5D-2998-41E5-9643-292AB4F04E71}G:\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) G:\kingdom come deliverance\bin\win64\kingdomcome.exe => No File
FirewallRules: [UDP Query User{330E584F-07A3-4DF9-A7B6-E4BBA72B088F}G:\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) G:\kingdom come deliverance\bin\win64\kingdomcome.exe => No File
FirewallRules: [TCP Query User{B4B26371-88C0-47EE-92F1-5C5FD0F280E0}D:\hry\planet zoo\planetzoo.exe] => (Block) D:\hry\planet zoo\planetzoo.exe => No File
FirewallRules: [UDP Query User{EFACA561-0865-4A12-9B54-814418866A57}D:\hry\planet zoo\planetzoo.exe] => (Block) D:\hry\planet zoo\planetzoo.exe => No File
FirewallRules: [TCP Query User{6B851656-63BA-4B6D-A2AC-7A5BFF5E0738}D:\hry\planetzoo\planetzoo.exe] => (Block) D:\hry\planetzoo\planetzoo.exe => No File
FirewallRules: [UDP Query User{7E0DF77D-2882-494E-9A47-B1B27740C942}D:\hry\planetzoo\planetzoo.exe] => (Block) D:\hry\planetzoo\planetzoo.exe => No File
FirewallRules: [{8E19345C-D5DB-4840-A593-C5A9D765D192}] => (Allow) E:\Down\The Sims 4\Game\Bin\TS4_x64.exe => No File
FirewallRules: [{9A8723C1-7033-4168-A198-EA5D0011D7CD}] => (Allow) E:\Down\The Sims 4\Game\Bin\TS4_x64.exe => No File
FirewallRules: [{89EE5730-0E57-410F-BC38-D395CD9B94A6}] => (Allow) D:\Programy\arcai.com\aips.exe => No File
FirewallRules: [{D3A3058D-B0EE-4E69-9419-E3415BFCC57A}] => (Allow) D:\Programy\arcai.com\aips.exe => No File
FirewallRules: [{12F484C1-7EB6-4F6B-835C-56B958F7B17F}] => (Allow) D:\Programy\arcai.com\netcut_windows.exe => No File
FirewallRules: [{3CD0BC0A-2604-43FB-BC03-F8C6CF8BA569}] => (Allow) D:\Programy\arcai.com\netcut_windows.exe => No File
FirewallRules: [{FFC3A4A0-9A3E-43D2-B780-4F8AA6764C2B}] => (Allow) D:\Programy\BlueStacks X\BlueStacksWeb.exe => No File
FirewallRules: [{69AB1B59-2621-4A0C-9CF9-72AD16928985}] => (Allow) D:\Programy\BlueStacks X\Cloud Game.exe => No File
FirewallRules: [{F1990E33-2039-45BD-807B-9092AE13C339}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => No File
FirewallRules: [{C7BF748A-CCE4-413D-AA8F-809244C8CBCE}] => (Allow) C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe => No File
FirewallRules: [TCP Query User{29BF6B94-8ECC-44ED-977C-794A16299D5A}D:\programy\microvirt\memuhyperv\memuhyper.exe] => (Block) D:\programy\microvirt\memuhyperv\memuhyper.exe => No File
FirewallRules: [UDP Query User{D322BF38-E2CE-4A4D-BB41-B7572E056F09}D:\programy\microvirt\memuhyperv\memuhyper.exe] => (Block) D:\programy\microvirt\memuhyperv\memuhyper.exe => No File
FirewallRules: [TCP Query User{1AF29D4A-6340-428D-AE76-B5846F839654}D:\games\uncharted - legacy of thieves collection\tll.exe] => (Block) D:\games\uncharted - legacy of thieves collection\tll.exe => No File
FirewallRules: [UDP Query User{D4B4A09A-DEAD-4554-AEA7-8DDBBDCB8681}D:\games\uncharted - legacy of thieves collection\tll.exe] => (Block) D:\games\uncharted - legacy of thieves collection\tll.exe => No File
FirewallRules: [{9E8A40A0-10E9-41F0-92F6-FE2AD5C5DF89}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{E7323F3B-BF56-47EC-A91C-2487934CC1C3}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [TCP Query User{12F28879-48CB-412A-B96F-C8C1A8F9076C}F:\dying light\dyinglightgame.exe] => (Block) F:\dying light\dyinglightgame.exe => No File
FirewallRules: [UDP Query User{E47410DA-76AA-4E7D-85E3-EFF470FA38D3}F:\dying light\dyinglightgame.exe] => (Block) F:\dying light\dyinglightgame.exe => No File
FirewallRules: [TCP Query User{113875F6-83C9-4690-A0F7-ED6E88B666F7}D:\hry\polylithic.early.access\polylithic.early.access\polylithic.exe] => (Block) D:\hry\polylithic.early.access\polylithic.early.access\polylithic.exe () [File not signed]
FirewallRules: [UDP Query User{8DFE5DD2-F82F-4F80-9802-979E63EFBB3D}D:\hry\polylithic.early.access\polylithic.early.access\polylithic.exe] => (Block) D:\hry\polylithic.early.access\polylithic.early.access\polylithic.exe () [File not signed]
FirewallRules: [TCP Query User{30E7110B-32D5-40E9-89E7-5E0A20EDD0E0}F:\climber.sky.is.the.limit-goldberg\climber.sky.is.the.limit-goldberg\climber sky is the limit.exe] => (Block) F:\climber.sky.is.the.limit-goldberg\climber.sky.is.the.limit-goldberg\climber sky is the limit.exe => No File
FirewallRules: [UDP Query User{ACD773D6-4062-4F37-89BC-78AC3ADC2C40}F:\climber.sky.is.the.limit-goldberg\climber.sky.is.the.limit-goldberg\climber sky is the limit.exe] => (Block) F:\climber.sky.is.the.limit-goldberg\climber.sky.is.the.limit-goldberg\climber sky is the limit.exe => No File
FirewallRules: [TCP Query User{689421E6-56A0-4701-BD2E-322643720791}F:\enshrouded\enshrouded.exe] => (Block) F:\enshrouded\enshrouded.exe => No File
FirewallRules: [UDP Query User{313F8EE6-4EE1-4269-AA6D-8A3A4A80B7E6}F:\enshrouded\enshrouded.exe] => (Block) F:\enshrouded\enshrouded.exe => No File
FirewallRules: [TCP Query User{97ED2CD5-27A8-4096-A150-0492E9271CB4}F:\tell.me.why.repack-kaos\tme\binaries\win64\tme-win64-shipping.exe] => (Block) F:\tell.me.why.repack-kaos\tme\binaries\win64\tme-win64-shipping.exe => No File
FirewallRules: [UDP Query User{4CCF6581-14C2-4A98-A541-159D921F12F2}F:\tell.me.why.repack-kaos\tme\binaries\win64\tme-win64-shipping.exe] => (Block) F:\tell.me.why.repack-kaos\tme\binaries\win64\tme-win64-shipping.exe => No File
FirewallRules: [TCP Query User{316CBD2F-67BA-4B56-B721-2E05AE7D3660}F:\heavy rain\heavyrain.exe] => (Block) F:\heavy rain\heavyrain.exe () [File not signed]
FirewallRules: [UDP Query User{250F37B0-B3EB-4D05-80F9-96A2A1DB09C2}F:\heavy rain\heavyrain.exe] => (Block) F:\heavy rain\heavyrain.exe () [File not signed]
FirewallRules: [TCP Query User{D979709A-D374-4383-B30A-648D667F76C3}F:\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) F:\kingdom come deliverance\bin\win64\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [UDP Query User{E1D70A88-B79B-48DF-8D79-8F10FE670566}F:\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) F:\kingdom come deliverance\bin\win64\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [TCP Query User{5E892413-9062-44C3-AED3-6966A7DC1FF3}F:\fabledom.v1.02a\fabledom.exe] => (Block) F:\fabledom.v1.02a\fabledom.exe => No File
FirewallRules: [UDP Query User{762BF579-4401-4F45-A838-0E1050E95CD7}F:\fabledom.v1.02a\fabledom.exe] => (Block) F:\fabledom.v1.02a\fabledom.exe => No File
FirewallRules: [TCP Query User{98F8BCE9-EAD0-4432-90F0-018C8E331DE9}F:\vrising\vrising.exe] => (Block) F:\vrising\vrising.exe => No File
FirewallRules: [UDP Query User{3C978422-A79C-4581-8795-1987BE64335A}F:\vrising\vrising.exe] => (Block) F:\vrising\vrising.exe => No File
FirewallRules: [TCP Query User{4B2D3E17-50FD-4ECF-BE3D-FDC329D339AB}F:\vrising\vrising_server\vrisingserver.exe] => (Block) F:\vrising\vrising_server\vrisingserver.exe => No File
FirewallRules: [UDP Query User{25406116-03F6-446A-89B8-6723D279E4F3}F:\vrising\vrising_server\vrisingserver.exe] => (Block) F:\vrising\vrising_server\vrisingserver.exe => No File
FirewallRules: [TCP Query User{010AA98E-5B84-4027-A93A-6C6FC0E2360B}F:\v rising\vrising.exe] => (Block) F:\v rising\vrising.exe => No File
FirewallRules: [UDP Query User{FC07BEBF-6390-4017-AB86-0497896F9C6D}F:\v rising\vrising.exe] => (Block) F:\v rising\vrising.exe => No File
FirewallRules: [TCP Query User{CE3287AB-DC31-4C45-A488-2AFD160F7598}F:\v rising\vrising_server\vrisingserver.exe] => (Block) F:\v rising\vrising_server\vrisingserver.exe => No File
FirewallRules: [UDP Query User{CD727281-7B37-4109-A98E-E3755656CC0D}F:\v rising\vrising_server\vrisingserver.exe] => (Block) F:\v rising\vrising_server\vrisingserver.exe => No File
FirewallRules: [{B58F636A-1489-456A-8592-AAD6A07A6C5B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.126.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0DD4EA35-FF70-46CB-B016-D70DEF6D661F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.126.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8B882604-C966-443A-B933-F849896B555A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.126.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F8E63711-74F3-47DF-BC22-7367A48C3BA4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.126.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{90652C57-1F8B-4C87-86C0-B8F4BCD90EC0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CF71C379-E184-4835-83F0-85AEE64969F1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2A34FFC1-F432-49C6-960F-F50448070C07}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8C3E0872-B569-4339-B8FB-4872AE5C6C04}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8B6D8B8F-E03B-4E87-AC8C-C51226372913}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CC245BE1-B8C2-49D5-A901-62DBB3ACFBFF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{03E8255C-0D76-41A4-BFE0-7C4E67AA15FD}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{0BA4CE96-6F34-4A93-9AE1-4527EA0D1902}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\128.0.2739.42\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{82396604-BDCD-4F82-9B85-44026DCE154B}] => (Allow) LPort=26820
FirewallRules: [{B8321681-09A5-4FDE-9794-50818E729F8A}] => (Allow) LPort=26822

==================== Restore Points =========================

25-08-2024 20:30:44 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (08/25/2024 04:03:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GhostOfTsushima.exe, verze: 1053.0.515.2048, časové razítko: 0x664503dd
Název chybujícího modulu: GhostOfTsushima.exe, verze: 1053.0.515.2048, časové razítko: 0x664503dd
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000034a3d68
ID chybujícího procesu: 0xe30
Čas spuštění chybující aplikace: 0x01daf6f654f397f8
Cesta k chybující aplikaci: F:\Ghost of Tsushima DC\GhostOfTsushima.exe
Cesta k chybujícímu modulu: F:\Ghost of Tsushima DC\GhostOfTsushima.exe
ID zprávy: 6d6201fa-6a5b-46df-b9cb-99d765bde498
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/24/2024 09:52:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GhostOfTsushima.exe, verze: 1053.0.515.2048, časové razítko: 0x664503dd
Název chybujícího modulu: GhostOfTsushima.exe, verze: 1053.0.515.2048, časové razítko: 0x664503dd
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000034a3d68
ID chybujícího procesu: 0x15cc
Čas spuštění chybující aplikace: 0x01daf65e606fd554
Cesta k chybující aplikaci: F:\Ghost of Tsushima DC\GhostOfTsushima.exe
Cesta k chybujícímu modulu: F:\Ghost of Tsushima DC\GhostOfTsushima.exe
ID zprávy: c7a12db1-6ee6-446a-927a-e4dd6df3d9d7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/24/2024 08:32:57 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač..

Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (08/24/2024 05:17:53 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Instalace (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (08/24/2024 04:35:29 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Data (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (08/24/2024 03:16:17 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Data (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (08/17/2024 09:02:58 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Data (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (08/12/2024 03:57:24 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Instalace (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)


System errors:
=============
Error: (08/27/2024 05:21:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (08/27/2024 05:21:00 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).

Error: (08/27/2024 05:18:51 PM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.

Error: (08/27/2024 05:18:30 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-SRFASFD)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (08/27/2024 05:18:21 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-SRFASFD)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (08/27/2024 05:18:17 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-SRFASFD)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby TokenBroker s argumenty Není k dispozici za účelem spuštění serveru:
Windows.Internal.Security.Authentication.Web.TokenBrokerInternal

Error: (08/27/2024 05:18:17 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-SRFASFD)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby TokenBroker s argumenty Není k dispozici za účelem spuštění serveru:
Windows.Internal.Security.Authentication.Web.TokenBrokerInternal

Error: (08/27/2024 05:17:53 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-SRFASFD)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby netman s argumenty Není k dispozici za účelem spuštění serveru:
{BA126AE5-2166-11D1-B1D0-00805FC1270E}


Windows Defender:
================
Date: 2024-08-27 16:54:10
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {190F1FC4-F5D4-4700-AE00-B95A2E4A5BA8}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-08-27 16:41:50
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {B507C04E-C47A-4317-B5DF-FDE41A871E65}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: DESKTOP-SRFASFD\Sysel

Date: 2024-08-27 16:34:39
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {BE8C5EAB-3559-4568-8FFA-CBEB1ACCF735}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Úplné prohledávání
Uživatel: DESKTOP-SRFASFD\Sysel

Date: 2024-08-17 21:02:55
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {91C25840-B621-4EED-90D4-DCA291AB2B64}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-08-12 18:54:58
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.H!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Sysel\AppData\Local\Temp\U1H4G8V9RJN2CWFVRODJYPMS75099.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-SRFASFD\Sysel
Název procesu: C:\Windows\SysWOW64\SearchIndexer.exe
Verze bezpečnostních informací: AV: 1.417.71.0, AS: 1.417.71.0, NIS: 1.417.71.0
Verze modulu: AM: 1.1.24070.3, NIS: 1.1.24070.3
Event[0]:

Date: 2024-08-27 17:04:43
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.

Date: 2024-04-14 12:09:26
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Zálohování
Kód chyby: 0x80004004
Popis chyby: Operace přerušena
Verze bezpečnostních informací: 1.409.198.0;1.409.198.0
Verze modulu: 1.1.24030.4

Date: 2024-04-14 12:09:26
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80004004
Popis chyby: Operace přerušena
Verze bezpečnostních informací: 1.409.248.0;1.409.248.0
Verze modulu: 1.1.24030.4

Date: 2023-10-07 15:55:44
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.399.194.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23090.2007
Kód chyby: 0x8024001e
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2023-04-20 20:24:33
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.387.1554.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20200.4
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===============
Date: 2021-04-16 17:57:34
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

BIOS: American Megatrends Inc. F12 08/13/2019
Motherboard: Gigabyte Technology Co., Ltd. H310M S2 2.0
Processor: Intel(R) Core(TM) i3-9100F CPU @ 3.60GHz
Percentage of memory in use: 28%
Total physical RAM: 16328.12 MB
Available physical RAM: 11748.98 MB
Total Virtual: 18760.12 MB
Available Virtual: 13386.98 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:118.7 GB) (Free:15.86 GB) (Model: Apacer AS350 128GB) NTFS
Drive d: (Instalace) (Fixed) (Total:931.5 GB) (Free:314.07 GB) (Model: TOSHIBA HDWD110) NTFS
Drive e: (Data) (Fixed) (Total:465.76 GB) (Free:287.62 GB) (Model: WDC WD5000AAKX-60U6AA0) NTFS
Drive f: (Gaming) (Fixed) (Total:953.87 GB) (Free:713.13 GB) (Model: Verbatim Vi550 S3) NTFS

\\?\Volume{6cbf6b1f-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS
\\?\Volume{6cbf6b1f-0000-0000-0000-40b01d000000}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119341
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Detekován PUAbundler:win32/candyopen

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
syslos
Návštěvník
Návštěvník
Příspěvky: 15
Registrován: 27 srp 2024 16:26

Re: Detekován PUAbundler:win32/candyopen

#3 Příspěvek od syslos »

# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build: 03-04-2024
# Database: 2024-03-04.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-27-2024
# Duration: 00:00:00
# OS: Windows 10 (Build 19045.4780)
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1462 octets] - [09/11/2020 17:47:39]
AdwCleaner[S01].txt - [1523 octets] - [25/04/2021 18:17:24]
AdwCleaner[S02].txt - [1584 octets] - [23/10/2022 22:27:54]
AdwCleaner[C02].txt - [1736 octets] - [23/10/2022 22:28:19]
AdwCleaner[S03].txt - [1706 octets] - [24/10/2022 19:46:10]
AdwCleaner[S04].txt - [1767 octets] - [18/02/2023 15:06:33]
AdwCleaner[S05].txt - [1828 octets] - [16/11/2023 15:08:08]
AdwCleaner[S06].txt - [1889 octets] - [20/04/2024 13:34:59]
AdwCleaner[S07].txt - [1950 octets] - [27/08/2024 16:15:03]
AdwCleaner[S08].txt - [2026 octets] - [27/08/2024 16:16:04]
AdwCleaner[S09].txt - [2087 octets] - [27/08/2024 16:29:36]
AdwCleaner[S10].txt - [2148 octets] - [27/08/2024 17:47:27]
AdwCleaner[S11].txt - [2152 octets] - [27/08/2024 17:56:58]
AdwCleaner[S12].txt - [2213 octets] - [27/08/2024 17:59:42]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C12].txt ##########
Nahoru
syslos
Návštěvník
Návštěvník
Příspěvky: 15
Registrován: 27 srp 2024 16:26

Re: Detekován PUAbundler:win32/candyopen

#4 Příspěvek od syslos »

Pro jistotu nové logy z FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-08.2024
Ran by Sysel (administrator) on DESKTOP-SRFASFD (Gigabyte Technology Co., Ltd. H310M S2 2.0) (27-08-2024 18:38:20)
Running from C:\Users\Sysel\Desktop\FRST64.exe
Loaded Profiles: Sysel
Platform: Microsoft Windows 10 Pro Version 22H2 19045.4780 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <14>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_a55aa2cd52a3429d\LMS.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_78cd02ab022cd554\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [YKB 3000 Gaming Keyboard Driver] => C:\Program Files\YKB 3000\YKB 3000 Gaming Keyboard Driver.exe [2039808 2020-11-25] (TODO: <Company name>) [File not signed]
HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14916448 2021-03-26] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\Run: [MicrosoftEdgeAutoLaunch_034C0662AD04BF19A02F5311BBF66569] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3741224 2024-08-22] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-11058042-1712766284-1418202981-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Users\Sysel\Desktop\Fliqlo.scr
HKLM\...\Windows x64\Print Processors\Canon TS5300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDFO.DLL [509952 2019-07-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS5300 series: C:\WINDOWS\system32\CNMLMFO.DLL [940032 2019-07-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\127.0.6533.122\Installer\chrmstp.exe [2024-08-27] (Google LLC -> Google LLC)
Startup: C:\Users\Sysel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Boom3D.lnk [2022-08-23]
ShortcutTarget: Boom3D.lnk -> C:\Program Files\Global Delight\Boom 3D\Boom3D.exe (No File)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {8CE631C0-84D4-4268-94B7-0997DC47E758} - System32\Tasks\Boom 3D App Updater => C:\Program Files\Global Delight\AppUpdater\Updater.exe [6144 2021-11-12] () [File not signed]
Task: {4ECED520-F214-4D6E-911C-47749677A34A} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem129.0.6651.0{C587A6F8-50DD-48C3-9692-4205BC4B835D} => C:\Program Files (x86)\Google\GoogleUpdater\129.0.6651.0\updater.exe [4906600 2024-08-11] (Google LLC -> Google LLC)
Task: {CD1F8192-8DF5-4F63-B71F-8939EF547F15} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A424973E-5D71-4805-8521-F872D090DCFC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8D427426-7982-4E20-B448-4EEAF03B5E39} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4218EF13-36DB-4363-B6C7-CD440DE6842D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4EC1F552-1A1F-4890-8CA8-F64E1BB4B71F} - System32\Tasks\MSILEDKeeper_Host => C:\Program Files (x86)\MSI\MysticLight\LEDKeeper.exe [1071760 2019-09-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {5E91275C-A9EF-4879-9BAA-122C513DB5F7} - System32\Tasks\MSISW_Host => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {9146ADBE-171F-465B-9FB3-D23B03636733} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1277480 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {AF93ECCC-979A-44EB-AAA9-26CA56E57A66} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3347496 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5A161DD9-6B8B-4F85-B021-61B2158FA249} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646696 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {92B46CD6-86BB-4371-85B3-38DA420599B9} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4820E98F-546D-4524-ACF1-DD6817B31658} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0A2B380C-7067-4C03-BF15-48E975114B31} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CD94C078-18F4-4B42-A633-6608163CFD58} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A6FDDF5C-2B2F-4B65-9098-2C5E214D013D} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3CFEAD62-653A-43F3-96B5-8FB17B844F5A} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{2ef07428-8c3a-4cc7-a4ec-a24488856898}: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{d229fd38-bcf5-4aed-a4e4-fe3774f964d9}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{d229fd38-bcf5-4aed-a4e4-fe3774f964d9}: [DhcpDomain] home
Tcpip\..\Interfaces\{d229fd38-bcf5-4aed-a4e4-fe3774f964d9}\55053413630363036353: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{d229fd38-bcf5-4aed-a4e4-fe3774f964d9}\55053413630363036353: [DhcpDomain] docsis.vodafone.cz
Tcpip\..\Interfaces\{d229fd38-bcf5-4aed-a4e4-fe3774f964d9}\F423D294E6475627E65647D25374D2838333: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{d229fd38-bcf5-4aed-a4e4-fe3774f964d9}\F423D294E6475627E65647D25374D2838333: [DhcpDomain] home
Tcpip\..\Interfaces\{d229fd38-bcf5-4aed-a4e4-fe3774f964d9}\F423D294E6475627E65647D2735343: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{d229fd38-bcf5-4aed-a4e4-fe3774f964d9}\F423D294E6475627E65647D2735343D25374: [DhcpNameServer] 10.0.0.138

Edge:
=======
Edge Profile: C:\Users\Sysel\AppData\Local\Microsoft\Edge\User Data\Default [2024-08-27]
Edge Extension: (Dokumenty Google offline) - C:\Users\Sysel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-31]
Edge Extension: (Edge relevant text changes) - C:\Users\Sysel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-04]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Default [2024-08-27]
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.cz/"
CHR Extension: (Překladač Google) - C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2024-07-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-08-27]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-08-24]
CHR Extension: (Violentmonkey) - C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jinjaccalgkegednnccohejagnlnfdag [2024-07-09]
CHR Extension: (Morpheon Dark) - C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad [2024-03-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-15]
CHR Profile: C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-12-10]
CHR Profile: C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\System Profile [2023-12-10]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [2568840 2024-07-21] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1874272 2021-03-26] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6840672 2021-03-26] (GOG Sp. z o.o. -> GOG.com)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpDefenderCoreService.exe [1427024 2024-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 MysticLight2_Service; C:\Program Files (x86)\MSI\MysticLight\MysticLight2_Service.exe [34976 2018-12-20] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_78cd02ab022cd554\Display.NvContainer\NVDisplay.Container.exe [1275016 2024-08-15] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Rockstar Service; D:\Programy\Launcher\RockstarService.exe [2332976 2021-10-24] (Rockstar Games, Inc. -> Rockstar Games) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522096 2024-08-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\NisSrv.exe [3199648 2024-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MsMpEng.exe [133704 2024-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 RTLDHCPService; C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [25560 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [59920 2022-05-31] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2020-10-09] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [19968 2019-10-17] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 FXVAD; C:\WINDOWS\system32\drivers\fxvad.sys [326656 2022-05-30] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 MDA_NTDRV; C:\WINDOWS\system32\MDA_NTDRV.sys [43664 2023-11-13] (Chongqing NIUBI Technology Co., Ltd. -> )
R3 MpKslf031bbed; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1C39B907-B33A-4909-9617-0687C1C52CCD}\MpKslDrv.sys [271640 2024-08-27] (Microsoft Windows -> Microsoft Corporation)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\MysticLight\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [47240 2024-04-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 RTCore64; D:\Programy\MSI Afterburner\RTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22080 2024-08-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [602504 2024-08-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2024-08-10] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz149; \??\C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys [X] <==== ATTENTION
S3 TRIXX; \??\C:\Users\Sysel\AppData\Local\Temp\TRIXX.sys [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-08-27 18:38 - 2024-08-27 18:38 - 000017729 _____ C:\Users\Sysel\Desktop\FRST.txt
2024-08-27 17:58 - 2024-08-27 17:58 - 008790880 _____ (Malwarebytes) C:\Users\Sysel\Desktop\AdwCleaner.exe
2024-08-27 17:51 - 2024-08-27 17:59 - 000000000 ____D C:\Users\Sysel\AppData\Local\Malwarebytes
2024-08-27 17:43 - 2024-08-27 17:18 - 088604672 _____ C:\WINDOWS\system32\config\SOFTWARE
2024-08-27 17:42 - 2024-08-27 17:43 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2024-08-27 17:23 - 2024-08-27 18:38 - 000000000 ____D C:\FRST
2024-08-27 17:23 - 2024-08-27 17:23 - 002397184 _____ (Farbar) C:\Users\Sysel\Desktop\FRST64.exe
2024-08-27 16:27 - 2024-08-27 16:27 - 000000889 _____ C:\Users\Sysel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\adwcleaner(3).lnk
2024-08-24 20:32 - 2024-08-24 20:32 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-08-24 20:32 - 2024-08-24 20:32 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-08-24 20:32 - 2024-08-24 20:32 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-08-24 20:32 - 2024-08-24 20:32 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-08-24 20:32 - 2024-08-24 20:32 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-08-24 20:32 - 2024-08-24 20:32 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-08-24 20:32 - 2024-08-24 20:32 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-08-24 20:32 - 2024-08-24 20:32 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-08-24 20:32 - 2024-08-24 20:32 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-08-24 20:32 - 2024-06-11 22:19 - 002900520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2024-08-24 20:32 - 2024-06-11 22:19 - 002231336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2024-08-24 20:32 - 2024-06-11 22:18 - 001296936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2024-08-24 20:32 - 2024-03-26 21:11 - 000180760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2024-08-24 20:32 - 2024-03-26 21:11 - 000159768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2024-08-24 20:25 - 2024-08-24 20:25 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2024-08-24 20:22 - 2024-08-14 12:00 - 000121872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2024-08-24 20:21 - 2024-08-15 03:31 - 025312928 _____ C:\WINDOWS\system32\nvidia-pcc.exe
2024-08-24 20:21 - 2024-08-15 03:31 - 002040584 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2024-08-24 20:21 - 2024-08-15 03:31 - 002040584 _____ C:\WINDOWS\system32\vulkaninfo.exe
2024-08-24 20:21 - 2024-08-15 03:31 - 001583888 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-08-24 20:21 - 2024-08-15 03:31 - 001583888 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2024-08-24 20:21 - 2024-08-15 03:31 - 001446800 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2024-08-24 20:21 - 2024-08-15 03:31 - 001446800 _____ C:\WINDOWS\system32\vulkan-1.dll
2024-08-24 20:21 - 2024-08-15 03:31 - 001296656 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2024-08-24 20:21 - 2024-08-15 03:31 - 001296656 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2024-08-24 20:21 - 2024-08-15 03:31 - 000477824 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2024-08-24 20:21 - 2024-08-15 03:31 - 000374936 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2024-08-24 20:21 - 2024-08-15 03:28 - 001078944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2024-08-24 20:21 - 2024-08-15 03:28 - 000669824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2024-08-24 20:21 - 2024-08-15 03:28 - 000505904 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2024-08-24 20:21 - 2024-08-15 03:27 - 002178712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2024-08-24 20:21 - 2024-08-15 03:27 - 001629312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2024-08-24 20:21 - 2024-08-15 03:27 - 001547440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2024-08-24 20:21 - 2024-08-15 03:27 - 001202712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2024-08-24 20:21 - 2024-08-15 03:27 - 001034400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2024-08-24 20:21 - 2024-08-15 03:27 - 000856600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2024-08-24 20:21 - 2024-08-15 03:27 - 000796808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2024-08-24 20:21 - 2024-08-15 03:26 - 014270088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2024-08-24 20:21 - 2024-08-15 03:26 - 000461976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2024-08-24 20:21 - 2024-08-15 03:25 - 016200344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2024-08-24 20:21 - 2024-08-15 03:25 - 006914184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2024-08-24 20:21 - 2024-08-15 03:25 - 005910152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2024-08-24 20:21 - 2024-08-15 03:25 - 005349000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2024-08-24 20:21 - 2024-08-15 03:25 - 003788416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2024-08-24 20:21 - 2024-08-15 03:25 - 000853128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2024-08-24 20:21 - 2024-08-15 03:24 - 007133024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2024-08-24 20:21 - 2024-08-15 03:24 - 006212736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2024-08-24 20:21 - 2024-08-14 12:00 - 000127247 _____ C:\WINDOWS\system32\nvinfo.pb
2024-08-24 20:16 - 2024-08-24 20:20 - 701110360 _____ (NVIDIA Corporation) C:\Users\Sysel\Desktop\560.94-desktop-win10-win11-64bit-international-dch-whql.exe
2024-08-24 19:37 - 2024-03-26 21:11 - 000059928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2024-08-24 19:37 - 2024-03-26 19:21 - 000060240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2024-08-24 19:36 - 2024-08-24 19:36 - 000000000 ____D C:\Users\Sysel\Documents\Ghost of Tsushima DIRECTOR'S CUT
2024-08-24 19:36 - 2024-08-24 19:36 - 000000000 ____D C:\Users\Sysel\AppData\Roaming\Sucker Punch Productions
2024-08-24 18:59 - 2024-08-24 18:59 - 000000000 ____D C:\Users\Sysel\AppData\Roaming\kebug
2024-08-24 14:57 - 2024-08-24 14:57 - 000106496 _____ (PCGameBenchmark) C:\Users\Sysel\Desktop\PCGameBenchmark_Detector.exe
2024-08-19 21:38 - 2024-08-19 21:38 - 000000000 ___HD C:\$WinREAgent
2024-08-12 18:53 - 2024-08-12 18:53 - 000000000 ____D C:\Users\Sysel\AppData\Roaming\Wise
2024-07-29 09:20 - 2024-07-29 09:20 - 000000405 _____ C:\Users\Public\Desktop\Grim Dawn.lnk
2024-07-28 14:54 - 2024-07-28 15:00 - 000000000 ____D C:\Users\Sysel\AppData\LocalLow\Stunlock Studios

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-08-27 18:24 - 2021-04-15 19:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-08-27 18:11 - 2022-02-27 19:48 - 000000000 ____D C:\Users\Sysel\AppData\Roaming\qBittorrent
2024-08-27 18:01 - 2023-07-15 21:09 - 000000000 ____D C:\ProgramData\NVIDIA
2024-08-27 17:59 - 2021-04-15 19:36 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-08-27 17:59 - 2021-04-15 19:35 - 000000000 ____D C:\WINDOWS\INF
2024-08-27 17:25 - 2021-04-15 19:37 - 000716874 _____ C:\WINDOWS\system32\perfh005.dat
2024-08-27 17:25 - 2021-04-15 19:37 - 000145052 _____ C:\WINDOWS\system32\perfc005.dat
2024-08-27 17:25 - 2021-04-15 18:53 - 001693568 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-08-27 17:20 - 2023-10-07 16:01 - 000000445 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2024-08-27 17:18 - 2023-07-15 20:50 - 000001134 _____ C:\WINDOWS\system32\config\VSMIDK
2024-08-27 17:18 - 2021-04-15 19:32 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-08-27 17:18 - 2021-04-15 18:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-08-27 17:18 - 2020-09-27 07:55 - 000008192 ___SH C:\DumpStack.log.tmp
2024-08-27 17:04 - 2021-04-15 20:09 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2024-08-27 16:55 - 2021-04-15 18:52 - 000000000 ____D C:\Users\Sysel\AppData\Local\D3DSCache
2024-08-27 16:35 - 2021-12-18 18:35 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-08-27 16:35 - 2021-04-15 19:36 - 000000000 ___HD C:\Program Files\WindowsApps
2024-08-27 16:35 - 2021-04-15 19:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-08-27 16:09 - 2020-11-18 18:00 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-08-25 16:03 - 2022-06-13 18:19 - 000000000 ____D C:\Users\Sysel\AppData\Local\CrashDumps
2024-08-25 14:26 - 2021-09-01 13:04 - 000000000 ____D C:\Users\Sysel\AppData\Local\NVIDIA Corporation
2024-08-24 20:38 - 2023-07-15 21:09 - 000000000 ____D C:\Users\Sysel\AppData\Local\NVIDIA
2024-08-24 20:38 - 2023-07-15 21:09 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2024-08-24 20:32 - 2023-07-15 21:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2024-08-24 20:32 - 2021-04-16 18:26 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2024-08-24 20:32 - 2021-04-16 18:26 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2024-08-24 20:32 - 2021-04-15 19:23 - 000000000 ____D C:\ProgramData\Package Cache
2024-08-24 20:25 - 2023-07-15 21:09 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2024-08-24 18:57 - 2021-04-15 18:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-08-24 14:57 - 2020-09-27 09:58 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-08-22 21:20 - 2021-04-15 18:42 - 000404104 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-08-22 21:19 - 2023-10-07 15:55 - 000000000 ____D C:\Program Files\Hyper-V
2024-08-22 21:19 - 2023-07-15 21:09 - 000000000 ___SD C:\WINDOWS\system32\lxss
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 ____D C:\WINDOWS\SystemResources
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 ____D C:\WINDOWS\system32\setup
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 ____D C:\WINDOWS\Provisioning
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-08-19 21:49 - 2021-04-15 19:33 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-08-19 21:45 - 2021-04-15 18:44 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-08-17 21:05 - 2021-04-17 15:31 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-08-17 21:03 - 2021-04-17 15:31 - 197093640 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-08-10 22:27 - 2021-04-15 18:42 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-07-29 09:34 - 2020-11-29 18:52 - 000000000 ____D C:\Users\Sysel\Documents\My Games
2024-07-28 14:56 - 2022-06-04 15:41 - 000000000 ____D C:\ProgramData\Battle.net
2024-07-28 14:15 - 2021-04-15 18:43 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-07-28 14:15 - 2021-04-15 18:43 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

==================== Files in the root of some directories ========

2022-07-25 21:38 - 2022-07-27 12:02 - 000000813 _____ () C:\Users\Sysel\AppData\Roaming\DESKTOP-SRFASFD.MTBF.txt
2021-05-01 19:41 - 2021-05-01 19:46 - 000012288 _____ () C:\Users\Sysel\AppData\Roaming\emp.bin
2023-11-10 11:28 - 2023-11-10 11:35 - 000000016 _____ () C:\Users\Sysel\AppData\Roaming\msregsvv.dll
2022-07-25 21:56 - 2022-07-25 21:56 - 000003584 _____ () C:\Users\Sysel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2023-07-15 22:27 - 2023-07-15 22:27 - 000000291 _____ () C:\Users\Sysel\AppData\Local\ledConfiguration.config
2023-07-15 22:27 - 2023-07-15 22:42 - 000000747 _____ () C:\Users\Sysel\AppData\Local\NvidiaLEDVisualizer.config

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-08.2024
Ran by Sysel (27-08-2024 18:39:25)
Running from C:\Users\Sysel\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.4780 (X64) (2021-04-15 16:52:26)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-11058042-1712766284-1418202981-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-11058042-1712766284-1418202981-503 - Limited - Disabled)
Guest (S-1-5-21-11058042-1712766284-1418202981-501 - Limited - Disabled)
Sysel (S-1-5-21-11058042-1712766284-1418202981-1001 - Administrator - Enabled) => C:\Users\Sysel
WDAGUtilityAccount (S-1-5-21-11058042-1712766284-1418202981-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
A Sharper Scaling version 1.2 (HKLM-x32\...\{7CFADE53-9599-48C5-9FE3-689E56C1D96B}_is1) (Version: 1.2 - )
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Assassins Creed Origins The Curse of the Pharaohs (HKLM-x32\...\Assassins Creed Origins The Curse of the Pharaohs_is1) (Version: - )
Audacity 3.4.2 (HKLM\...\Audacity_is1) (Version: 3.4.2 - Audacity Team)
BS.Player PRO (HKLM-x32\...\BSPlayerp) (Version: 2.74.1085 - AB Team, d.o.o.)
Creative Pack Volume 1 (HKLM\...\{997BE27F-A97F-4EF4-B841-D20ABF1CD6DC}) (Version: 4.0.0 - Corel Corporation)
CustomsForge Song Manager - Latest Build 1.6.0.1 (HKLM-x32\...\58F35625-541C-493A-A289-4B2D362DAFE0_is1) (Version: 1.6.0.1 - CustomsForge)
Days Gone (HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\FLT_Days Gone) (Version: - )
Dazzle Video Capture DVC100 X64 Driver 1.08 (HKLM-x32\...\{FB4B9EB9-68B2-4C42-8C38-B65F8FE5A5CA}) (Version: 1.08.0000 - Pinnacle)
Dynamic Application Loader Host Interface Service (HKLM\...\{F8197FEC-9FA0-4488-AC9D-38E67D58FDAC}) (Version: 1.0.0.0 - Intel Corporation) Hidden
ENE RGB HAL (HKLM\...\{B380DBDE-BA95-481B-92E9-52F2E5E84F24}) (Version: 1.00.15 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{adbc3d98-57f2-4d68-b155-138f8fb0f73d}) (Version: 1.00.15 - Ene Tech.) Hidden
ENE_DRAM_RGB_AURA42 (HKLM\...\{BC5E0A82-C638-44CB-8129-20C8ED70DE7A}) (Version: 1.00.02 - Ene Tech.) Hidden
ENE_DRAM_RGB_AURA42 (HKLM-x32\...\{f3d7fb09-b93f-4c01-a765-0b0adc5bc746}) (Version: 1.00.02 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{1CD178C9-BB49-4E59-9DA6-3C152E2A9844}) (Version: 1.00.01 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{fe81cfd3-9db4-409d-b0f9-26707d1423c6}) (Version: 1.00.01 - ENE TECHNOLOGY INC.) Hidden
Geeks3D FurMark 1.25.1.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: 1.25.1.0 - Geeks3D)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 127.0.6533.122 - Google LLC)
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.2372.2 - Rockstar Games)
Grim Dawn (HKLM-x32\...\Grim Dawn_is1) (Version: - )
Guitar Rig 6 (HKLM\...\Guitar Rig 6 Pro_is1) (Version: 6.0.3 - Native Instruments & Team V.R)
Heavy Rain (HKLM-x32\...\Heavy Rain_is1) (Version: - )
Hogwarts Legacy (HKLM-x32\...\Hogwarts Legacy_is1) (Version: 0.0.0 - DODI-Repacks)
INDIKA - CZ (HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\INDIKA - CZ) (Version: - )
Intel(R) Chipset Device Software (HKLM\...\{44C34709-F068-4CBC-8A71-515EDBC3B2A6}) (Version: 10.1.18383.8213 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{afad3740-3061-4b48-a9ab-6f1435cb3dd6}) (Version: 10.1.18383.8213 - Intel(R) Corporation)
Intel(R) Icls (HKLM\...\{456B5CCF-722F-4AC9-9490-3C9FCADEEEF2}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) LMS (HKLM\...\{AD1C4C82-ED20-4DD6-A5BA-DA8748D1AF98}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2020.14.0.1600 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{B8179F2A-010B-4F9C-AFA1-FB38E4D387A8}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{BAA8CB3F-7E98-4064-8ED5-3C116C15EF13}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{E22D7631-A5A7-4483-9E20-7C91E447B94C}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Kingdom Come: Deliverance - A Woman's Lot (HKLM-x32\...\1460218995_is1) (Version: 1.9.6-404-504czj3 - GOG.com)
Kingdom Come: Deliverance – Band of Bastards (HKLM-x32\...\1957357825_is1) (Version: 1.9.6-404-504czj3 - GOG.com)
Kingdom Come: Deliverance – From the Ashes (HKLM-x32\...\1201995925_is1) (Version: 1.9.6-404-504czj3 - GOG.com)
Kingdom Come: Deliverance – The Amorous Adventures of Bold Sir Hans Capon (HKLM-x32\...\1336069439_is1) (Version: 1.9.6-404-504czj3 - GOG.com)
Kingdom Come: Deliverance (HKLM-x32\...\1719198803_is1) (Version: 1.9.6-404-504czj3 - GOG.com)
Kingdom Come: Deliverance Treasures of the Past DLC (HKLM-x32\...\1300320746_is1) (Version: 1.9.6-404-504czj3 - GOG.com)
Kontrola stavu osobního počítače s Windows (HKLM\...\{95548B78-8547-4E91-B0DA-1CBB82150917}) (Version: 3.7.2204.15001 - Microsoft Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Life is Strange 2 (HKLM-x32\...\Life is Strange 2_is1) (Version: 0.0.0 - DODI-Repacks)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 128.0.2739.42 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 128.0.2739.42 - Microsoft Corporation)
Microsoft Office Access MUI (Czech) 2007 (HKLM-x32\...\{90120000-0015-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Excel MUI (Czech) 2007 (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Czech) 2007 (HKLM-x32\...\{90120000-00BA-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2007 (HKLM-x32\...\{90120000-0044-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (HKLM\...\{90120000-002A-0000-1000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2007 (HKLM-x32\...\{90120000-00A1-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2007 (HKLM-x32\...\{90120000-001A-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2007 (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proof (Czech) 2007 (HKLM-x32\...\{90120000-001F-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2007 (HKLM-x32\...\{90120000-001F-041B-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2007 (HKLM-x32\...\{90120000-002C-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2007 (HKLM-x32\...\{90120000-0019-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2007 (HKLM\...\{90120000-002A-0405-1000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2007 (HKLM-x32\...\{90120000-006E-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2007 (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33135 (HKLM-x32\...\{c649ede4-f16a-4486-a117-dcc2f2a35165}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.38.33135 (HKLM-x32\...\{46c3b171-c15c-4137-8e1d-67eeb2985b44}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33135 (HKLM\...\{19AFE054-CA83-45D5-A9DB-4108EF4BD391}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33135 (HKLM\...\{AA0C8AB5-7297-4D46-A0D9-08096FE59E46}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.38.33135 (HKLM-x32\...\{9C19C103-7DB1-44D1-A039-2C076A633A38}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.38.33135 (HKLM-x32\...\{286DC39B-5FB7-4AFF-9DD4-22DB47664CD7}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Minimal ADB and Fastboot version 1.4.3 (HKLM-x32\...\{B561660D-8B3C-491D-9E3E-293F14FCAADA}_is1) (Version: 1.4.3 - Samuel Rodberg)
Modern Warfare Remastered v.1.15.1251288.0 (HKLM-x32\...\{6033673D-2930-7711-3AD2-EB059FC263F9}_is1) (Version: - RePack by Canek77)
MSI Afterburner 4.6.4 Beta 3 (HKLM-x32\...\Afterburner) (Version: 4.6.4 Beta 3 - MSI Co., LTD)
MSI MysticLight (HKLM-x32\...\{93874B70-6C5E-446A-AF4D-E5AC776A0386}}_is1) (Version: 3.0.0.70 - MSI)
NewBlue Effects (HKLM\...\{C68BAB1A-C7DF-4D81-83FC-981B31921924}) (Version: 2.1.0 - Corel Corporation)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.28.0.417 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.28.0.417 - NVIDIA Corporation)
NVIDIA LED Visualizer 1.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.LEDVisualizer) (Version: 1.3 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.4.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.0.1 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 560.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 560.94 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
Paint Shop Pro 7 ESD (HKLM-x32\...\{D6DE02C7-1F47-11D4-9515-00105AE4B89A}) (Version: 7.0.0.0000 - Jasc Software Inc)
qBittorrent (HKLM-x32\...\qBittorrent) (Version: 4.6.0 - The qBittorrent project)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.46.1231.2020 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
Red Dead Redemption 2 (HKLM-x32\...\Red Dead Redemption 2_is1) (Version: - )
RivaTuner Statistics Server 7.3.2 Beta 2 (HKLM-x32\...\RTSS) (Version: 7.3.2 Beta 2 - Unwinder)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.37.349 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.9.3 - Rockstar Games)
Sapphire TRIXX 8.6.0 (HKLM-x32\...\{49272457-BEDE-4A3A-808F-7BBD4840E85B}_is1) (Version: 8.6.0 - Sapphire)
ScoreFitter Volumes 1-2 (HKLM\...\{5CA29919-6361-4A17-91C5-6819E43794B1}) (Version: 3.0 - Corel Corporation)
Sims 4 Mod Manager version b1.0.9 (HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\{0A555FCD-A8E3-47F6-B776-033D8017BFDC}_is1) (Version: b1.0.9 - GameTimeDev)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.99.305.1020 - Electronic Arts Inc.)
The Witcher 3: Wild Hunt - Game of the Year Edition (HKLM-x32\...\1495134320_is1) (Version: 4.02_Hotfix - GOG.com)
Title Extreme (HKLM\...\{3B519225-B4B2-40B7-A431-3C6AAE2831B4}) (Version: 3.0 - Corel Corporation)
TP-Link Archer T2U Plus Driver (HKLM-x32\...\{D646A985-33A6-4D98-973F-44CC267BD834}) (Version: 2.1.0 - TP-Link)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{85C69797-7336-4E83-8D97-32A7C8465A3B}) (Version: 8.94.0.0 - Microsoft Corporation)
Wondershare Filmora 11(Build 11.0.10.2) (HKLM\...\Wondershare Filmora 11_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
YKB 3000 Gaming Keyboard Driver (HKLM-x32\...\YKB 3000 Gaming Keyboard Driver) (Version: V1.01n - YENKEE)

Chrome apps:
============
YouTube Music (HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\7d0759e527abc1afd161532a334cc2fe) (Version: 1.0 - Google\Chrome)

Packages:
=========

AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.2.1293.0_x64__8wekyb3d8bbwe [2024-06-09] (Microsoft Corporation)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2023-11-16] (Canon Inc.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-07-25] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-04-16] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-04-16] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-08-24] (NVIDIA Corp.)
Pantone Color of the Year 2022 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.PantoneColoroftheYear2022_1.0.0.0_neutral__8wekyb3d8bbwe [2023-11-07] (Microsoft Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.20.235.0_x64__dt26b99r8h8gj [2023-06-10] (Realtek Semiconductor Corp)
Vyhledávání na webu z Microsoft Bingu -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.95.0_x64__8wekyb3d8bbwe [2024-07-23] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-11058042-1712766284-1418202981-1001_Classes\CLSID\{e1a7f602-67b7-44f7-ad19-439e41f06cd8}\localserver32 -> "C:\Program Files\Global Delight\Boom 3D\Boom3D.exe" -ToastActivated => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu64.dll -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu64.dll -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_78cd02ab022cd554\nvshext.dll [2024-08-15] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.RTV1] => C:\WINDOWS\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2023-08-06] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2023-08-06] (Electronic Arts -> On2.com)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_cinhimbnkkaeohfgghhklpknlkffjgod\YouTube Music.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cinhimbnkkaeohfgghhklpknlkffjgod
ShortcutWithArgument: C:\Users\Sysel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube Music.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cinhimbnkkaeohfgghhklpknlkffjgod
ShortcutWithArgument: C:\Users\Sysel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\YouTube Music.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cinhimbnkkaeohfgghhklpknlkffjgod

==================== Loaded Modules (Whitelisted) =============

2021-04-16 18:07 - 2019-02-21 18:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2021-04-15 19:36 - 2021-04-17 17:10 - 000000965 ____R C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 disc-soft.com
0.0.0.0 secure.disc-soft.com
0.0.0.0 rp.totafofesos1.com
0.0.0.0 os.totafofesos1.com
0.0.0.0 os2.totafofesos1.com

2023-10-07 16:01 - 2024-08-27 17:20 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.32.1 DESKTOP-SRFASFD.mshome.net # 2029 8 0 26 15 20 48 831

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-11058042-1712766284-1418202981-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sysel\Pictures\wallpaper-mania.com_High_resolution_wallpaper_background_ID_77700001659.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

Network Binding:
=============
Wi-Fi 3: TP-Link Wireless USB Adapter -> rtwlanu.sys
vEthernet (Default Switch): Hyper-V Virtual Ethernet Adapter -> VmsProxyHNic.sys
Ethernet: Realtek Gaming GbE Family Controller -> rt640x64.sys

vms_vsf: Hyper-V Virtual Switch Extension Filter
ms_vfpext: Microsoft Azure VFP Switch Extension
vms_vsp: Hyper-V Virtual Switch Extension Protocol

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "YKB 3000 Gaming Keyboard Driver"
HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\StartupApproved\StartupFolder: => "Boom3D.lnk"
HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\StartupApproved\Run: => "GogGalaxy"
HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_034C0662AD04BF19A02F5311BBF66569"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{23A1CEE7-90FF-474F-842E-DABEB0919596}C:\users\sysel\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\sysel\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{8C49988C-6732-43B6-822B-06AF8D51E2B0}C:\users\sysel\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\sysel\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [{C4C5FBC2-D058-4C3E-B956-5616A11F3565}] => (Allow) D:\Programy\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3A28D871-FD36-4243-9651-597AA33A826C}] => (Allow) D:\Programy\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{F7B0B944-B267-4D80-8CE6-B94DF75B746D}] => (Allow) D:\Programy\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7BF9B97D-51F3-43BF-977E-6E9CFFE0B487}] => (Allow) D:\Programy\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{C2EAD904-A962-4430-8F18-FFEEC88DD069}] => (Allow) C:\Users\Sysel\AppData\Roaming\uTorrent\utorrent.exe => No File
FirewallRules: [{0641D0A8-0CCD-40C6-ABE6-CA0D78442D23}] => (Allow) C:\Users\Sysel\AppData\Roaming\uTorrent\utorrent.exe => No File
FirewallRules: [{D8470CA1-A98B-4A96-8BED-EBCE1A1FEC20}] => (Allow) D:\Down\Red.Dead.Redemption.2.Ultimate.Edition.RGL.Rip-InsaneRamZes\Red Dead Redemption 2\RDR2.exe => No File
FirewallRules: [{34944E95-A2F5-4698-A2CE-338DE74E646D}] => (Allow) D:\Down\Red.Dead.Redemption.2.Ultimate.Edition.RGL.Rip-InsaneRamZes\Red Dead Redemption 2\RDR2.exe => No File
FirewallRules: [{0D65A1B8-ABAB-4849-B1E3-01B81A2AF123}] => (Allow) D:\Hry\SimCity 2013 Offline\SimCity\SimCity.exe => No File
FirewallRules: [{62B8D5AA-562D-4E48-B025-6A870265D4BC}] => (Allow) D:\Hry\SimCity 2013 Offline\SimCity\SimCity.exe => No File
FirewallRules: [TCP Query User{65D25CBF-68B0-4089-B9D4-102D36ED1BF0}D:\hry\the sims 4\game\bin\ts4_x64.exe] => (Block) D:\hry\the sims 4\game\bin\ts4_x64.exe => No File
FirewallRules: [UDP Query User{8FF88867-9BB2-463B-9477-96DF2A9A04AB}D:\hry\the sims 4\game\bin\ts4_x64.exe] => (Block) D:\hry\the sims 4\game\bin\ts4_x64.exe => No File
FirewallRules: [TCP Query User{259943CC-11E9-4442-8ADD-68D4571D59C1}D:\hry\life is strange 2\lis2\binaries\win64\lis2-win64-shipping.exe] => (Block) D:\hry\life is strange 2\lis2\binaries\win64\lis2-win64-shipping.exe => No File
FirewallRules: [UDP Query User{1FE347FD-9A6B-4594-8E84-9DB13D4C8586}D:\hry\life is strange 2\lis2\binaries\win64\lis2-win64-shipping.exe] => (Block) D:\hry\life is strange 2\lis2\binaries\win64\lis2-win64-shipping.exe => No File
FirewallRules: [TCP Query User{A906A3CF-75AA-4A75-9E07-3C9DC04D6508}D:\hry\wolfenstein new order\wolfneworder_x64.exe] => (Block) D:\hry\wolfenstein new order\wolfneworder_x64.exe => No File
FirewallRules: [UDP Query User{17DE4DCB-05AA-4CB7-ADB8-3983D337793C}D:\hry\wolfenstein new order\wolfneworder_x64.exe] => (Block) D:\hry\wolfenstein new order\wolfneworder_x64.exe => No File
FirewallRules: [{762B8DC1-B6F3-4217-B868-6BBFB2501B58}] => (Allow) D:\Programy\Steam\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [{FC341532-D3FA-489F-A0CC-C86EF585F0A6}] => (Allow) D:\Programy\Steam\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [TCP Query User{81649A25-BF09-482B-8B95-523CBEEA36E5}D:\down\sniper.ghost.warrior.contracts.2.deluxe.arsenal.edition.steam.rip-insaneramzes\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe] => (Block) D:\down\sniper.ghost.warrior.contracts.2.deluxe.arsenal.edition.steam.rip-insaneramzes\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe => No File
FirewallRules: [UDP Query User{514B9B7E-2BB9-4C51-B54A-455950873C0F}D:\down\sniper.ghost.warrior.contracts.2.deluxe.arsenal.edition.steam.rip-insaneramzes\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe] => (Block) D:\down\sniper.ghost.warrior.contracts.2.deluxe.arsenal.edition.steam.rip-insaneramzes\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe => No File
FirewallRules: [TCP Query User{0D9DE676-6A1B-4E35-90D0-E4DAA82145DD}D:\games\age of empires iii definitive edition the african royals\aoe3de_s.exe] => (Block) D:\games\age of empires iii definitive edition the african royals\aoe3de_s.exe => No File
FirewallRules: [UDP Query User{9C6444D4-E496-4B5F-8B78-D13A8260F911}D:\games\age of empires iii definitive edition the african royals\aoe3de_s.exe] => (Block) D:\games\age of empires iii definitive edition the african royals\aoe3de_s.exe => No File
FirewallRules: [TCP Query User{918ECCD5-D437-4294-A772-3E9A4B45711D}D:\games\age of empires iii definitive edition the african royals\battleserver.exe] => (Block) D:\games\age of empires iii definitive edition the african royals\battleserver.exe => No File
FirewallRules: [UDP Query User{952FF2F7-81C9-4282-9FEC-43BC5A2230C0}D:\games\age of empires iii definitive edition the african royals\battleserver.exe] => (Block) D:\games\age of empires iii definitive edition the african royals\battleserver.exe => No File
FirewallRules: [TCP Query User{51433B84-45D7-4920-AC77-698466CA61D5}D:\down\dyson sphere program cz-chi v0.8.19.7863\dspgame.exe] => (Block) D:\down\dyson sphere program cz-chi v0.8.19.7863\dspgame.exe => No File
FirewallRules: [UDP Query User{82FACEA8-4F66-4103-A43F-4F5858B66F18}D:\down\dyson sphere program cz-chi v0.8.19.7863\dspgame.exe] => (Block) D:\down\dyson sphere program cz-chi v0.8.19.7863\dspgame.exe => No File
FirewallRules: [TCP Query User{F1E40901-3762-4E73-96A6-D3FC7469EFBF}D:\hry\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) D:\hry\kingdom come deliverance\bin\win64\kingdomcome.exe => No File
FirewallRules: [UDP Query User{DB197F8E-DDF9-4F47-BCC4-C68B07C2512E}D:\hry\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) D:\hry\kingdom come deliverance\bin\win64\kingdomcome.exe => No File
FirewallRules: [TCP Query User{3A96A03F-32AA-4731-8F74-F91A1C773527}D:\hry\need for speed heat\needforspeedheat.exe] => (Block) D:\hry\need for speed heat\needforspeedheat.exe => No File
FirewallRules: [UDP Query User{B9452433-3059-4969-BC57-4D30D4EECCA7}D:\hry\need for speed heat\needforspeedheat.exe] => (Block) D:\hry\need for speed heat\needforspeedheat.exe => No File
FirewallRules: [TCP Query User{0AF3056A-DA73-4ACE-9C57-338E151D1F98}D:\down\festival.tycoon.early.access\festivaltycoon.exe] => (Block) D:\down\festival.tycoon.early.access\festivaltycoon.exe => No File
FirewallRules: [UDP Query User{883B843B-DBA5-4F3F-BBA6-8EA130CACBEB}D:\down\festival.tycoon.early.access\festivaltycoon.exe] => (Block) D:\down\festival.tycoon.early.access\festivaltycoon.exe => No File
FirewallRules: [TCP Query User{989539A0-3332-4B4A-B55D-D6A299C5830C}D:\down\forza.horizon.4.ultimate.edition.steam.rip-insaneramzes\forzahorizon4\forzahorizon4.exe] => (Block) D:\down\forza.horizon.4.ultimate.edition.steam.rip-insaneramzes\forzahorizon4\forzahorizon4.exe => No File
FirewallRules: [UDP Query User{3F3A6F36-32B3-4135-B91F-4DD74717A76F}D:\down\forza.horizon.4.ultimate.edition.steam.rip-insaneramzes\forzahorizon4\forzahorizon4.exe] => (Block) D:\down\forza.horizon.4.ultimate.edition.steam.rip-insaneramzes\forzahorizon4\forzahorizon4.exe => No File
FirewallRules: [TCP Query User{689E6190-A0CF-4D0A-A189-761E02E1D4CE}D:\hry\grand theft auto v\gta5.exe] => (Block) D:\hry\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) [File not signed]
FirewallRules: [UDP Query User{559DB2A7-0A44-49A4-9716-FCCA6F92DEB6}D:\hry\grand theft auto v\gta5.exe] => (Block) D:\hry\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) [File not signed]
FirewallRules: [TCP Query User{CD67C3CE-2279-42DA-A485-AD82AF6AE751}D:\down\indoorlands.early.access\indoorlands.exe] => (Block) D:\down\indoorlands.early.access\indoorlands.exe => No File
FirewallRules: [UDP Query User{0819A883-227F-48EE-BE51-9EF011A9E889}D:\down\indoorlands.early.access\indoorlands.exe] => (Block) D:\down\indoorlands.early.access\indoorlands.exe => No File
FirewallRules: [TCP Query User{C2DCA2D7-B954-4795-9A2F-31366967DF38}D:\hry\age of empires iv\reliccardinal.exe] => (Block) D:\hry\age of empires iv\reliccardinal.exe => No File
FirewallRules: [UDP Query User{FB46B4F5-87BB-471E-B781-1605B311DF5D}D:\hry\age of empires iv\reliccardinal.exe] => (Block) D:\hry\age of empires iv\reliccardinal.exe => No File
FirewallRules: [TCP Query User{A13859C0-6191-41BD-89A4-C2F8DE145660}D:\hry\forza horizon 5\forzahorizon5.exe] => (Block) D:\hry\forza horizon 5\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{8A7B3C22-E7CB-4026-AE53-2C89998CF570}D:\hry\forza horizon 5\forzahorizon5.exe] => (Block) D:\hry\forza horizon 5\forzahorizon5.exe => No File
FirewallRules: [TCP Query User{4C6B9F0D-DC89-4C0F-BFE4-9C51A61F5242}D:\down\grand.theft.auto.the.trilogy.the.definitive.edition-p2p\gta san andreas - definitive edition\gameface\binaries\win64\sanandreas.exe] => (Block) D:\down\grand.theft.auto.the.trilogy.the.definitive.edition-p2p\gta san andreas - definitive edition\gameface\binaries\win64\sanandreas.exe => No File
FirewallRules: [UDP Query User{1BC78239-4F6B-4ADB-ADF6-E7C6CAB44535}D:\down\grand.theft.auto.the.trilogy.the.definitive.edition-p2p\gta san andreas - definitive edition\gameface\binaries\win64\sanandreas.exe] => (Block) D:\down\grand.theft.auto.the.trilogy.the.definitive.edition-p2p\gta san andreas - definitive edition\gameface\binaries\win64\sanandreas.exe => No File
FirewallRules: [{FCACA640-1964-4BC7-9DEF-F7A677353DC1}] => (Allow) C:\PROGRA~2\netis\USBWIR~1\RtWlan.exe => No File
FirewallRules: [{C694B2A3-AA51-49DC-9847-00A31CC018F9}] => (Allow) LPort=1542
FirewallRules: [{EFA625FA-4A5C-46C3-B8B4-A200C5470FBF}] => (Allow) LPort=1542
FirewallRules: [{37153D3B-B556-4E1C-A738-820CC63E772D}] => (Allow) LPort=53
FirewallRules: [{277E084D-CD12-4834-B149-2400EB5ED518}] => (Allow) C:\PROGRA~2\netis\USBWIR~1\Rtldhcp.exe => No File
FirewallRules: [{5FBBE0D4-2358-4E70-9FAD-E6479F7740B7}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe => No File
FirewallRules: [{8BA88D34-886F-49D3-8E22-023FC28856E6}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe => No File
FirewallRules: [{CBF19A06-A456-4C54-A371-FA3CF28E4C53}] => (Allow) LPort=53
FirewallRules: [{672246B4-D9F9-4760-9DDD-0CB61AD192E3}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe => No File
FirewallRules: [{2D6C2062-B12F-497B-83F6-257021AED866}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe => No File
FirewallRules: [{5F00D6D1-1DFD-4F52-A171-D5957A5C05F3}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe => No File
FirewallRules: [{DA9D1287-C545-4055-B3EC-8981BD7B25B5}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe => No File
FirewallRules: [TCP Query User{AE4F077E-A4D4-44D4-BF9D-74B38C7AA96F}D:\hry\firewatch\firewatch.exe] => (Block) D:\hry\firewatch\firewatch.exe => No File
FirewallRules: [UDP Query User{1C03A703-F818-41A7-AB27-44769CCEBB54}D:\hry\firewatch\firewatch.exe] => (Block) D:\hry\firewatch\firewatch.exe => No File
FirewallRules: [TCP Query User{98848272-7885-48DA-8C4C-E41CAD576A0B}D:\hry\firewatch.v21.12.201\firewatch.exe] => (Block) D:\hry\firewatch.v21.12.201\firewatch.exe => No File
FirewallRules: [UDP Query User{1038D012-C9C4-4FED-9767-E2F56D1F5280}D:\hry\firewatch.v21.12.201\firewatch.exe] => (Block) D:\hry\firewatch.v21.12.201\firewatch.exe => No File
FirewallRules: [TCP Query User{E8D25CAC-2335-4A73-B38F-ACC9029EEA0A}D:\hry\dying light\dyinglightgame.exe] => (Block) D:\hry\dying light\dyinglightgame.exe => No File
FirewallRules: [UDP Query User{D01CB5F3-0F67-4E69-AD27-836164DD6A9B}D:\hry\dying light\dyinglightgame.exe] => (Block) D:\hry\dying light\dyinglightgame.exe => No File
FirewallRules: [TCP Query User{BFEE9F3F-D7F3-4CF7-BF46-4822FE8D389E}D:\hry\call of duty - modern warfare remastered\h1-mod.exe] => (Block) D:\hry\call of duty - modern warfare remastered\h1-mod.exe => No File
FirewallRules: [UDP Query User{77B22D07-1D2D-45B5-880A-AEF47BF62D59}D:\hry\call of duty - modern warfare remastered\h1-mod.exe] => (Block) D:\hry\call of duty - modern warfare remastered\h1-mod.exe => No File
FirewallRules: [{E16095EB-9F07-420D-BE84-E30E2D59565B}] => (Allow) D:\Programy\programs\RM.exe => No File
FirewallRules: [{DCEB4DE8-61CD-438D-94EA-7BFEE7290E0D}] => (Allow) D:\Programy\programs\RM.exe => No File
FirewallRules: [{596C6835-35EB-498A-9BD4-45F801413581}] => (Allow) D:\Programy\programs\NGStudio.exe => No File
FirewallRules: [{44C32E63-BECC-4CA1-BE44-BC7188BA34EB}] => (Allow) D:\Programy\programs\NGStudio.exe => No File
FirewallRules: [{066C5284-EB4F-4A44-AADC-7C1511345C6E}] => (Allow) D:\Programy\programs\UMI.exe => No File
FirewallRules: [{B98A894F-DB48-424C-A587-4043F55923E5}] => (Allow) D:\Programy\programs\UMI.exe => No File
FirewallRules: [{7BA01785-BBEC-4FDD-B5CD-77582B42636E}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{C6CFAB22-6647-421B-A7A2-5AF6B3236466}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [TCP Query User{833D1E7E-1DCD-4C48-BDB6-A0CA7B3C2A4D}D:\games\uncharted - legacy of thieves collection\u4.exe] => (Block) D:\games\uncharted - legacy of thieves collection\u4.exe => No File
FirewallRules: [UDP Query User{1DB62961-6DDB-4F11-9B6A-15F75FD2DD00}D:\games\uncharted - legacy of thieves collection\u4.exe] => (Block) D:\games\uncharted - legacy of thieves collection\u4.exe => No File
FirewallRules: [TCP Query User{7A99D5B2-C6BB-4DA3-AF3F-1680002CE529}C:\program files\amd\cnext\cnext\radeonsoftware.exe] => (Block) C:\program files\amd\cnext\cnext\radeonsoftware.exe => No File
FirewallRules: [UDP Query User{C281C72C-1B34-4AC4-B9D8-DAFBFAA15B7D}C:\program files\amd\cnext\cnext\radeonsoftware.exe] => (Block) C:\program files\amd\cnext\cnext\radeonsoftware.exe => No File
FirewallRules: [{4EB754EA-5E5F-4955-A908-A1D2FC9C2D57}] => (Allow) D:\Programy\Steam\steamapps\common\Rocksmith2014\Rocksmith2014.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{BFE63AB1-9C3B-4360-B4D4-4C0E3877C37A}] => (Allow) D:\Programy\Steam\steamapps\common\Rocksmith2014\Rocksmith2014.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [TCP Query User{C8B29D35-38AC-4270-85C9-E1EEA01F6EFC}D:\hry\wolfenstein the new order\wolfneworder_x64.exe] => (Block) D:\hry\wolfenstein the new order\wolfneworder_x64.exe => No File
FirewallRules: [UDP Query User{91DB6CC1-F002-4EE3-8916-A64CC0980A6D}D:\hry\wolfenstein the new order\wolfneworder_x64.exe] => (Block) D:\hry\wolfenstein the new order\wolfneworder_x64.exe => No File
FirewallRules: [{206093AF-1F37-4FBA-85A3-FCEAE906ADC7}] => (Allow) D:\Hry\Red Dead Redemption 2\RDR2.exe (Rockstar Games) [File not signed]
FirewallRules: [{6D4EF899-4E64-45BD-BFE6-C0527007AD17}] => (Allow) D:\Hry\Red Dead Redemption 2\RDR2.exe (Rockstar Games) [File not signed]
FirewallRules: [TCP Query User{9F6332EC-599A-40D2-B37B-6CCAFB239F9C}D:\hry\surviving the aftermath\aftermath64.exe] => (Block) D:\hry\surviving the aftermath\aftermath64.exe => No File
FirewallRules: [UDP Query User{5B36DA82-1354-48E1-98D7-BAEBB4CED574}D:\hry\surviving the aftermath\aftermath64.exe] => (Block) D:\hry\surviving the aftermath\aftermath64.exe => No File
FirewallRules: [TCP Query User{6955FEE2-E660-456C-97A9-3636807C10CD}D:\hry\the last of us - part i\tlou-i.exe] => (Block) D:\hry\the last of us - part i\tlou-i.exe => No File
FirewallRules: [UDP Query User{3DF502B7-FD68-4A07-AD98-731AE0AE2FDB}D:\hry\the last of us - part i\tlou-i.exe] => (Block) D:\hry\the last of us - part i\tlou-i.exe => No File
FirewallRules: [TCP Query User{B8B7503B-D1BF-4419-BD3A-6E1899DD18D7}D:\hry\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Block) D:\hry\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe (Warner Bros. Interactive) [File not signed]
FirewallRules: [UDP Query User{2FF3FAE1-F2A3-44A5-A6CA-D49B8CE54C74}D:\hry\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Block) D:\hry\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe (Warner Bros. Interactive) [File not signed]
FirewallRules: [TCP Query User{E8338C5D-2998-41E5-9643-292AB4F04E71}G:\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) G:\kingdom come deliverance\bin\win64\kingdomcome.exe => No File
FirewallRules: [UDP Query User{330E584F-07A3-4DF9-A7B6-E4BBA72B088F}G:\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) G:\kingdom come deliverance\bin\win64\kingdomcome.exe => No File
FirewallRules: [TCP Query User{B4B26371-88C0-47EE-92F1-5C5FD0F280E0}D:\hry\planet zoo\planetzoo.exe] => (Block) D:\hry\planet zoo\planetzoo.exe => No File
FirewallRules: [UDP Query User{EFACA561-0865-4A12-9B54-814418866A57}D:\hry\planet zoo\planetzoo.exe] => (Block) D:\hry\planet zoo\planetzoo.exe => No File
FirewallRules: [TCP Query User{6B851656-63BA-4B6D-A2AC-7A5BFF5E0738}D:\hry\planetzoo\planetzoo.exe] => (Block) D:\hry\planetzoo\planetzoo.exe => No File
FirewallRules: [UDP Query User{7E0DF77D-2882-494E-9A47-B1B27740C942}D:\hry\planetzoo\planetzoo.exe] => (Block) D:\hry\planetzoo\planetzoo.exe => No File
FirewallRules: [{8E19345C-D5DB-4840-A593-C5A9D765D192}] => (Allow) E:\Down\The Sims 4\Game\Bin\TS4_x64.exe => No File
FirewallRules: [{9A8723C1-7033-4168-A198-EA5D0011D7CD}] => (Allow) E:\Down\The Sims 4\Game\Bin\TS4_x64.exe => No File
FirewallRules: [{89EE5730-0E57-410F-BC38-D395CD9B94A6}] => (Allow) D:\Programy\arcai.com\aips.exe => No File
FirewallRules: [{D3A3058D-B0EE-4E69-9419-E3415BFCC57A}] => (Allow) D:\Programy\arcai.com\aips.exe => No File
FirewallRules: [{12F484C1-7EB6-4F6B-835C-56B958F7B17F}] => (Allow) D:\Programy\arcai.com\netcut_windows.exe => No File
FirewallRules: [{3CD0BC0A-2604-43FB-BC03-F8C6CF8BA569}] => (Allow) D:\Programy\arcai.com\netcut_windows.exe => No File
FirewallRules: [{FFC3A4A0-9A3E-43D2-B780-4F8AA6764C2B}] => (Allow) D:\Programy\BlueStacks X\BlueStacksWeb.exe => No File
FirewallRules: [{69AB1B59-2621-4A0C-9CF9-72AD16928985}] => (Allow) D:\Programy\BlueStacks X\Cloud Game.exe => No File
FirewallRules: [{F1990E33-2039-45BD-807B-9092AE13C339}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => No File
FirewallRules: [{C7BF748A-CCE4-413D-AA8F-809244C8CBCE}] => (Allow) C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe => No File
FirewallRules: [TCP Query User{29BF6B94-8ECC-44ED-977C-794A16299D5A}D:\programy\microvirt\memuhyperv\memuhyper.exe] => (Block) D:\programy\microvirt\memuhyperv\memuhyper.exe => No File
FirewallRules: [UDP Query User{D322BF38-E2CE-4A4D-BB41-B7572E056F09}D:\programy\microvirt\memuhyperv\memuhyper.exe] => (Block) D:\programy\microvirt\memuhyperv\memuhyper.exe => No File
FirewallRules: [TCP Query User{1AF29D4A-6340-428D-AE76-B5846F839654}D:\games\uncharted - legacy of thieves collection\tll.exe] => (Block) D:\games\uncharted - legacy of thieves collection\tll.exe => No File
FirewallRules: [UDP Query User{D4B4A09A-DEAD-4554-AEA7-8DDBBDCB8681}D:\games\uncharted - legacy of thieves collection\tll.exe] => (Block) D:\games\uncharted - legacy of thieves collection\tll.exe => No File
FirewallRules: [{9E8A40A0-10E9-41F0-92F6-FE2AD5C5DF89}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{E7323F3B-BF56-47EC-A91C-2487934CC1C3}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [TCP Query User{12F28879-48CB-412A-B96F-C8C1A8F9076C}F:\dying light\dyinglightgame.exe] => (Block) F:\dying light\dyinglightgame.exe => No File
FirewallRules: [UDP Query User{E47410DA-76AA-4E7D-85E3-EFF470FA38D3}F:\dying light\dyinglightgame.exe] => (Block) F:\dying light\dyinglightgame.exe => No File
FirewallRules: [TCP Query User{113875F6-83C9-4690-A0F7-ED6E88B666F7}D:\hry\polylithic.early.access\polylithic.early.access\polylithic.exe] => (Block) D:\hry\polylithic.early.access\polylithic.early.access\polylithic.exe () [File not signed]
FirewallRules: [UDP Query User{8DFE5DD2-F82F-4F80-9802-979E63EFBB3D}D:\hry\polylithic.early.access\polylithic.early.access\polylithic.exe] => (Block) D:\hry\polylithic.early.access\polylithic.early.access\polylithic.exe () [File not signed]
FirewallRules: [TCP Query User{30E7110B-32D5-40E9-89E7-5E0A20EDD0E0}F:\climber.sky.is.the.limit-goldberg\climber.sky.is.the.limit-goldberg\climber sky is the limit.exe] => (Block) F:\climber.sky.is.the.limit-goldberg\climber.sky.is.the.limit-goldberg\climber sky is the limit.exe => No File
FirewallRules: [UDP Query User{ACD773D6-4062-4F37-89BC-78AC3ADC2C40}F:\climber.sky.is.the.limit-goldberg\climber.sky.is.the.limit-goldberg\climber sky is the limit.exe] => (Block) F:\climber.sky.is.the.limit-goldberg\climber.sky.is.the.limit-goldberg\climber sky is the limit.exe => No File
FirewallRules: [TCP Query User{689421E6-56A0-4701-BD2E-322643720791}F:\enshrouded\enshrouded.exe] => (Block) F:\enshrouded\enshrouded.exe => No File
FirewallRules: [UDP Query User{313F8EE6-4EE1-4269-AA6D-8A3A4A80B7E6}F:\enshrouded\enshrouded.exe] => (Block) F:\enshrouded\enshrouded.exe => No File
FirewallRules: [TCP Query User{97ED2CD5-27A8-4096-A150-0492E9271CB4}F:\tell.me.why.repack-kaos\tme\binaries\win64\tme-win64-shipping.exe] => (Block) F:\tell.me.why.repack-kaos\tme\binaries\win64\tme-win64-shipping.exe => No File
FirewallRules: [UDP Query User{4CCF6581-14C2-4A98-A541-159D921F12F2}F:\tell.me.why.repack-kaos\tme\binaries\win64\tme-win64-shipping.exe] => (Block) F:\tell.me.why.repack-kaos\tme\binaries\win64\tme-win64-shipping.exe => No File
FirewallRules: [TCP Query User{316CBD2F-67BA-4B56-B721-2E05AE7D3660}F:\heavy rain\heavyrain.exe] => (Block) F:\heavy rain\heavyrain.exe () [File not signed]
FirewallRules: [UDP Query User{250F37B0-B3EB-4D05-80F9-96A2A1DB09C2}F:\heavy rain\heavyrain.exe] => (Block) F:\heavy rain\heavyrain.exe () [File not signed]
FirewallRules: [TCP Query User{D979709A-D374-4383-B30A-648D667F76C3}F:\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) F:\kingdom come deliverance\bin\win64\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [UDP Query User{E1D70A88-B79B-48DF-8D79-8F10FE670566}F:\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) F:\kingdom come deliverance\bin\win64\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [TCP Query User{5E892413-9062-44C3-AED3-6966A7DC1FF3}F:\fabledom.v1.02a\fabledom.exe] => (Block) F:\fabledom.v1.02a\fabledom.exe => No File
FirewallRules: [UDP Query User{762BF579-4401-4F45-A838-0E1050E95CD7}F:\fabledom.v1.02a\fabledom.exe] => (Block) F:\fabledom.v1.02a\fabledom.exe => No File
FirewallRules: [TCP Query User{98F8BCE9-EAD0-4432-90F0-018C8E331DE9}F:\vrising\vrising.exe] => (Block) F:\vrising\vrising.exe => No File
FirewallRules: [UDP Query User{3C978422-A79C-4581-8795-1987BE64335A}F:\vrising\vrising.exe] => (Block) F:\vrising\vrising.exe => No File
FirewallRules: [TCP Query User{4B2D3E17-50FD-4ECF-BE3D-FDC329D339AB}F:\vrising\vrising_server\vrisingserver.exe] => (Block) F:\vrising\vrising_server\vrisingserver.exe => No File
FirewallRules: [UDP Query User{25406116-03F6-446A-89B8-6723D279E4F3}F:\vrising\vrising_server\vrisingserver.exe] => (Block) F:\vrising\vrising_server\vrisingserver.exe => No File
FirewallRules: [TCP Query User{010AA98E-5B84-4027-A93A-6C6FC0E2360B}F:\v rising\vrising.exe] => (Block) F:\v rising\vrising.exe => No File
FirewallRules: [UDP Query User{FC07BEBF-6390-4017-AB86-0497896F9C6D}F:\v rising\vrising.exe] => (Block) F:\v rising\vrising.exe => No File
FirewallRules: [TCP Query User{CE3287AB-DC31-4C45-A488-2AFD160F7598}F:\v rising\vrising_server\vrisingserver.exe] => (Block) F:\v rising\vrising_server\vrisingserver.exe => No File
FirewallRules: [UDP Query User{CD727281-7B37-4109-A98E-E3755656CC0D}F:\v rising\vrising_server\vrisingserver.exe] => (Block) F:\v rising\vrising_server\vrisingserver.exe => No File
FirewallRules: [{B58F636A-1489-456A-8592-AAD6A07A6C5B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.126.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0DD4EA35-FF70-46CB-B016-D70DEF6D661F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.126.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8B882604-C966-443A-B933-F849896B555A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.126.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F8E63711-74F3-47DF-BC22-7367A48C3BA4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.126.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{90652C57-1F8B-4C87-86C0-B8F4BCD90EC0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CF71C379-E184-4835-83F0-85AEE64969F1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2A34FFC1-F432-49C6-960F-F50448070C07}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8C3E0872-B569-4339-B8FB-4872AE5C6C04}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8B6D8B8F-E03B-4E87-AC8C-C51226372913}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CC245BE1-B8C2-49D5-A901-62DBB3ACFBFF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{03E8255C-0D76-41A4-BFE0-7C4E67AA15FD}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{0BA4CE96-6F34-4A93-9AE1-4527EA0D1902}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\128.0.2739.42\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{82396604-BDCD-4F82-9B85-44026DCE154B}] => (Allow) LPort=26820
FirewallRules: [{B8321681-09A5-4FDE-9794-50818E729F8A}] => (Allow) LPort=26822

==================== Restore Points =========================

25-08-2024 20:30:44 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (08/27/2024 05:58:43 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.

Error: (08/25/2024 04:03:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GhostOfTsushima.exe, verze: 1053.0.515.2048, časové razítko: 0x664503dd
Název chybujícího modulu: GhostOfTsushima.exe, verze: 1053.0.515.2048, časové razítko: 0x664503dd
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000034a3d68
ID chybujícího procesu: 0xe30
Čas spuštění chybující aplikace: 0x01daf6f654f397f8
Cesta k chybující aplikaci: F:\Ghost of Tsushima DC\GhostOfTsushima.exe
Cesta k chybujícímu modulu: F:\Ghost of Tsushima DC\GhostOfTsushima.exe
ID zprávy: 6d6201fa-6a5b-46df-b9cb-99d765bde498
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/24/2024 09:52:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GhostOfTsushima.exe, verze: 1053.0.515.2048, časové razítko: 0x664503dd
Název chybujícího modulu: GhostOfTsushima.exe, verze: 1053.0.515.2048, časové razítko: 0x664503dd
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000034a3d68
ID chybujícího procesu: 0x15cc
Čas spuštění chybující aplikace: 0x01daf65e606fd554
Cesta k chybující aplikaci: F:\Ghost of Tsushima DC\GhostOfTsushima.exe
Cesta k chybujícímu modulu: F:\Ghost of Tsushima DC\GhostOfTsushima.exe
ID zprávy: c7a12db1-6ee6-446a-927a-e4dd6df3d9d7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/24/2024 08:32:57 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač..

Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (08/24/2024 05:17:53 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Instalace (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (08/24/2024 04:35:29 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Data (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (08/24/2024 03:16:17 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Data (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (08/17/2024 09:02:58 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Data (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)


System errors:
=============
Error: (08/27/2024 06:01:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (08/27/2024 06:01:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MysticLight2_Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (08/27/2024 06:01:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Realtek Audio Universal Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (08/27/2024 06:01:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (08/27/2024 06:01:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (08/27/2024 06:01:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD Crash Defender Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (08/27/2024 05:21:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (08/27/2024 05:21:00 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).


Windows Defender:
================
Date: 2024-08-27 18:20:51
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: containerfile:_C:\Users\Sysel\Desktop\Nepotvrzeno 743115.crdownload; file:_C:\Users\Sysel\Desktop\Nepotvrzeno 743115.crdownload->MalwareBytes_Anti-Malware_Keygen_v1.7_URET.exe; file:_C:\Users\Sysel\Desktop\Nepotvrzeno 743115.crdownload->MalwareBytes_Anti-Malware_Keygen_v1.7_URET\MalwareBytes_Anti-Malware_Keygen_v1.7_URET.exe; file:_C:\Users\Sysel\Desktop\Nepotvrzeno 743115.crdownload->MalwareBytes_Anti-Malware_Keygen_v1.7_URET\MalwareBytes_Anti-Malware_Keygen_v1.7_URET.rar->MalwareBytes_Anti-Malware_Keygen_v1.7_URET.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Uživatel
Uživatel: DESKTOP-SRFASFD\Sysel
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.417.346.0, AS: 1.417.346.0, NIS: 1.417.346.0
Verze modulu: AM: 1.1.24070.3, NIS: 1.1.24070.3

Date: 2024-08-27 16:54:10
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {190F1FC4-F5D4-4700-AE00-B95A2E4A5BA8}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-08-27 16:41:50
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {B507C04E-C47A-4317-B5DF-FDE41A871E65}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: DESKTOP-SRFASFD\Sysel

Date: 2024-08-27 16:34:39
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {BE8C5EAB-3559-4568-8FFA-CBEB1ACCF735}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Úplné prohledávání
Uživatel: DESKTOP-SRFASFD\Sysel

Date: 2024-08-17 21:02:55
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {91C25840-B621-4EED-90D4-DCA291AB2B64}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2024-08-27 17:04:43
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.

Date: 2024-04-14 12:09:26
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Zálohování
Kód chyby: 0x80004004
Popis chyby: Operace přerušena
Verze bezpečnostních informací: 1.409.198.0;1.409.198.0
Verze modulu: 1.1.24030.4

Date: 2024-04-14 12:09:26
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80004004
Popis chyby: Operace přerušena
Verze bezpečnostních informací: 1.409.248.0;1.409.248.0
Verze modulu: 1.1.24030.4

Date: 2023-10-07 15:55:44
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.399.194.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23090.2007
Kód chyby: 0x8024001e
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2023-04-20 20:24:33
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.387.1554.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20200.4
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===============
Date: 2024-08-27 17:58:53
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. F12 08/13/2019
Motherboard: Gigabyte Technology Co., Ltd. H310M S2 2.0
Processor: Intel(R) Core(TM) i3-9100F CPU @ 3.60GHz
Percentage of memory in use: 29%
Total physical RAM: 16328.12 MB
Available physical RAM: 11517.7 MB
Total Virtual: 18760.12 MB
Available Virtual: 13239.29 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:118.7 GB) (Free:15.17 GB) (Model: Apacer AS350 128GB) NTFS
Drive d: (Instalace) (Fixed) (Total:931.5 GB) (Free:346.28 GB) (Model: TOSHIBA HDWD110) NTFS
Drive e: (Data) (Fixed) (Total:465.76 GB) (Free:287.62 GB) (Model: WDC WD5000AAKX-60U6AA0) NTFS
Drive f: (Gaming) (Fixed) (Total:953.87 GB) (Free:778.57 GB) (Model: Verbatim Vi550 S3) NTFS

\\?\Volume{6cbf6b1f-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS
\\?\Volume{6cbf6b1f-0000-0000-0000-40b01d000000}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: F3E68782)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 953.9 GB) (Disk ID: 87C86423)
Partition 1: (Not Active) - (Size=953.9 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 119.2 GB) (Disk ID: 6CBF6B1F)
Partition 1: (Active) - (Size=50 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=498 MB) - (Type=27)

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119341
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Detekován PUAbundler:win32/candyopen

#5 Příspěvek od Rudy »

ADW je OK. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\Run: [GalaxyClient] => [X]
ShortcutTarget: Boom3D.lnk -> C:\Program Files\Global Delight\Boom 3D\Boom3D.exe (No File)
Task: {4ECED520-F214-4D6E-911C-47749677A34A} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem129.0.6651.0{C587A6F8-50DD-48C3-9692-4205BC4B835D} => C:\Program Files (x86)\Google\GoogleUpdater\129.0.6651.0\updater.exe [4906600 2024-08-11] (Google LLC -> Google LLC)
C:\Users\Sysel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu64.dll -> No File
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu64.dll -> No File
FirewallRules: [TCP Query User{23A1CEE7-90FF-474F-842E-DABEB0919596}C:\users\sysel\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\sysel\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{8C49988C-6732-43B6-822B-06AF8D51E2B0}C:\users\sysel\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\sysel\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [{C2EAD904-A962-4430-8F18-FFEEC88DD069}] => (Allow) C:\Users\Sysel\AppData\Roaming\uTorrent\utorrent.exe => No File
FirewallRules: [{0641D0A8-0CCD-40C6-ABE6-CA0D78442D23}] => (Allow) C:\Users\Sysel\AppData\Roaming\uTorrent\utorrent.exe => No File
FirewallRules: [{D8470CA1-A98B-4A96-8BED-EBCE1A1FEC20}] => (Allow) D:\Down\Red.Dead.Redemption.2.Ultimate.Edition.RGL.Rip-InsaneRamZes\Red Dead Redemption 2\RDR2.exe => No File
FirewallRules: [{34944E95-A2F5-4698-A2CE-338DE74E646D}] => (Allow) D:\Down\Red.Dead.Redemption.2.Ultimate.Edition.RGL.Rip-InsaneRamZes\Red Dead Redemption 2\RDR2.exe => No File
FirewallRules: [{0D65A1B8-ABAB-4849-B1E3-01B81A2AF123}] => (Allow) D:\Hry\SimCity 2013 Offline\SimCity\SimCity.exe => No File
FirewallRules: [{62B8D5AA-562D-4E48-B025-6A870265D4BC}] => (Allow) D:\Hry\SimCity 2013 Offline\SimCity\SimCity.exe => No File
FirewallRules: [TCP Query User{65D25CBF-68B0-4089-B9D4-102D36ED1BF0}D:\hry\the sims 4\game\bin\ts4_x64.exe] => (Block) D:\hry\the sims 4\game\bin\ts4_x64.exe => No File
FirewallRules: [UDP Query User{8FF88867-9BB2-463B-9477-96DF2A9A04AB}D:\hry\the sims 4\game\bin\ts4_x64.exe] => (Block) D:\hry\the sims 4\game\bin\ts4_x64.exe => No File
FirewallRules: [TCP Query User{259943CC-11E9-4442-8ADD-68D4571D59C1}D:\hry\life is strange 2\lis2\binaries\win64\lis2-win64-shipping.exe] => (Block) D:\hry\life is strange 2\lis2\binaries\win64\lis2-win64-shipping.exe => No File
FirewallRules: [UDP Query User{1FE347FD-9A6B-4594-8E84-9DB13D4C8586}D:\hry\life is strange 2\lis2\binaries\win64\lis2-win64-shipping.exe] => (Block) D:\hry\life is strange 2\lis2\binaries\win64\lis2-win64-shipping.exe => No File
FirewallRules: [TCP Query User{A906A3CF-75AA-4A75-9E07-3C9DC04D6508}D:\hry\wolfenstein new order\wolfneworder_x64.exe] => (Block) D:\hry\wolfenstein new order\wolfneworder_x64.exe => No File
FirewallRules: [UDP Query User{17DE4DCB-05AA-4CB7-ADB8-3983D337793C}D:\hry\wolfenstein new order\wolfneworder_x64.exe] => (Block) D:\hry\wolfenstein new order\wolfneworder_x64.exe => No File
FirewallRules: [TCP Query User{81649A25-BF09-482B-8B95-523CBEEA36E5}D:\down\sniper.ghost.warrior.contracts.2.deluxe.arsenal.edition.steam.rip-insaneramzes\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe] => (Block) D:\down\sniper.ghost.warrior.contracts.2.deluxe.arsenal.edition.steam.rip-insaneramzes\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe => No File
FirewallRules: [UDP Query User{514B9B7E-2BB9-4C51-B54A-455950873C0F}D:\down\sniper.ghost.warrior.contracts.2.deluxe.arsenal.edition.steam.rip-insaneramzes\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe] => (Block) D:\down\sniper.ghost.warrior.contracts.2.deluxe.arsenal.edition.steam.rip-insaneramzes\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe => No File
FirewallRules: [TCP Query User{0D9DE676-6A1B-4E35-90D0-E4DAA82145DD}D:\games\age of empires iii definitive edition the african royals\aoe3de_s.exe] => (Block) D:\games\age of empires iii definitive edition the african royals\aoe3de_s.exe => No File
FirewallRules: [UDP Query User{9C6444D4-E496-4B5F-8B78-D13A8260F911}D:\games\age of empires iii definitive edition the african royals\aoe3de_s.exe] => (Block) D:\games\age of empires iii definitive edition the african royals\aoe3de_s.exe => No File
FirewallRules: [TCP Query User{918ECCD5-D437-4294-A772-3E9A4B45711D}D:\games\age of empires iii definitive edition the african royals\battleserver.exe] => (Block) D:\games\age of empires iii definitive edition the african royals\battleserver.exe => No File
FirewallRules: [UDP Query User{952FF2F7-81C9-4282-9FEC-43BC5A2230C0}D:\games\age of empires iii definitive edition the african royals\battleserver.exe] => (Block) D:\games\age of empires iii definitive edition the african royals\battleserver.exe => No File
FirewallRules: [TCP Query User{51433B84-45D7-4920-AC77-698466CA61D5}D:\down\dyson sphere program cz-chi v0.8.19.7863\dspgame.exe] => (Block) D:\down\dyson sphere program cz-chi v0.8.19.7863\dspgame.exe => No File
FirewallRules: [UDP Query User{82FACEA8-4F66-4103-A43F-4F5858B66F18}D:\down\dyson sphere program cz-chi v0.8.19.7863\dspgame.exe] => (Block) D:\down\dyson sphere program cz-chi v0.8.19.7863\dspgame.exe => No File
FirewallRules: [TCP Query User{F1E40901-3762-4E73-96A6-D3FC7469EFBF}D:\hry\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) D:\hry\kingdom come deliverance\bin\win64\kingdomcome.exe => No File
FirewallRules: [UDP Query User{DB197F8E-DDF9-4F47-BCC4-C68B07C2512E}D:\hry\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) D:\hry\kingdom come deliverance\bin\win64\kingdomcome.exe => No File
FirewallRules: [TCP Query User{3A96A03F-32AA-4731-8F74-F91A1C773527}D:\hry\need for speed heat\needforspeedheat.exe] => (Block) D:\hry\need for speed heat\needforspeedheat.exe => No File
FirewallRules: [UDP Query User{B9452433-3059-4969-BC57-4D30D4EECCA7}D:\hry\need for speed heat\needforspeedheat.exe] => (Block) D:\hry\need for speed heat\needforspeedheat.exe => No File
FirewallRules: [TCP Query User{0AF3056A-DA73-4ACE-9C57-338E151D1F98}D:\down\festival.tycoon.early.access\festivaltycoon.exe] => (Block) D:\down\festival.tycoon.early.access\festivaltycoon.exe => No File
FirewallRules: [UDP Query User{883B843B-DBA5-4F3F-BBA6-8EA130CACBEB}D:\down\festival.tycoon.early.access\festivaltycoon.exe] => (Block) D:\down\festival.tycoon.early.access\festivaltycoon.exe => No File
FirewallRules: [TCP Query User{989539A0-3332-4B4A-B55D-D6A299C5830C}D:\down\forza.horizon.4.ultimate.edition.steam.rip-insaneramzes\forzahorizon4\forzahorizon4.exe] => (Block) D:\down\forza.horizon.4.ultimate.edition.steam.rip-insaneramzes\forzahorizon4\forzahorizon4.exe => No File
FirewallRules: [UDP Query User{3F3A6F36-32B3-4135-B91F-4DD74717A76F}D:\down\forza.horizon.4.ultimate.edition.steam.rip-insaneramzes\forzahorizon4\forzahorizon4.exe] => (Block) D:\down\forza.horizon.4.ultimate.edition.steam.rip-insaneramzes\forzahorizon4\forzahorizon4.exe => No File
FirewallRules: [TCP Query User{CD67C3CE-2279-42DA-A485-AD82AF6AE751}D:\down\indoorlands.early.access\indoorlands.exe] => (Block) D:\down\indoorlands.early.access\indoorlands.exe => No File
FirewallRules: [UDP Query User{0819A883-227F-48EE-BE51-9EF011A9E889}D:\down\indoorlands.early.access\indoorlands.exe] => (Block) D:\down\indoorlands.early.access\indoorlands.exe => No File
FirewallRules: [TCP Query User{C2DCA2D7-B954-4795-9A2F-31366967DF38}D:\hry\age of empires iv\reliccardinal.exe] => (Block) D:\hry\age of empires iv\reliccardinal.exe => No File
FirewallRules: [UDP Query User{FB46B4F5-87BB-471E-B781-1605B311DF5D}D:\hry\age of empires iv\reliccardinal.exe] => (Block) D:\hry\age of empires iv\reliccardinal.exe => No File
FirewallRules: [TCP Query User{A13859C0-6191-41BD-89A4-C2F8DE145660}D:\hry\forza horizon 5\forzahorizon5.exe] => (Block) D:\hry\forza horizon 5\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{8A7B3C22-E7CB-4026-AE53-2C89998CF570}D:\hry\forza horizon 5\forzahorizon5.exe] => (Block) D:\hry\forza horizon 5\forzahorizon5.exe => No File
FirewallRules: [TCP Query User{4C6B9F0D-DC89-4C0F-BFE4-9C51A61F5242}D:\down\grand.theft.auto.the.trilogy.the.definitive.edition-p2p\gta san andreas - definitive edition\gameface\binaries\win64\sanandreas.exe] => (Block) D:\down\grand.theft.auto.the.trilogy.the.definitive.edition-p2p\gta san andreas - definitive edition\gameface\binaries\win64\sanandreas.exe => No File
FirewallRules: [UDP Query User{1BC78239-4F6B-4ADB-ADF6-E7C6CAB44535}D:\down\grand.theft.auto.the.trilogy.the.definitive.edition-p2p\gta san andreas - definitive edition\gameface\binaries\win64\sanandreas.exe] => (Block) D:\down\grand.theft.auto.the.trilogy.the.definitive.edition-p2p\gta san andreas - definitive edition\gameface\binaries\win64\sanandreas.exe => No File
FirewallRules: [{FCACA640-1964-4BC7-9DEF-F7A677353DC1}] => (Allow) C:\PROGRA~2\netis\USBWIR~1\RtWlan.exe => No File
FirewallRules: [{277E084D-CD12-4834-B149-2400EB5ED518}] => (Allow) C:\PROGRA~2\netis\USBWIR~1\Rtldhcp.exe => No File
FirewallRules: [{5FBBE0D4-2358-4E70-9FAD-E6479F7740B7}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe => No File
FirewallRules: [{8BA88D34-886F-49D3-8E22-023FC28856E6}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe => No File
FirewallRules: [{672246B4-D9F9-4760-9DDD-0CB61AD192E3}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe => No File
FirewallRules: [{2D6C2062-B12F-497B-83F6-257021AED866}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe => No File
FirewallRules: [{5F00D6D1-1DFD-4F52-A171-D5957A5C05F3}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe => No File
FirewallRules: [{DA9D1287-C545-4055-B3EC-8981BD7B25B5}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe => No File
FirewallRules: [TCP Query User{AE4F077E-A4D4-44D4-BF9D-74B38C7AA96F}D:\hry\firewatch\firewatch.exe] => (Block) D:\hry\firewatch\firewatch.exe => No File
FirewallRules: [UDP Query User{1C03A703-F818-41A7-AB27-44769CCEBB54}D:\hry\firewatch\firewatch.exe] => (Block) D:\hry\firewatch\firewatch.exe => No File
FirewallRules: [TCP Query User{98848272-7885-48DA-8C4C-E41CAD576A0B}D:\hry\firewatch.v21.12.201\firewatch.exe] => (Block) D:\hry\firewatch.v21.12.201\firewatch.exe => No File
FirewallRules: [UDP Query User{1038D012-C9C4-4FED-9767-E2F56D1F5280}D:\hry\firewatch.v21.12.201\firewatch.exe] => (Block) D:\hry\firewatch.v21.12.201\firewatch.exe => No File
FirewallRules: [TCP Query User{E8D25CAC-2335-4A73-B38F-ACC9029EEA0A}D:\hry\dying light\dyinglightgame.exe] => (Block) D:\hry\dying light\dyinglightgame.exe => No File
FirewallRules: [UDP Query User{D01CB5F3-0F67-4E69-AD27-836164DD6A9B}D:\hry\dying light\dyinglightgame.exe] => (Block) D:\hry\dying light\dyinglightgame.exe => No File
FirewallRules: [TCP Query User{BFEE9F3F-D7F3-4CF7-BF46-4822FE8D389E}D:\hry\call of duty - modern warfare remastered\h1-mod.exe] => (Block) D:\hry\call of duty - modern warfare remastered\h1-mod.exe => No File
FirewallRules: [UDP Query User{77B22D07-1D2D-45B5-880A-AEF47BF62D59}D:\hry\call of duty - modern warfare remastered\h1-mod.exe] => (Block) D:\hry\call of duty - modern warfare remastered\h1-mod.exe => No File
FirewallRules: [{E16095EB-9F07-420D-BE84-E30E2D59565B}] => (Allow) D:\Programy\programs\RM.exe => No File
FirewallRules: [{DCEB4DE8-61CD-438D-94EA-7BFEE7290E0D}] => (Allow) D:\Programy\programs\RM.exe => No File
FirewallRules: [{596C6835-35EB-498A-9BD4-45F801413581}] => (Allow) D:\Programy\programs\NGStudio.exe => No File
FirewallRules: [{44C32E63-BECC-4CA1-BE44-BC7188BA34EB}] => (Allow) D:\Programy\programs\NGStudio.exe => No File
FirewallRules: [{066C5284-EB4F-4A44-AADC-7C1511345C6E}] => (Allow) D:\Programy\programs\UMI.exe => No File
FirewallRules: [{B98A894F-DB48-424C-A587-4043F55923E5}] => (Allow) D:\Programy\programs\UMI.exe => No File
FirewallRules: [TCP Query User{833D1E7E-1DCD-4C48-BDB6-A0CA7B3C2A4D}D:\games\uncharted - legacy of thieves collection\u4.exe] => (Block) D:\games\uncharted - legacy of thieves collection\u4.exe => No File
FirewallRules: [UDP Query User{1DB62961-6DDB-4F11-9B6A-15F75FD2DD00}D:\games\uncharted - legacy of thieves collection\u4.exe] => (Block) D:\games\uncharted - legacy of thieves collection\u4.exe => No File
FirewallRules: [TCP Query User{7A99D5B2-C6BB-4DA3-AF3F-1680002CE529}C:\program files\amd\cnext\cnext\radeonsoftware.exe] => (Block) C:\program files\amd\cnext\cnext\radeonsoftware.exe => No File
FirewallRules: [UDP Query User{C281C72C-1B34-4AC4-B9D8-DAFBFAA15B7D}C:\program files\amd\cnext\cnext\radeonsoftware.exe] => (Block) C:\program files\amd\cnext\cnext\radeonsoftware.exe => No File
FirewallRules: [TCP Query User{C8B29D35-38AC-4270-85C9-E1EEA01F6EFC}D:\hry\wolfenstein the new order\wolfneworder_x64.exe] => (Block) D:\hry\wolfenstein the new order\wolfneworder_x64.exe => No File
FirewallRules: [UDP Query User{91DB6CC1-F002-4EE3-8916-A64CC0980A6D}D:\hry\wolfenstein the new order\wolfneworder_x64.exe] => (Block) D:\hry\wolfenstein the new order\wolfneworder_x64.exe => No File
FirewallRules: [TCP Query User{9F6332EC-599A-40D2-B37B-6CCAFB239F9C}D:\hry\surviving the aftermath\aftermath64.exe] => (Block) D:\hry\surviving the aftermath\aftermath64.exe => No File
FirewallRules: [UDP Query User{5B36DA82-1354-48E1-98D7-BAEBB4CED574}D:\hry\surviving the aftermath\aftermath64.exe] => (Block) D:\hry\surviving the aftermath\aftermath64.exe => No File
FirewallRules: [TCP Query User{6955FEE2-E660-456C-97A9-3636807C10CD}D:\hry\the last of us - part i\tlou-i.exe] => (Block) D:\hry\the last of us - part i\tlou-i.exe => No File
FirewallRules: [UDP Query User{3DF502B7-FD68-4A07-AD98-731AE0AE2FDB}D:\hry\the last of us - part i\tlou-i.exe] => (Block) D:\hry\the last of us - part i\tlou-i.exe => No File
FirewallRules: [TCP Query User{E8338C5D-2998-41E5-9643-292AB4F04E71}G:\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) G:\kingdom come deliverance\bin\win64\kingdomcome.exe => No File
FirewallRules: [UDP Query User{330E584F-07A3-4DF9-A7B6-E4BBA72B088F}G:\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) G:\kingdom come deliverance\bin\win64\kingdomcome.exe => No File
FirewallRules: [TCP Query User{B4B26371-88C0-47EE-92F1-5C5FD0F280E0}D:\hry\planet zoo\planetzoo.exe] => (Block) D:\hry\planet zoo\planetzoo.exe => No File
FirewallRules: [UDP Query User{EFACA561-0865-4A12-9B54-814418866A57}D:\hry\planet zoo\planetzoo.exe] => (Block) D:\hry\planet zoo\planetzoo.exe => No File
FirewallRules: [TCP Query User{6B851656-63BA-4B6D-A2AC-7A5BFF5E0738}D:\hry\planetzoo\planetzoo.exe] => (Block) D:\hry\planetzoo\planetzoo.exe => No File
FirewallRules: [UDP Query User{7E0DF77D-2882-494E-9A47-B1B27740C942}D:\hry\planetzoo\planetzoo.exe] => (Block) D:\hry\planetzoo\planetzoo.exe => No File
FirewallRules: [{8E19345C-D5DB-4840-A593-C5A9D765D192}] => (Allow) E:\Down\The Sims 4\Game\Bin\TS4_x64.exe => No File
FirewallRules: [{9A8723C1-7033-4168-A198-EA5D0011D7CD}] => (Allow) E:\Down\The Sims 4\Game\Bin\TS4_x64.exe => No File
FirewallRules: [{89EE5730-0E57-410F-BC38-D395CD9B94A6}] => (Allow) D:\Programy\arcai.com\aips.exe => No File
FirewallRules: [{D3A3058D-B0EE-4E69-9419-E3415BFCC57A}] => (Allow) D:\Programy\arcai.com\aips.exe => No File
FirewallRules: [{12F484C1-7EB6-4F6B-835C-56B958F7B17F}] => (Allow) D:\Programy\arcai.com\netcut_windows.exe => No File
FirewallRules: [{3CD0BC0A-2604-43FB-BC03-F8C6CF8BA569}] => (Allow) D:\Programy\arcai.com\netcut_windows.exe => No File
FirewallRules: [{FFC3A4A0-9A3E-43D2-B780-4F8AA6764C2B}] => (Allow) D:\Programy\BlueStacks X\BlueStacksWeb.exe => No File
FirewallRules: [{69AB1B59-2621-4A0C-9CF9-72AD16928985}] => (Allow) D:\Programy\BlueStacks X\Cloud Game.exe => No File
FirewallRules: [{F1990E33-2039-45BD-807B-9092AE13C339}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => No File
FirewallRules: [{C7BF748A-CCE4-413D-AA8F-809244C8CBCE}] => (Allow) C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe => No File
FirewallRules: [TCP Query User{29BF6B94-8ECC-44ED-977C-794A16299D5A}D:\programy\microvirt\memuhyperv\memuhyper.exe] => (Block) D:\programy\microvirt\memuhyperv\memuhyper.exe => No File
FirewallRules: [UDP Query User{D322BF38-E2CE-4A4D-BB41-B7572E056F09}D:\programy\microvirt\memuhyperv\memuhyper.exe] => (Block) D:\programy\microvirt\memuhyperv\memuhyper.exe => No File
FirewallRules: [TCP Query User{1AF29D4A-6340-428D-AE76-B5846F839654}D:\games\uncharted - legacy of thieves collection\tll.exe] => (Block) D:\games\uncharted - legacy of thieves collection\tll.exe => No File
FirewallRules: [UDP Query User{D4B4A09A-DEAD-4554-AEA7-8DDBBDCB8681}D:\games\uncharted - legacy of thieves collection\tll.exe] => (Block) D:\games\uncharted - legacy of thieves collection\tll.exe => No File
FirewallRules: [TCP Query User{30E7110B-32D5-40E9-89E7-5E0A20EDD0E0}F:\climber.sky.is.the.limit-goldberg\climber.sky.is.the.limit-goldberg\climber sky is the limit.exe] => (Block) F:\climber.sky.is.the.limit-goldberg\climber.sky.is.the.limit-goldberg\climber sky is the limit.exe => No File
FirewallRules: [UDP Query User{ACD773D6-4062-4F37-89BC-78AC3ADC2C40}F:\climber.sky.is.the.limit-goldberg\climber.sky.is.the.limit-goldberg\climber sky is the limit.exe] => (Block) F:\climber.sky.is.the.limit-goldberg\climber.sky.is.the.limit-goldberg\climber sky is the limit.exe => No File
FirewallRules: [TCP Query User{689421E6-56A0-4701-BD2E-322643720791}F:\enshrouded\enshrouded.exe] => (Block) F:\enshrouded\enshrouded.exe => No File
FirewallRules: [UDP Query User{313F8EE6-4EE1-4269-AA6D-8A3A4A80B7E6}F:\enshrouded\enshrouded.exe] => (Block) F:\enshrouded\enshrouded.exe => No File
FirewallRules: [TCP Query User{97ED2CD5-27A8-4096-A150-0492E9271CB4}F:\tell.me.why.repack-kaos\tme\binaries\win64\tme-win64-shipping.exe] => (Block) F:\tell.me.why.repack-kaos\tme\binaries\win64\tme-win64-shipping.exe => No File
FirewallRules: [UDP Query User{4CCF6581-14C2-4A98-A541-159D921F12F2}F:\tell.me.why.repack-kaos\tme\binaries\win64\tme-win64-shipping.exe] => (Block) F:\tell.me.why.repack-kaos\tme\binaries\win64\tme-win64-shipping.exe => No File
FirewallRules: [TCP Query User{5E892413-9062-44C3-AED3-6966A7DC1FF3}F:\fabledom.v1.02a\fabledom.exe] => (Block) F:\fabledom.v1.02a\fabledom.exe => No File
FirewallRules: [UDP Query User{762BF579-4401-4F45-A838-0E1050E95CD7}F:\fabledom.v1.02a\fabledom.exe] => (Block) F:\fabledom.v1.02a\fabledom.exe => No File
FirewallRules: [TCP Query User{98F8BCE9-EAD0-4432-90F0-018C8E331DE9}F:\vrising\vrising.exe] => (Block) F:\vrising\vrising.exe => No File
FirewallRules: [UDP Query User{3C978422-A79C-4581-8795-1987BE64335A}F:\vrising\vrising.exe] => (Block) F:\vrising\vrising.exe => No File
FirewallRules: [TCP Query User{4B2D3E17-50FD-4ECF-BE3D-FDC329D339AB}F:\vrising\vrising_server\vrisingserver.exe] => (Block) F:\vrising\vrising_server\vrisingserver.exe => No File
FirewallRules: [UDP Query User{25406116-03F6-446A-89B8-6723D279E4F3}F:\vrising\vrising_server\vrisingserver.exe] => (Block) F:\vrising\vrising_server\vrisingserver.exe => No File
FirewallRules: [TCP Query User{010AA98E-5B84-4027-A93A-6C6FC0E2360B}F:\v rising\vrising.exe] => (Block) F:\v rising\vrising.exe => No File
FirewallRules: [UDP Query User{FC07BEBF-6390-4017-AB86-0497896F9C6D}F:\v rising\vrising.exe] => (Block) F:\v rising\vrising.exe => No File
FirewallRules: [TCP Query User{CE3287AB-DC31-4C45-A488-2AFD160F7598}F:\v rising\vrising_server\vrisingserver.exe] => (Block) F:\v rising\vrising_server\vrisingserver.exe => No File
FirewallRules: [UDP Query User{CD727281-7B37-4109-A98E-E3755656CC0D}F:\v rising\vrising_server\vrisingserver.exe] => (Block) F:\v rising\vrising_server\vrisingserver.exe => No File
C:\Users\Sysel\Desktop\Nepotvrzeno 743115.crdownload

Hosts:
EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
syslos
Návštěvník
Návštěvník
Příspěvky: 15
Registrován: 27 srp 2024 16:26

Re: Detekován PUAbundler:win32/candyopen

#6 Příspěvek od syslos »

Fix result of Farbar Recovery Scan Tool (x64) Version: 22-08.2024
Ran by Sysel (27-08-2024 19:05:03) Run:1
Running from C:\Users\Sysel\Desktop
Loaded Profiles: Sysel
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\Run: [GalaxyClient] => [X]
ShortcutTarget: Boom3D.lnk -> C:\Program Files\Global Delight\Boom 3D\Boom3D.exe (No File)
Task: {4ECED520-F214-4D6E-911C-47749677A34A} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem129.0.6651.0{C587A6F8-50DD-48C3-9692-4205BC4B835D} => C:\Program Files (x86)\Google\GoogleUpdater\129.0.6651.0\updater.exe [4906600 2024-08-11] (Google LLC -> Google LLC)
C:\Users\Sysel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu64.dll -> No File
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu64.dll -> No File
FirewallRules: [TCP Query User{23A1CEE7-90FF-474F-842E-DABEB0919596}C:\users\sysel\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\sysel\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{8C49988C-6732-43B6-822B-06AF8D51E2B0}C:\users\sysel\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\sysel\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [{C2EAD904-A962-4430-8F18-FFEEC88DD069}] => (Allow) C:\Users\Sysel\AppData\Roaming\uTorrent\utorrent.exe => No File
FirewallRules: [{0641D0A8-0CCD-40C6-ABE6-CA0D78442D23}] => (Allow) C:\Users\Sysel\AppData\Roaming\uTorrent\utorrent.exe => No File
FirewallRules: [{D8470CA1-A98B-4A96-8BED-EBCE1A1FEC20}] => (Allow) D:\Down\Red.Dead.Redemption.2.Ultimate.Edition.RGL.Rip-InsaneRamZes\Red Dead Redemption 2\RDR2.exe => No File
FirewallRules: [{34944E95-A2F5-4698-A2CE-338DE74E646D}] => (Allow) D:\Down\Red.Dead.Redemption.2.Ultimate.Edition.RGL.Rip-InsaneRamZes\Red Dead Redemption 2\RDR2.exe => No File
FirewallRules: [{0D65A1B8-ABAB-4849-B1E3-01B81A2AF123}] => (Allow) D:\Hry\SimCity 2013 Offline\SimCity\SimCity.exe => No File
FirewallRules: [{62B8D5AA-562D-4E48-B025-6A870265D4BC}] => (Allow) D:\Hry\SimCity 2013 Offline\SimCity\SimCity.exe => No File
FirewallRules: [TCP Query User{65D25CBF-68B0-4089-B9D4-102D36ED1BF0}D:\hry\the sims 4\game\bin\ts4_x64.exe] => (Block) D:\hry\the sims 4\game\bin\ts4_x64.exe => No File
FirewallRules: [UDP Query User{8FF88867-9BB2-463B-9477-96DF2A9A04AB}D:\hry\the sims 4\game\bin\ts4_x64.exe] => (Block) D:\hry\the sims 4\game\bin\ts4_x64.exe => No File
FirewallRules: [TCP Query User{259943CC-11E9-4442-8ADD-68D4571D59C1}D:\hry\life is strange 2\lis2\binaries\win64\lis2-win64-shipping.exe] => (Block) D:\hry\life is strange 2\lis2\binaries\win64\lis2-win64-shipping.exe => No File
FirewallRules: [UDP Query User{1FE347FD-9A6B-4594-8E84-9DB13D4C8586}D:\hry\life is strange 2\lis2\binaries\win64\lis2-win64-shipping.exe] => (Block) D:\hry\life is strange 2\lis2\binaries\win64\lis2-win64-shipping.exe => No File
FirewallRules: [TCP Query User{A906A3CF-75AA-4A75-9E07-3C9DC04D6508}D:\hry\wolfenstein new order\wolfneworder_x64.exe] => (Block) D:\hry\wolfenstein new order\wolfneworder_x64.exe => No File
FirewallRules: [UDP Query User{17DE4DCB-05AA-4CB7-ADB8-3983D337793C}D:\hry\wolfenstein new order\wolfneworder_x64.exe] => (Block) D:\hry\wolfenstein new order\wolfneworder_x64.exe => No File
FirewallRules: [TCP Query User{81649A25-BF09-482B-8B95-523CBEEA36E5}D:\down\sniper.ghost.warrior.contracts.2.deluxe.arsenal.edition.steam.rip-insaneramzes\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe] => (Block) D:\down\sniper.ghost.warrior.contracts.2.deluxe.arsenal.edition.steam.rip-insaneramzes\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe => No File
FirewallRules: [UDP Query User{514B9B7E-2BB9-4C51-B54A-455950873C0F}D:\down\sniper.ghost.warrior.contracts.2.deluxe.arsenal.edition.steam.rip-insaneramzes\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe] => (Block) D:\down\sniper.ghost.warrior.contracts.2.deluxe.arsenal.edition.steam.rip-insaneramzes\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe => No File
FirewallRules: [TCP Query User{0D9DE676-6A1B-4E35-90D0-E4DAA82145DD}D:\games\age of empires iii definitive edition the african royals\aoe3de_s.exe] => (Block) D:\games\age of empires iii definitive edition the african royals\aoe3de_s.exe => No File
FirewallRules: [UDP Query User{9C6444D4-E496-4B5F-8B78-D13A8260F911}D:\games\age of empires iii definitive edition the african royals\aoe3de_s.exe] => (Block) D:\games\age of empires iii definitive edition the african royals\aoe3de_s.exe => No File
FirewallRules: [TCP Query User{918ECCD5-D437-4294-A772-3E9A4B45711D}D:\games\age of empires iii definitive edition the african royals\battleserver.exe] => (Block) D:\games\age of empires iii definitive edition the african royals\battleserver.exe => No File
FirewallRules: [UDP Query User{952FF2F7-81C9-4282-9FEC-43BC5A2230C0}D:\games\age of empires iii definitive edition the african royals\battleserver.exe] => (Block) D:\games\age of empires iii definitive edition the african royals\battleserver.exe => No File
FirewallRules: [TCP Query User{51433B84-45D7-4920-AC77-698466CA61D5}D:\down\dyson sphere program cz-chi v0.8.19.7863\dspgame.exe] => (Block) D:\down\dyson sphere program cz-chi v0.8.19.7863\dspgame.exe => No File
FirewallRules: [UDP Query User{82FACEA8-4F66-4103-A43F-4F5858B66F18}D:\down\dyson sphere program cz-chi v0.8.19.7863\dspgame.exe] => (Block) D:\down\dyson sphere program cz-chi v0.8.19.7863\dspgame.exe => No File
FirewallRules: [TCP Query User{F1E40901-3762-4E73-96A6-D3FC7469EFBF}D:\hry\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) D:\hry\kingdom come deliverance\bin\win64\kingdomcome.exe => No File
FirewallRules: [UDP Query User{DB197F8E-DDF9-4F47-BCC4-C68B07C2512E}D:\hry\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) D:\hry\kingdom come deliverance\bin\win64\kingdomcome.exe => No File
FirewallRules: [TCP Query User{3A96A03F-32AA-4731-8F74-F91A1C773527}D:\hry\need for speed heat\needforspeedheat.exe] => (Block) D:\hry\need for speed heat\needforspeedheat.exe => No File
FirewallRules: [UDP Query User{B9452433-3059-4969-BC57-4D30D4EECCA7}D:\hry\need for speed heat\needforspeedheat.exe] => (Block) D:\hry\need for speed heat\needforspeedheat.exe => No File
FirewallRules: [TCP Query User{0AF3056A-DA73-4ACE-9C57-338E151D1F98}D:\down\festival.tycoon.early.access\festivaltycoon.exe] => (Block) D:\down\festival.tycoon.early.access\festivaltycoon.exe => No File
FirewallRules: [UDP Query User{883B843B-DBA5-4F3F-BBA6-8EA130CACBEB}D:\down\festival.tycoon.early.access\festivaltycoon.exe] => (Block) D:\down\festival.tycoon.early.access\festivaltycoon.exe => No File
FirewallRules: [TCP Query User{989539A0-3332-4B4A-B55D-D6A299C5830C}D:\down\forza.horizon.4.ultimate.edition.steam.rip-insaneramzes\forzahorizon4\forzahorizon4.exe] => (Block) D:\down\forza.horizon.4.ultimate.edition.steam.rip-insaneramzes\forzahorizon4\forzahorizon4.exe => No File
FirewallRules: [UDP Query User{3F3A6F36-32B3-4135-B91F-4DD74717A76F}D:\down\forza.horizon.4.ultimate.edition.steam.rip-insaneramzes\forzahorizon4\forzahorizon4.exe] => (Block) D:\down\forza.horizon.4.ultimate.edition.steam.rip-insaneramzes\forzahorizon4\forzahorizon4.exe => No File
FirewallRules: [TCP Query User{CD67C3CE-2279-42DA-A485-AD82AF6AE751}D:\down\indoorlands.early.access\indoorlands.exe] => (Block) D:\down\indoorlands.early.access\indoorlands.exe => No File
FirewallRules: [UDP Query User{0819A883-227F-48EE-BE51-9EF011A9E889}D:\down\indoorlands.early.access\indoorlands.exe] => (Block) D:\down\indoorlands.early.access\indoorlands.exe => No File
FirewallRules: [TCP Query User{C2DCA2D7-B954-4795-9A2F-31366967DF38}D:\hry\age of empires iv\reliccardinal.exe] => (Block) D:\hry\age of empires iv\reliccardinal.exe => No File
FirewallRules: [UDP Query User{FB46B4F5-87BB-471E-B781-1605B311DF5D}D:\hry\age of empires iv\reliccardinal.exe] => (Block) D:\hry\age of empires iv\reliccardinal.exe => No File
FirewallRules: [TCP Query User{A13859C0-6191-41BD-89A4-C2F8DE145660}D:\hry\forza horizon 5\forzahorizon5.exe] => (Block) D:\hry\forza horizon 5\forzahorizon5.exe => No File
FirewallRules: [UDP Query User{8A7B3C22-E7CB-4026-AE53-2C89998CF570}D:\hry\forza horizon 5\forzahorizon5.exe] => (Block) D:\hry\forza horizon 5\forzahorizon5.exe => No File
FirewallRules: [TCP Query User{4C6B9F0D-DC89-4C0F-BFE4-9C51A61F5242}D:\down\grand.theft.auto.the.trilogy.the.definitive.edition-p2p\gta san andreas - definitive edition\gameface\binaries\win64\sanandreas.exe] => (Block) D:\down\grand.theft.auto.the.trilogy.the.definitive.edition-p2p\gta san andreas - definitive edition\gameface\binaries\win64\sanandreas.exe => No File
FirewallRules: [UDP Query User{1BC78239-4F6B-4ADB-ADF6-E7C6CAB44535}D:\down\grand.theft.auto.the.trilogy.the.definitive.edition-p2p\gta san andreas - definitive edition\gameface\binaries\win64\sanandreas.exe] => (Block) D:\down\grand.theft.auto.the.trilogy.the.definitive.edition-p2p\gta san andreas - definitive edition\gameface\binaries\win64\sanandreas.exe => No File
FirewallRules: [{FCACA640-1964-4BC7-9DEF-F7A677353DC1}] => (Allow) C:\PROGRA~2\netis\USBWIR~1\RtWlan.exe => No File
FirewallRules: [{277E084D-CD12-4834-B149-2400EB5ED518}] => (Allow) C:\PROGRA~2\netis\USBWIR~1\Rtldhcp.exe => No File
FirewallRules: [{5FBBE0D4-2358-4E70-9FAD-E6479F7740B7}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe => No File
FirewallRules: [{8BA88D34-886F-49D3-8E22-023FC28856E6}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe => No File
FirewallRules: [{672246B4-D9F9-4760-9DDD-0CB61AD192E3}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe => No File
FirewallRules: [{2D6C2062-B12F-497B-83F6-257021AED866}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe => No File
FirewallRules: [{5F00D6D1-1DFD-4F52-A171-D5957A5C05F3}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe => No File
FirewallRules: [{DA9D1287-C545-4055-B3EC-8981BD7B25B5}] => (Allow) C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe => No File
FirewallRules: [TCP Query User{AE4F077E-A4D4-44D4-BF9D-74B38C7AA96F}D:\hry\firewatch\firewatch.exe] => (Block) D:\hry\firewatch\firewatch.exe => No File
FirewallRules: [UDP Query User{1C03A703-F818-41A7-AB27-44769CCEBB54}D:\hry\firewatch\firewatch.exe] => (Block) D:\hry\firewatch\firewatch.exe => No File
FirewallRules: [TCP Query User{98848272-7885-48DA-8C4C-E41CAD576A0B}D:\hry\firewatch.v21.12.201\firewatch.exe] => (Block) D:\hry\firewatch.v21.12.201\firewatch.exe => No File
FirewallRules: [UDP Query User{1038D012-C9C4-4FED-9767-E2F56D1F5280}D:\hry\firewatch.v21.12.201\firewatch.exe] => (Block) D:\hry\firewatch.v21.12.201\firewatch.exe => No File
FirewallRules: [TCP Query User{E8D25CAC-2335-4A73-B38F-ACC9029EEA0A}D:\hry\dying light\dyinglightgame.exe] => (Block) D:\hry\dying light\dyinglightgame.exe => No File
FirewallRules: [UDP Query User{D01CB5F3-0F67-4E69-AD27-836164DD6A9B}D:\hry\dying light\dyinglightgame.exe] => (Block) D:\hry\dying light\dyinglightgame.exe => No File
FirewallRules: [TCP Query User{BFEE9F3F-D7F3-4CF7-BF46-4822FE8D389E}D:\hry\call of duty - modern warfare remastered\h1-mod.exe] => (Block) D:\hry\call of duty - modern warfare remastered\h1-mod.exe => No File
FirewallRules: [UDP Query User{77B22D07-1D2D-45B5-880A-AEF47BF62D59}D:\hry\call of duty - modern warfare remastered\h1-mod.exe] => (Block) D:\hry\call of duty - modern warfare remastered\h1-mod.exe => No File
FirewallRules: [{E16095EB-9F07-420D-BE84-E30E2D59565B}] => (Allow) D:\Programy\programs\RM.exe => No File
FirewallRules: [{DCEB4DE8-61CD-438D-94EA-7BFEE7290E0D}] => (Allow) D:\Programy\programs\RM.exe => No File
FirewallRules: [{596C6835-35EB-498A-9BD4-45F801413581}] => (Allow) D:\Programy\programs\NGStudio.exe => No File
FirewallRules: [{44C32E63-BECC-4CA1-BE44-BC7188BA34EB}] => (Allow) D:\Programy\programs\NGStudio.exe => No File
FirewallRules: [{066C5284-EB4F-4A44-AADC-7C1511345C6E}] => (Allow) D:\Programy\programs\UMI.exe => No File
FirewallRules: [{B98A894F-DB48-424C-A587-4043F55923E5}] => (Allow) D:\Programy\programs\UMI.exe => No File
FirewallRules: [TCP Query User{833D1E7E-1DCD-4C48-BDB6-A0CA7B3C2A4D}D:\games\uncharted - legacy of thieves collection\u4.exe] => (Block) D:\games\uncharted - legacy of thieves collection\u4.exe => No File
FirewallRules: [UDP Query User{1DB62961-6DDB-4F11-9B6A-15F75FD2DD00}D:\games\uncharted - legacy of thieves collection\u4.exe] => (Block) D:\games\uncharted - legacy of thieves collection\u4.exe => No File
FirewallRules: [TCP Query User{7A99D5B2-C6BB-4DA3-AF3F-1680002CE529}C:\program files\amd\cnext\cnext\radeonsoftware.exe] => (Block) C:\program files\amd\cnext\cnext\radeonsoftware.exe => No File
FirewallRules: [UDP Query User{C281C72C-1B34-4AC4-B9D8-DAFBFAA15B7D}C:\program files\amd\cnext\cnext\radeonsoftware.exe] => (Block) C:\program files\amd\cnext\cnext\radeonsoftware.exe => No File
FirewallRules: [TCP Query User{C8B29D35-38AC-4270-85C9-E1EEA01F6EFC}D:\hry\wolfenstein the new order\wolfneworder_x64.exe] => (Block) D:\hry\wolfenstein the new order\wolfneworder_x64.exe => No File
FirewallRules: [UDP Query User{91DB6CC1-F002-4EE3-8916-A64CC0980A6D}D:\hry\wolfenstein the new order\wolfneworder_x64.exe] => (Block) D:\hry\wolfenstein the new order\wolfneworder_x64.exe => No File
FirewallRules: [TCP Query User{9F6332EC-599A-40D2-B37B-6CCAFB239F9C}D:\hry\surviving the aftermath\aftermath64.exe] => (Block) D:\hry\surviving the aftermath\aftermath64.exe => No File
FirewallRules: [UDP Query User{5B36DA82-1354-48E1-98D7-BAEBB4CED574}D:\hry\surviving the aftermath\aftermath64.exe] => (Block) D:\hry\surviving the aftermath\aftermath64.exe => No File
FirewallRules: [TCP Query User{6955FEE2-E660-456C-97A9-3636807C10CD}D:\hry\the last of us - part i\tlou-i.exe] => (Block) D:\hry\the last of us - part i\tlou-i.exe => No File
FirewallRules: [UDP Query User{3DF502B7-FD68-4A07-AD98-731AE0AE2FDB}D:\hry\the last of us - part i\tlou-i.exe] => (Block) D:\hry\the last of us - part i\tlou-i.exe => No File
FirewallRules: [TCP Query User{E8338C5D-2998-41E5-9643-292AB4F04E71}G:\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) G:\kingdom come deliverance\bin\win64\kingdomcome.exe => No File
FirewallRules: [UDP Query User{330E584F-07A3-4DF9-A7B6-E4BBA72B088F}G:\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) G:\kingdom come deliverance\bin\win64\kingdomcome.exe => No File
FirewallRules: [TCP Query User{B4B26371-88C0-47EE-92F1-5C5FD0F280E0}D:\hry\planet zoo\planetzoo.exe] => (Block) D:\hry\planet zoo\planetzoo.exe => No File
FirewallRules: [UDP Query User{EFACA561-0865-4A12-9B54-814418866A57}D:\hry\planet zoo\planetzoo.exe] => (Block) D:\hry\planet zoo\planetzoo.exe => No File
FirewallRules: [TCP Query User{6B851656-63BA-4B6D-A2AC-7A5BFF5E0738}D:\hry\planetzoo\planetzoo.exe] => (Block) D:\hry\planetzoo\planetzoo.exe => No File
FirewallRules: [UDP Query User{7E0DF77D-2882-494E-9A47-B1B27740C942}D:\hry\planetzoo\planetzoo.exe] => (Block) D:\hry\planetzoo\planetzoo.exe => No File
FirewallRules: [{8E19345C-D5DB-4840-A593-C5A9D765D192}] => (Allow) E:\Down\The Sims 4\Game\Bin\TS4_x64.exe => No File
FirewallRules: [{9A8723C1-7033-4168-A198-EA5D0011D7CD}] => (Allow) E:\Down\The Sims 4\Game\Bin\TS4_x64.exe => No File
FirewallRules: [{89EE5730-0E57-410F-BC38-D395CD9B94A6}] => (Allow) D:\Programy\arcai.com\aips.exe => No File
FirewallRules: [{D3A3058D-B0EE-4E69-9419-E3415BFCC57A}] => (Allow) D:\Programy\arcai.com\aips.exe => No File
FirewallRules: [{12F484C1-7EB6-4F6B-835C-56B958F7B17F}] => (Allow) D:\Programy\arcai.com\netcut_windows.exe => No File
FirewallRules: [{3CD0BC0A-2604-43FB-BC03-F8C6CF8BA569}] => (Allow) D:\Programy\arcai.com\netcut_windows.exe => No File
FirewallRules: [{FFC3A4A0-9A3E-43D2-B780-4F8AA6764C2B}] => (Allow) D:\Programy\BlueStacks X\BlueStacksWeb.exe => No File
FirewallRules: [{69AB1B59-2621-4A0C-9CF9-72AD16928985}] => (Allow) D:\Programy\BlueStacks X\Cloud Game.exe => No File
FirewallRules: [{F1990E33-2039-45BD-807B-9092AE13C339}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => No File
FirewallRules: [{C7BF748A-CCE4-413D-AA8F-809244C8CBCE}] => (Allow) C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe => No File
FirewallRules: [TCP Query User{29BF6B94-8ECC-44ED-977C-794A16299D5A}D:\programy\microvirt\memuhyperv\memuhyper.exe] => (Block) D:\programy\microvirt\memuhyperv\memuhyper.exe => No File
FirewallRules: [UDP Query User{D322BF38-E2CE-4A4D-BB41-B7572E056F09}D:\programy\microvirt\memuhyperv\memuhyper.exe] => (Block) D:\programy\microvirt\memuhyperv\memuhyper.exe => No File
FirewallRules: [TCP Query User{1AF29D4A-6340-428D-AE76-B5846F839654}D:\games\uncharted - legacy of thieves collection\tll.exe] => (Block) D:\games\uncharted - legacy of thieves collection\tll.exe => No File
FirewallRules: [UDP Query User{D4B4A09A-DEAD-4554-AEA7-8DDBBDCB8681}D:\games\uncharted - legacy of thieves collection\tll.exe] => (Block) D:\games\uncharted - legacy of thieves collection\tll.exe => No File
FirewallRules: [TCP Query User{30E7110B-32D5-40E9-89E7-5E0A20EDD0E0}F:\climber.sky.is.the.limit-goldberg\climber.sky.is.the.limit-goldberg\climber sky is the limit.exe] => (Block) F:\climber.sky.is.the.limit-goldberg\climber.sky.is.the.limit-goldberg\climber sky is the limit.exe => No File
FirewallRules: [UDP Query User{ACD773D6-4062-4F37-89BC-78AC3ADC2C40}F:\climber.sky.is.the.limit-goldberg\climber.sky.is.the.limit-goldberg\climber sky is the limit.exe] => (Block) F:\climber.sky.is.the.limit-goldberg\climber.sky.is.the.limit-goldberg\climber sky is the limit.exe => No File
FirewallRules: [TCP Query User{689421E6-56A0-4701-BD2E-322643720791}F:\enshrouded\enshrouded.exe] => (Block) F:\enshrouded\enshrouded.exe => No File
FirewallRules: [UDP Query User{313F8EE6-4EE1-4269-AA6D-8A3A4A80B7E6}F:\enshrouded\enshrouded.exe] => (Block) F:\enshrouded\enshrouded.exe => No File
FirewallRules: [TCP Query User{97ED2CD5-27A8-4096-A150-0492E9271CB4}F:\tell.me.why.repack-kaos\tme\binaries\win64\tme-win64-shipping.exe] => (Block) F:\tell.me.why.repack-kaos\tme\binaries\win64\tme-win64-shipping.exe => No File
FirewallRules: [UDP Query User{4CCF6581-14C2-4A98-A541-159D921F12F2}F:\tell.me.why.repack-kaos\tme\binaries\win64\tme-win64-shipping.exe] => (Block) F:\tell.me.why.repack-kaos\tme\binaries\win64\tme-win64-shipping.exe => No File
FirewallRules: [TCP Query User{5E892413-9062-44C3-AED3-6966A7DC1FF3}F:\fabledom.v1.02a\fabledom.exe] => (Block) F:\fabledom.v1.02a\fabledom.exe => No File
FirewallRules: [UDP Query User{762BF579-4401-4F45-A838-0E1050E95CD7}F:\fabledom.v1.02a\fabledom.exe] => (Block) F:\fabledom.v1.02a\fabledom.exe => No File
FirewallRules: [TCP Query User{98F8BCE9-EAD0-4432-90F0-018C8E331DE9}F:\vrising\vrising.exe] => (Block) F:\vrising\vrising.exe => No File
FirewallRules: [UDP Query User{3C978422-A79C-4581-8795-1987BE64335A}F:\vrising\vrising.exe] => (Block) F:\vrising\vrising.exe => No File
FirewallRules: [TCP Query User{4B2D3E17-50FD-4ECF-BE3D-FDC329D339AB}F:\vrising\vrising_server\vrisingserver.exe] => (Block) F:\vrising\vrising_server\vrisingserver.exe => No File
FirewallRules: [UDP Query User{25406116-03F6-446A-89B8-6723D279E4F3}F:\vrising\vrising_server\vrisingserver.exe] => (Block) F:\vrising\vrising_server\vrisingserver.exe => No File
FirewallRules: [TCP Query User{010AA98E-5B84-4027-A93A-6C6FC0E2360B}F:\v rising\vrising.exe] => (Block) F:\v rising\vrising.exe => No File
FirewallRules: [UDP Query User{FC07BEBF-6390-4017-AB86-0497896F9C6D}F:\v rising\vrising.exe] => (Block) F:\v rising\vrising.exe => No File
FirewallRules: [TCP Query User{CE3287AB-DC31-4C45-A488-2AFD160F7598}F:\v rising\vrising_server\vrisingserver.exe] => (Block) F:\v rising\vrising_server\vrisingserver.exe => No File
FirewallRules: [UDP Query User{CD727281-7B37-4109-A98E-E3755656CC0D}F:\v rising\vrising_server\vrisingserver.exe] => (Block) F:\v rising\vrising_server\vrisingserver.exe => No File
C:\Users\Sysel\Desktop\Nepotvrzeno 743115.crdownload

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
"HKU\S-1-5-21-11058042-1712766284-1418202981-1001\Software\Microsoft\Windows\CurrentVersion\Run\\GalaxyClient" => removed successfully
"C:\Program Files\Global Delight\Boom 3D\Boom3D.exe" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4ECED520-F214-4D6E-911C-47749677A34A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4ECED520-F214-4D6E-911C-47749677A34A}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem129.0.6651.0{C587A6F8-50DD-48C3-9692-4205BC4B835D} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem129.0.6651.0{C587A6F8-50DD-48C3-9692-4205BC4B835D}" => removed successfully
C:\Users\Sysel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\AIMP => removed successfully
HKLM\Software\Classes\CLSID\{1F77B17B-F531-44DB-ACA4-76ABB5010A28} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\AIMP => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{23A1CEE7-90FF-474F-842E-DABEB0919596}C:\users\sysel\appdata\roaming\utorrent\utorrent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8C49988C-6732-43B6-822B-06AF8D51E2B0}C:\users\sysel\appdata\roaming\utorrent\utorrent.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C2EAD904-A962-4430-8F18-FFEEC88DD069}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0641D0A8-0CCD-40C6-ABE6-CA0D78442D23}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D8470CA1-A98B-4A96-8BED-EBCE1A1FEC20}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{34944E95-A2F5-4698-A2CE-338DE74E646D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0D65A1B8-ABAB-4849-B1E3-01B81A2AF123}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{62B8D5AA-562D-4E48-B025-6A870265D4BC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{65D25CBF-68B0-4089-B9D4-102D36ED1BF0}D:\hry\the sims 4\game\bin\ts4_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8FF88867-9BB2-463B-9477-96DF2A9A04AB}D:\hry\the sims 4\game\bin\ts4_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{259943CC-11E9-4442-8ADD-68D4571D59C1}D:\hry\life is strange 2\lis2\binaries\win64\lis2-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1FE347FD-9A6B-4594-8E84-9DB13D4C8586}D:\hry\life is strange 2\lis2\binaries\win64\lis2-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A906A3CF-75AA-4A75-9E07-3C9DC04D6508}D:\hry\wolfenstein new order\wolfneworder_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{17DE4DCB-05AA-4CB7-ADB8-3983D337793C}D:\hry\wolfenstein new order\wolfneworder_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{81649A25-BF09-482B-8B95-523CBEEA36E5}D:\down\sniper.ghost.warrior.contracts.2.deluxe.arsenal.edition.steam.rip-insaneramzes\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{514B9B7E-2BB9-4C51-B54A-455950873C0F}D:\down\sniper.ghost.warrior.contracts.2.deluxe.arsenal.edition.steam.rip-insaneramzes\sniper ghost warrior contracts 2\win_x64\sgwcontracts2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0D9DE676-6A1B-4E35-90D0-E4DAA82145DD}D:\games\age of empires iii definitive edition the african royals\aoe3de_s.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9C6444D4-E496-4B5F-8B78-D13A8260F911}D:\games\age of empires iii definitive edition the african royals\aoe3de_s.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{918ECCD5-D437-4294-A772-3E9A4B45711D}D:\games\age of empires iii definitive edition the african royals\battleserver.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{952FF2F7-81C9-4282-9FEC-43BC5A2230C0}D:\games\age of empires iii definitive edition the african royals\battleserver.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{51433B84-45D7-4920-AC77-698466CA61D5}D:\down\dyson sphere program cz-chi v0.8.19.7863\dspgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{82FACEA8-4F66-4103-A43F-4F5858B66F18}D:\down\dyson sphere program cz-chi v0.8.19.7863\dspgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F1E40901-3762-4E73-96A6-D3FC7469EFBF}D:\hry\kingdom come deliverance\bin\win64\kingdomcome.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DB197F8E-DDF9-4F47-BCC4-C68B07C2512E}D:\hry\kingdom come deliverance\bin\win64\kingdomcome.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3A96A03F-32AA-4731-8F74-F91A1C773527}D:\hry\need for speed heat\needforspeedheat.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B9452433-3059-4969-BC57-4D30D4EECCA7}D:\hry\need for speed heat\needforspeedheat.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0AF3056A-DA73-4ACE-9C57-338E151D1F98}D:\down\festival.tycoon.early.access\festivaltycoon.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{883B843B-DBA5-4F3F-BBA6-8EA130CACBEB}D:\down\festival.tycoon.early.access\festivaltycoon.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{989539A0-3332-4B4A-B55D-D6A299C5830C}D:\down\forza.horizon.4.ultimate.edition.steam.rip-insaneramzes\forzahorizon4\forzahorizon4.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3F3A6F36-32B3-4135-B91F-4DD74717A76F}D:\down\forza.horizon.4.ultimate.edition.steam.rip-insaneramzes\forzahorizon4\forzahorizon4.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CD67C3CE-2279-42DA-A485-AD82AF6AE751}D:\down\indoorlands.early.access\indoorlands.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0819A883-227F-48EE-BE51-9EF011A9E889}D:\down\indoorlands.early.access\indoorlands.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C2DCA2D7-B954-4795-9A2F-31366967DF38}D:\hry\age of empires iv\reliccardinal.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FB46B4F5-87BB-471E-B781-1605B311DF5D}D:\hry\age of empires iv\reliccardinal.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A13859C0-6191-41BD-89A4-C2F8DE145660}D:\hry\forza horizon 5\forzahorizon5.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8A7B3C22-E7CB-4026-AE53-2C89998CF570}D:\hry\forza horizon 5\forzahorizon5.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4C6B9F0D-DC89-4C0F-BFE4-9C51A61F5242}D:\down\grand.theft.auto.the.trilogy.the.definitive.edition-p2p\gta san andreas - definitive edition\gameface\binaries\win64\sanandreas.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1BC78239-4F6B-4ADB-ADF6-E7C6CAB44535}D:\down\grand.theft.auto.the.trilogy.the.definitive.edition-p2p\gta san andreas - definitive edition\gameface\binaries\win64\sanandreas.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FCACA640-1964-4BC7-9DEF-F7A677353DC1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{277E084D-CD12-4834-B149-2400EB5ED518}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5FBBE0D4-2358-4E70-9FAD-E6479F7740B7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8BA88D34-886F-49D3-8E22-023FC28856E6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{672246B4-D9F9-4760-9DDD-0CB61AD192E3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2D6C2062-B12F-497B-83F6-257021AED866}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5F00D6D1-1DFD-4F52-A171-D5957A5C05F3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DA9D1287-C545-4055-B3EC-8981BD7B25B5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{AE4F077E-A4D4-44D4-BF9D-74B38C7AA96F}D:\hry\firewatch\firewatch.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1C03A703-F818-41A7-AB27-44769CCEBB54}D:\hry\firewatch\firewatch.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{98848272-7885-48DA-8C4C-E41CAD576A0B}D:\hry\firewatch.v21.12.201\firewatch.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1038D012-C9C4-4FED-9767-E2F56D1F5280}D:\hry\firewatch.v21.12.201\firewatch.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E8D25CAC-2335-4A73-B38F-ACC9029EEA0A}D:\hry\dying light\dyinglightgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D01CB5F3-0F67-4E69-AD27-836164DD6A9B}D:\hry\dying light\dyinglightgame.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{BFEE9F3F-D7F3-4CF7-BF46-4822FE8D389E}D:\hry\call of duty - modern warfare remastered\h1-mod.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{77B22D07-1D2D-45B5-880A-AEF47BF62D59}D:\hry\call of duty - modern warfare remastered\h1-mod.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E16095EB-9F07-420D-BE84-E30E2D59565B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DCEB4DE8-61CD-438D-94EA-7BFEE7290E0D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{596C6835-35EB-498A-9BD4-45F801413581}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{44C32E63-BECC-4CA1-BE44-BC7188BA34EB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{066C5284-EB4F-4A44-AADC-7C1511345C6E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B98A894F-DB48-424C-A587-4043F55923E5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{833D1E7E-1DCD-4C48-BDB6-A0CA7B3C2A4D}D:\games\uncharted - legacy of thieves collection\u4.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1DB62961-6DDB-4F11-9B6A-15F75FD2DD00}D:\games\uncharted - legacy of thieves collection\u4.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7A99D5B2-C6BB-4DA3-AF3F-1680002CE529}C:\program files\amd\cnext\cnext\radeonsoftware.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{C281C72C-1B34-4AC4-B9D8-DAFBFAA15B7D}C:\program files\amd\cnext\cnext\radeonsoftware.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C8B29D35-38AC-4270-85C9-E1EEA01F6EFC}D:\hry\wolfenstein the new order\wolfneworder_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{91DB6CC1-F002-4EE3-8916-A64CC0980A6D}D:\hry\wolfenstein the new order\wolfneworder_x64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9F6332EC-599A-40D2-B37B-6CCAFB239F9C}D:\hry\surviving the aftermath\aftermath64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5B36DA82-1354-48E1-98D7-BAEBB4CED574}D:\hry\surviving the aftermath\aftermath64.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6955FEE2-E660-456C-97A9-3636807C10CD}D:\hry\the last of us - part i\tlou-i.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3DF502B7-FD68-4A07-AD98-731AE0AE2FDB}D:\hry\the last of us - part i\tlou-i.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E8338C5D-2998-41E5-9643-292AB4F04E71}G:\kingdom come deliverance\bin\win64\kingdomcome.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{330E584F-07A3-4DF9-A7B6-E4BBA72B088F}G:\kingdom come deliverance\bin\win64\kingdomcome.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B4B26371-88C0-47EE-92F1-5C5FD0F280E0}D:\hry\planet zoo\planetzoo.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{EFACA561-0865-4A12-9B54-814418866A57}D:\hry\planet zoo\planetzoo.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6B851656-63BA-4B6D-A2AC-7A5BFF5E0738}D:\hry\planetzoo\planetzoo.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7E0DF77D-2882-494E-9A47-B1B27740C942}D:\hry\planetzoo\planetzoo.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8E19345C-D5DB-4840-A593-C5A9D765D192}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9A8723C1-7033-4168-A198-EA5D0011D7CD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{89EE5730-0E57-410F-BC38-D395CD9B94A6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D3A3058D-B0EE-4E69-9419-E3415BFCC57A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{12F484C1-7EB6-4F6B-835C-56B958F7B17F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3CD0BC0A-2604-43FB-BC03-F8C6CF8BA569}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FFC3A4A0-9A3E-43D2-B780-4F8AA6764C2B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{69AB1B59-2621-4A0C-9CF9-72AD16928985}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F1990E33-2039-45BD-807B-9092AE13C339}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C7BF748A-CCE4-413D-AA8F-809244C8CBCE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{29BF6B94-8ECC-44ED-977C-794A16299D5A}D:\programy\microvirt\memuhyperv\memuhyper.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D322BF38-E2CE-4A4D-BB41-B7572E056F09}D:\programy\microvirt\memuhyperv\memuhyper.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{1AF29D4A-6340-428D-AE76-B5846F839654}D:\games\uncharted - legacy of thieves collection\tll.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D4B4A09A-DEAD-4554-AEA7-8DDBBDCB8681}D:\games\uncharted - legacy of thieves collection\tll.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{30E7110B-32D5-40E9-89E7-5E0A20EDD0E0}F:\climber.sky.is.the.limit-goldberg\climber.sky.is.the.limit-goldberg\climber sky is the limit.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{ACD773D6-4062-4F37-89BC-78AC3ADC2C40}F:\climber.sky.is.the.limit-goldberg\climber.sky.is.the.limit-goldberg\climber sky is the limit.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{689421E6-56A0-4701-BD2E-322643720791}F:\enshrouded\enshrouded.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{313F8EE6-4EE1-4269-AA6D-8A3A4A80B7E6}F:\enshrouded\enshrouded.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{97ED2CD5-27A8-4096-A150-0492E9271CB4}F:\tell.me.why.repack-kaos\tme\binaries\win64\tme-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4CCF6581-14C2-4A98-A541-159D921F12F2}F:\tell.me.why.repack-kaos\tme\binaries\win64\tme-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5E892413-9062-44C3-AED3-6966A7DC1FF3}F:\fabledom.v1.02a\fabledom.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{762BF579-4401-4F45-A838-0E1050E95CD7}F:\fabledom.v1.02a\fabledom.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{98F8BCE9-EAD0-4432-90F0-018C8E331DE9}F:\vrising\vrising.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3C978422-A79C-4581-8795-1987BE64335A}F:\vrising\vrising.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4B2D3E17-50FD-4ECF-BE3D-FDC329D339AB}F:\vrising\vrising_server\vrisingserver.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{25406116-03F6-446A-89B8-6723D279E4F3}F:\vrising\vrising_server\vrisingserver.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{010AA98E-5B84-4027-A93A-6C6FC0E2360B}F:\v rising\vrising.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FC07BEBF-6390-4017-AB86-0497896F9C6D}F:\v rising\vrising.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CE3287AB-DC31-4C45-A488-2AFD160F7598}F:\v rising\vrising_server\vrisingserver.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{CD727281-7B37-4109-A98E-E3755656CC0D}F:\v rising\vrising_server\vrisingserver.exe" => removed successfully
"C:\Users\Sysel\Desktop\Nepotvrzeno 743115.crdownload" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 524984207 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 281591148 B
Windows/system/drivers => 31638881 B
Edge => 0 B
Chrome => 3196166952 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 7504 B
NetworkService => 1360974 B
Sysel => 12136318 B

RecycleBin => 15506253 B
EmptyTemp: => 3.8 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:09:20 ====
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119341
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Detekován PUAbundler:win32/candyopen

#7 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
syslos
Návštěvník
Návštěvník
Příspěvky: 15
Registrován: 27 srp 2024 16:26

Re: Detekován PUAbundler:win32/candyopen

#8 Příspěvek od syslos »

Beze změny. Defender stále detekuje stejnou hrozbu, kterou uvádí jako aktivní.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119341
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Detekován PUAbundler:win32/candyopen

#9 Příspěvek od Rudy »

OK. Stáhněte a spusťte AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 . Utilitu stáhněte, spusťte a nechte pracovat. Po ukončení skenu smažte vše, co najde.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
syslos
Návštěvník
Návštěvník
Příspěvky: 15
Registrován: 27 srp 2024 16:26

Re: Detekován PUAbundler:win32/candyopen

#10 Příspěvek od syslos »

AVPTool nenašel nic. Defender stále hlasí totéž:

PUABundler:Win32/CandyOpen
Úroveň výstrahy: Nízké
Stav: Aktivní
Datum: 12.08.2024 18:54
Kategorie: Potenciálně nežádoucí software
Podrobnosti: Tento program má potenciálně nežádoucí chování.

Ovlivněné položky:
file: C:\Users\Sysel\AppData\Local\Temp\PM23FFWOMTQGKZILXXL9HRDOTEJBO.exe

Daný ovlivněný soubor ve složce ale nevidím, a navíc každý nový scan ukazuje stejný čas - 12.08.2024 18:54.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119341
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Detekován PUAbundler:win32/candyopen

#11 Příspěvek od Rudy »

To vypadá na nějakou ptákovinu. Smažte cache všech prohlížečů a obsah tohoto adresáře můžete smazat celý: C:\Users\Sysel\AppData\Local\Temp .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
syslos
Návštěvník
Návštěvník
Příspěvky: 15
Registrován: 27 srp 2024 16:26

Re: Detekován PUAbundler:win32/candyopen

#12 Příspěvek od syslos »

Smazáno. Defender stále trvá na svém :(
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15649
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Detekován PUAbundler:win32/candyopen

#13 Příspěvek od JaRon »

Zaskocim:
Prescanuj este s MBAM a po vycisteni vloz aktualne logy FRST
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
syslos
Návštěvník
Návštěvník
Příspěvky: 15
Registrován: 27 srp 2024 16:26

Re: Detekován PUAbundler:win32/candyopen

#14 Příspěvek od syslos »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-08.2024
Ran by Sysel (administrator) on DESKTOP-SRFASFD (Gigabyte Technology Co., Ltd. H310M S2 2.0) (29-08-2024 10:00:38)
Running from C:\Users\Sysel\Desktop\FRST64.exe
Loaded Profiles: Sysel
Platform: Microsoft Windows 10 Pro Version 22H2 19045.4780 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(D:\Programy\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) D:\Programy\Malwarebytes.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_a55aa2cd52a3429d\LMS.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) D:\Programy\MBAMService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MsMpEng.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MysticLight\MysticLight2_Service.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_78cd02ab022cd554\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2406.13.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe <2>
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MysticLight\LEDKeeper.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [YKB 3000 Gaming Keyboard Driver] => C:\Program Files\YKB 3000\YKB 3000 Gaming Keyboard Driver.exe [2039808 2020-11-25] (TODO: <Company name>) [File not signed]
HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14916448 2021-03-26] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\Run: [MicrosoftEdgeAutoLaunch_034C0662AD04BF19A02F5311BBF66569] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3741224 2024-08-22] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-11058042-1712766284-1418202981-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Users\Sysel\Desktop\Fliqlo.scr
HKLM\...\Windows x64\Print Processors\Canon TS5300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDFO.DLL [509952 2019-07-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS5300 series: C:\WINDOWS\system32\CNMLMFO.DLL [940032 2019-07-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\127.0.6533.122\Installer\chrmstp.exe [2024-08-27] (Google LLC -> Google LLC)
Startup: C:\Users\Sysel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Boom3D.lnk [2022-08-23]
ShortcutTarget: Boom3D.lnk -> C:\Program Files\Global Delight\Boom 3D\Boom3D.exe (No File)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {8CE631C0-84D4-4268-94B7-0997DC47E758} - System32\Tasks\Boom 3D App Updater => C:\Program Files\Global Delight\AppUpdater\Updater.exe [6144 2021-11-12] () [File not signed]
Task: {62346122-3352-4535-9C81-3F99EAE6A825} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E7744179-33B8-4B5D-915C-3A29061C74FD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {14DD3B40-D097-4A27-BD28-7826D77AF057} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9115F801-D51B-4D29-809C-77A049189C53} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4EC1F552-1A1F-4890-8CA8-F64E1BB4B71F} - System32\Tasks\MSILEDKeeper_Host => C:\Program Files (x86)\MSI\MysticLight\LEDKeeper.exe [1071760 2019-09-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {5E91275C-A9EF-4879-9BAA-122C513DB5F7} - System32\Tasks\MSISW_Host => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {9146ADBE-171F-465B-9FB3-D23B03636733} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1277480 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {AF93ECCC-979A-44EB-AAA9-26CA56E57A66} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3347496 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5A161DD9-6B8B-4F85-B021-61B2158FA249} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646696 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {92B46CD6-86BB-4371-85B3-38DA420599B9} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4820E98F-546D-4524-ACF1-DD6817B31658} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0A2B380C-7067-4C03-BF15-48E975114B31} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CD94C078-18F4-4B42-A633-6608163CFD58} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A6FDDF5C-2B2F-4B65-9098-2C5E214D013D} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3CFEAD62-653A-43F3-96B5-8FB17B844F5A} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{2ef07428-8c3a-4cc7-a4ec-a24488856898}: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{d229fd38-bcf5-4aed-a4e4-fe3774f964d9}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{d229fd38-bcf5-4aed-a4e4-fe3774f964d9}: [DhcpDomain] home
Tcpip\..\Interfaces\{d229fd38-bcf5-4aed-a4e4-fe3774f964d9}\55053413630363036353: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{d229fd38-bcf5-4aed-a4e4-fe3774f964d9}\55053413630363036353: [DhcpDomain] docsis.vodafone.cz
Tcpip\..\Interfaces\{d229fd38-bcf5-4aed-a4e4-fe3774f964d9}\F423D294E6475627E65647D2735343: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{d229fd38-bcf5-4aed-a4e4-fe3774f964d9}\F423D294E6475627E65647D2735343D25374: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{d229fd38-bcf5-4aed-a4e4-fe3774f964d9}\F423D294E6475627E65647D2838333: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{d229fd38-bcf5-4aed-a4e4-fe3774f964d9}\F423D294E6475627E65647D2838333: [DhcpDomain] home

Edge:
=======
Edge Profile: C:\Users\Sysel\AppData\Local\Microsoft\Edge\User Data\Default [2024-08-27]
Edge Extension: (Dokumenty Google offline) - C:\Users\Sysel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-31]
Edge Extension: (Edge relevant text changes) - C:\Users\Sysel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-04]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Default [2024-08-29]
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.cz/"
CHR Extension: (Překladač Google) - C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2024-07-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-08-27]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-08-24]
CHR Extension: (Violentmonkey) - C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jinjaccalgkegednnccohejagnlnfdag [2024-07-09]
CHR Extension: (Morpheon Dark) - C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad [2024-03-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-15]
CHR Profile: C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-08-27]
CHR Profile: C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\System Profile [2024-08-27]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [2568840 2024-07-21] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1874272 2021-03-26] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6840672 2021-03-26] (GOG Sp. z o.o. -> GOG.com)
R2 MBAMService; D:\Programy\MBAMService.exe [8965728 2024-08-28] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; D:\Programy\MBVpnTunnelService.exe [3073888 2024-08-28] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpDefenderCoreService.exe [1427024 2024-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 MysticLight2_Service; C:\Program Files (x86)\MSI\MysticLight\MysticLight2_Service.exe [34976 2018-12-20] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_78cd02ab022cd554\Display.NvContainer\NVDisplay.Container.exe [1275016 2024-08-15] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Rockstar Service; D:\Programy\Launcher\RockstarService.exe [2332976 2021-10-24] (Rockstar Games, Inc. -> Rockstar Games) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522096 2024-08-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\NisSrv.exe [3199648 2024-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MsMpEng.exe [133704 2024-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 RTLDHCPService; C:\Program Files (x86)\netis\USB Wireless LAN Utility\RTLDHCP.exe [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [25560 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [59920 2022-05-31] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2020-10-09] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [19968 2019-10-17] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2024-08-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 FXVAD; C:\WINDOWS\system32\drivers\fxvad.sys [326656 2022-05-30] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [231504 2024-08-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-08-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [201280 2024-08-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [78928 2024-08-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2024-08-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [189776 2024-08-28] (Malwarebytes Inc. -> Malwarebytes)
S3 MDA_NTDRV; C:\WINDOWS\system32\MDA_NTDRV.sys [43664 2023-11-13] (Chongqing NIUBI Technology Co., Ltd. -> )
R3 MpKsl649f3307; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EA7F9D48-27FF-4BE5-98A4-B12095ADBF88}\MpKslDrv.sys [271640 2024-08-28] (Microsoft Windows -> Microsoft Corporation)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\MysticLight\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [47240 2024-04-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 RTCore64; D:\Programy\MSI Afterburner\RTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22080 2024-08-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [602504 2024-08-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2024-08-10] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz149; \??\C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys [X] <==== ATTENTION
S3 TRIXX; \??\C:\Users\Sysel\AppData\Local\Temp\TRIXX.sys [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-08-29 10:00 - 2024-08-29 10:01 - 000019165 _____ C:\Users\Sysel\Desktop\FRST.txt
2024-08-28 15:09 - 2024-08-28 16:19 - 000000000 ____D C:\Users\Sysel\AppData\Local\Malwarebytes
2024-08-28 15:09 - 2024-08-28 15:09 - 000189776 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2024-08-28 15:09 - 2024-08-28 15:09 - 000000664 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2024-08-28 15:09 - 2024-08-28 15:09 - 000000664 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-08-28 15:08 - 2024-08-28 15:08 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-08-28 15:07 - 2024-08-28 15:07 - 279713832 _____ (Malwarebytes) C:\Users\Sysel\Desktop\MBSetup-076981.076981-5.1.9.124.exe
2024-08-27 20:23 - 2024-08-27 20:50 - 000000000 ____D C:\KVRT2020_Data
2024-08-27 20:20 - 2024-08-27 20:23 - 111409520 _____ (AO Kaspersky Lab) C:\Users\Sysel\Desktop\KVRT.exe
2024-08-27 17:58 - 2024-08-27 17:58 - 008790880 _____ (Malwarebytes) C:\Users\Sysel\Desktop\AdwCleaner.exe
2024-08-27 17:43 - 2024-08-27 19:10 - 088866816 _____ C:\WINDOWS\system32\config\SOFTWARE
2024-08-27 17:42 - 2024-08-27 17:43 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2024-08-27 17:23 - 2024-08-29 10:00 - 000000000 ____D C:\FRST
2024-08-27 17:23 - 2024-08-27 17:23 - 002397184 _____ (Farbar) C:\Users\Sysel\Desktop\FRST64.exe
2024-08-27 16:27 - 2024-08-27 16:27 - 000000889 _____ C:\Users\Sysel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\adwcleaner(3).lnk
2024-08-24 20:32 - 2024-08-24 20:32 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-08-24 20:32 - 2024-08-24 20:32 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-08-24 20:32 - 2024-08-24 20:32 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-08-24 20:32 - 2024-08-24 20:32 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-08-24 20:32 - 2024-08-24 20:32 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-08-24 20:32 - 2024-08-24 20:32 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-08-24 20:32 - 2024-08-24 20:32 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-08-24 20:32 - 2024-08-24 20:32 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-08-24 20:32 - 2024-08-24 20:32 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-08-24 20:32 - 2024-06-11 22:19 - 002900520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2024-08-24 20:32 - 2024-06-11 22:19 - 002231336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2024-08-24 20:32 - 2024-06-11 22:18 - 001296936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2024-08-24 20:32 - 2024-03-26 21:11 - 000180760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2024-08-24 20:32 - 2024-03-26 21:11 - 000159768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2024-08-24 20:25 - 2024-08-24 20:25 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2024-08-24 20:22 - 2024-08-14 12:00 - 000121872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2024-08-24 20:21 - 2024-08-15 03:31 - 025312928 _____ C:\WINDOWS\system32\nvidia-pcc.exe
2024-08-24 20:21 - 2024-08-15 03:31 - 002040584 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2024-08-24 20:21 - 2024-08-15 03:31 - 002040584 _____ C:\WINDOWS\system32\vulkaninfo.exe
2024-08-24 20:21 - 2024-08-15 03:31 - 001583888 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-08-24 20:21 - 2024-08-15 03:31 - 001583888 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2024-08-24 20:21 - 2024-08-15 03:31 - 001446800 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2024-08-24 20:21 - 2024-08-15 03:31 - 001446800 _____ C:\WINDOWS\system32\vulkan-1.dll
2024-08-24 20:21 - 2024-08-15 03:31 - 001296656 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2024-08-24 20:21 - 2024-08-15 03:31 - 001296656 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2024-08-24 20:21 - 2024-08-15 03:31 - 000477824 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2024-08-24 20:21 - 2024-08-15 03:31 - 000374936 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2024-08-24 20:21 - 2024-08-15 03:28 - 001078944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2024-08-24 20:21 - 2024-08-15 03:28 - 000669824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2024-08-24 20:21 - 2024-08-15 03:28 - 000505904 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2024-08-24 20:21 - 2024-08-15 03:27 - 002178712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2024-08-24 20:21 - 2024-08-15 03:27 - 001629312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2024-08-24 20:21 - 2024-08-15 03:27 - 001547440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2024-08-24 20:21 - 2024-08-15 03:27 - 001202712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2024-08-24 20:21 - 2024-08-15 03:27 - 001034400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2024-08-24 20:21 - 2024-08-15 03:27 - 000856600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2024-08-24 20:21 - 2024-08-15 03:27 - 000796808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2024-08-24 20:21 - 2024-08-15 03:26 - 014270088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2024-08-24 20:21 - 2024-08-15 03:26 - 000461976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2024-08-24 20:21 - 2024-08-15 03:25 - 016200344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2024-08-24 20:21 - 2024-08-15 03:25 - 006914184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2024-08-24 20:21 - 2024-08-15 03:25 - 005910152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2024-08-24 20:21 - 2024-08-15 03:25 - 005349000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2024-08-24 20:21 - 2024-08-15 03:25 - 003788416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2024-08-24 20:21 - 2024-08-15 03:25 - 000853128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2024-08-24 20:21 - 2024-08-15 03:24 - 007133024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2024-08-24 20:21 - 2024-08-15 03:24 - 006212736 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2024-08-24 20:21 - 2024-08-14 12:00 - 000127247 _____ C:\WINDOWS\system32\nvinfo.pb
2024-08-24 20:16 - 2024-08-24 20:20 - 701110360 _____ (NVIDIA Corporation) C:\Users\Sysel\Desktop\560.94-desktop-win10-win11-64bit-international-dch-whql.exe
2024-08-24 19:37 - 2024-03-26 21:11 - 000059928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2024-08-24 19:37 - 2024-03-26 19:21 - 000060240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2024-08-24 19:36 - 2024-08-24 19:36 - 000000000 ____D C:\Users\Sysel\Documents\Ghost of Tsushima DIRECTOR'S CUT
2024-08-24 19:36 - 2024-08-24 19:36 - 000000000 ____D C:\Users\Sysel\AppData\Roaming\Sucker Punch Productions
2024-08-24 18:59 - 2024-08-27 22:09 - 000000000 ____D C:\Users\Sysel\AppData\Roaming\kebug
2024-08-24 14:57 - 2024-08-24 14:57 - 000106496 _____ (PCGameBenchmark) C:\Users\Sysel\Desktop\PCGameBenchmark_Detector.exe
2024-08-19 21:38 - 2024-08-19 21:38 - 000000000 ___HD C:\$WinREAgent
2024-08-12 18:53 - 2024-08-12 18:53 - 000000000 ____D C:\Users\Sysel\AppData\Roaming\Wise

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-08-29 09:40 - 2023-07-15 21:09 - 000000000 ____D C:\ProgramData\NVIDIA
2024-08-29 09:39 - 2021-04-15 19:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-08-28 16:24 - 2021-04-15 18:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-08-28 15:09 - 2021-04-15 19:36 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-08-28 15:09 - 2021-04-15 19:35 - 000000000 ____D C:\WINDOWS\INF
2024-08-27 22:09 - 2022-08-23 11:56 - 000000000 ____D C:\Users\Sysel\AppData\Local\Boom 3D
2024-08-27 19:17 - 2021-04-15 19:37 - 000716874 _____ C:\WINDOWS\system32\perfh005.dat
2024-08-27 19:17 - 2021-04-15 19:37 - 000145052 _____ C:\WINDOWS\system32\perfc005.dat
2024-08-27 19:17 - 2021-04-15 18:53 - 001693568 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-08-27 19:10 - 2023-07-15 20:50 - 000001134 _____ C:\WINDOWS\system32\config\VSMIDK
2024-08-27 19:10 - 2021-04-15 19:32 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-08-27 19:10 - 2021-04-15 18:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-08-27 19:10 - 2020-09-27 07:55 - 000008192 ___SH C:\DumpStack.log.tmp
2024-08-27 19:08 - 2023-03-23 19:40 - 000000000 ____D C:\Users\Sysel\AppData\LocalLow\Temp
2024-08-27 18:47 - 2021-04-15 18:52 - 000000000 ____D C:\Users\Sysel\AppData\Local\D3DSCache
2024-08-27 18:11 - 2022-02-27 19:48 - 000000000 ____D C:\Users\Sysel\AppData\Roaming\qBittorrent
2024-08-27 17:20 - 2023-10-07 16:01 - 000000445 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2024-08-27 17:04 - 2021-04-15 20:09 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2024-08-27 16:35 - 2021-12-18 18:35 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-08-27 16:35 - 2021-04-15 19:36 - 000000000 ___HD C:\Program Files\WindowsApps
2024-08-27 16:35 - 2021-04-15 19:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-08-27 16:09 - 2020-11-18 18:00 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-08-25 16:03 - 2022-06-13 18:19 - 000000000 ____D C:\Users\Sysel\AppData\Local\CrashDumps
2024-08-25 14:26 - 2021-09-01 13:04 - 000000000 ____D C:\Users\Sysel\AppData\Local\NVIDIA Corporation
2024-08-24 20:38 - 2023-07-15 21:09 - 000000000 ____D C:\Users\Sysel\AppData\Local\NVIDIA
2024-08-24 20:38 - 2023-07-15 21:09 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2024-08-24 20:32 - 2023-07-15 21:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2024-08-24 20:32 - 2021-04-16 18:26 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2024-08-24 20:32 - 2021-04-16 18:26 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2024-08-24 20:32 - 2021-04-15 19:23 - 000000000 ____D C:\ProgramData\Package Cache
2024-08-24 20:25 - 2023-07-15 21:09 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2024-08-24 14:57 - 2020-09-27 09:58 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-08-22 21:20 - 2021-04-15 18:42 - 000404104 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-08-22 21:19 - 2023-10-07 15:55 - 000000000 ____D C:\Program Files\Hyper-V
2024-08-22 21:19 - 2023-07-15 21:09 - 000000000 ___SD C:\WINDOWS\system32\lxss
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 ____D C:\WINDOWS\SystemResources
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 ____D C:\WINDOWS\system32\setup
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 ____D C:\WINDOWS\Provisioning
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-08-22 21:19 - 2021-04-15 19:36 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-08-19 21:49 - 2021-04-15 19:33 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-08-19 21:45 - 2021-04-15 18:44 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-08-17 21:05 - 2021-04-17 15:31 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-08-17 21:03 - 2021-04-17 15:31 - 197093640 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-08-10 22:27 - 2021-04-15 18:42 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

==================== Files in the root of some directories ========

2022-07-25 21:38 - 2022-07-27 12:02 - 000000813 _____ () C:\Users\Sysel\AppData\Roaming\DESKTOP-SRFASFD.MTBF.txt
2021-05-01 19:41 - 2021-05-01 19:46 - 000012288 _____ () C:\Users\Sysel\AppData\Roaming\emp.bin
2023-11-10 11:28 - 2023-11-10 11:35 - 000000016 _____ () C:\Users\Sysel\AppData\Roaming\msregsvv.dll
2023-07-15 22:27 - 2023-07-15 22:27 - 000000291 _____ () C:\Users\Sysel\AppData\Local\ledConfiguration.config
2023-07-15 22:27 - 2023-07-15 22:42 - 000000747 _____ () C:\Users\Sysel\AppData\Local\NvidiaLEDVisualizer.config

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-08.2024
Ran by Sysel (29-08-2024 10:01:40)
Running from C:\Users\Sysel\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.4780 (X64) (2021-04-15 16:52:26)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-11058042-1712766284-1418202981-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-11058042-1712766284-1418202981-503 - Limited - Disabled)
Guest (S-1-5-21-11058042-1712766284-1418202981-501 - Limited - Disabled)
Sysel (S-1-5-21-11058042-1712766284-1418202981-1001 - Administrator - Enabled) => C:\Users\Sysel
WDAGUtilityAccount (S-1-5-21-11058042-1712766284-1418202981-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
A Sharper Scaling version 1.2 (HKLM-x32\...\{7CFADE53-9599-48C5-9FE3-689E56C1D96B}_is1) (Version: 1.2 - )
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Assassins Creed Origins The Curse of the Pharaohs (HKLM-x32\...\Assassins Creed Origins The Curse of the Pharaohs_is1) (Version: - )
Audacity 3.4.2 (HKLM\...\Audacity_is1) (Version: 3.4.2 - Audacity Team)
BS.Player PRO (HKLM-x32\...\BSPlayerp) (Version: 2.74.1085 - AB Team, d.o.o.)
Creative Pack Volume 1 (HKLM\...\{997BE27F-A97F-4EF4-B841-D20ABF1CD6DC}) (Version: 4.0.0 - Corel Corporation)
CustomsForge Song Manager - Latest Build 1.6.0.1 (HKLM-x32\...\58F35625-541C-493A-A289-4B2D362DAFE0_is1) (Version: 1.6.0.1 - CustomsForge)
Days Gone (HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\FLT_Days Gone) (Version: - )
Dazzle Video Capture DVC100 X64 Driver 1.08 (HKLM-x32\...\{FB4B9EB9-68B2-4C42-8C38-B65F8FE5A5CA}) (Version: 1.08.0000 - Pinnacle)
Dynamic Application Loader Host Interface Service (HKLM\...\{F8197FEC-9FA0-4488-AC9D-38E67D58FDAC}) (Version: 1.0.0.0 - Intel Corporation) Hidden
ENE RGB HAL (HKLM\...\{B380DBDE-BA95-481B-92E9-52F2E5E84F24}) (Version: 1.00.15 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{adbc3d98-57f2-4d68-b155-138f8fb0f73d}) (Version: 1.00.15 - Ene Tech.) Hidden
ENE_DRAM_RGB_AURA42 (HKLM\...\{BC5E0A82-C638-44CB-8129-20C8ED70DE7A}) (Version: 1.00.02 - Ene Tech.) Hidden
ENE_DRAM_RGB_AURA42 (HKLM-x32\...\{f3d7fb09-b93f-4c01-a765-0b0adc5bc746}) (Version: 1.00.02 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{1CD178C9-BB49-4E59-9DA6-3C152E2A9844}) (Version: 1.00.01 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{fe81cfd3-9db4-409d-b0f9-26707d1423c6}) (Version: 1.00.01 - ENE TECHNOLOGY INC.) Hidden
Geeks3D FurMark 1.25.1.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: 1.25.1.0 - Geeks3D)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 127.0.6533.122 - Google LLC)
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.2372.2 - Rockstar Games)
Grim Dawn (HKLM-x32\...\Grim Dawn_is1) (Version: - )
Guitar Rig 6 (HKLM\...\Guitar Rig 6 Pro_is1) (Version: 6.0.3 - Native Instruments & Team V.R)
Heavy Rain (HKLM-x32\...\Heavy Rain_is1) (Version: - )
Hogwarts Legacy (HKLM-x32\...\Hogwarts Legacy_is1) (Version: 0.0.0 - DODI-Repacks)
INDIKA - CZ (HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\INDIKA - CZ) (Version: - )
Intel(R) Chipset Device Software (HKLM\...\{44C34709-F068-4CBC-8A71-515EDBC3B2A6}) (Version: 10.1.18383.8213 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{afad3740-3061-4b48-a9ab-6f1435cb3dd6}) (Version: 10.1.18383.8213 - Intel(R) Corporation)
Intel(R) Icls (HKLM\...\{456B5CCF-722F-4AC9-9490-3C9FCADEEEF2}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) LMS (HKLM\...\{AD1C4C82-ED20-4DD6-A5BA-DA8748D1AF98}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2020.14.0.1600 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{B8179F2A-010B-4F9C-AFA1-FB38E4D387A8}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{BAA8CB3F-7E98-4064-8ED5-3C116C15EF13}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{E22D7631-A5A7-4483-9E20-7C91E447B94C}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Kingdom Come: Deliverance - A Woman's Lot (HKLM-x32\...\1460218995_is1) (Version: 1.9.6-404-504czj3 - GOG.com)
Kingdom Come: Deliverance – Band of Bastards (HKLM-x32\...\1957357825_is1) (Version: 1.9.6-404-504czj3 - GOG.com)
Kingdom Come: Deliverance – From the Ashes (HKLM-x32\...\1201995925_is1) (Version: 1.9.6-404-504czj3 - GOG.com)
Kingdom Come: Deliverance – The Amorous Adventures of Bold Sir Hans Capon (HKLM-x32\...\1336069439_is1) (Version: 1.9.6-404-504czj3 - GOG.com)
Kingdom Come: Deliverance (HKLM-x32\...\1719198803_is1) (Version: 1.9.6-404-504czj3 - GOG.com)
Kingdom Come: Deliverance Treasures of the Past DLC (HKLM-x32\...\1300320746_is1) (Version: 1.9.6-404-504czj3 - GOG.com)
Kontrola stavu osobního počítače s Windows (HKLM\...\{95548B78-8547-4E91-B0DA-1CBB82150917}) (Version: 3.7.2204.15001 - Microsoft Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Life is Strange 2 (HKLM-x32\...\Life is Strange 2_is1) (Version: 0.0.0 - DODI-Repacks)
Malwarebytes version 5.1.9.124 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.1.9.124 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 128.0.2739.42 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 128.0.2739.42 - Microsoft Corporation)
Microsoft Office Access MUI (Czech) 2007 (HKLM-x32\...\{90120000-0015-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Excel MUI (Czech) 2007 (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Czech) 2007 (HKLM-x32\...\{90120000-00BA-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2007 (HKLM-x32\...\{90120000-0044-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (HKLM\...\{90120000-002A-0000-1000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2007 (HKLM-x32\...\{90120000-00A1-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2007 (HKLM-x32\...\{90120000-001A-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2007 (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proof (Czech) 2007 (HKLM-x32\...\{90120000-001F-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2007 (HKLM-x32\...\{90120000-001F-041B-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2007 (HKLM-x32\...\{90120000-002C-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2007 (HKLM-x32\...\{90120000-0019-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2007 (HKLM\...\{90120000-002A-0405-1000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2007 (HKLM-x32\...\{90120000-006E-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2007 (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33135 (HKLM-x32\...\{c649ede4-f16a-4486-a117-dcc2f2a35165}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.38.33135 (HKLM-x32\...\{46c3b171-c15c-4137-8e1d-67eeb2985b44}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33135 (HKLM\...\{19AFE054-CA83-45D5-A9DB-4108EF4BD391}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33135 (HKLM\...\{AA0C8AB5-7297-4D46-A0D9-08096FE59E46}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.38.33135 (HKLM-x32\...\{9C19C103-7DB1-44D1-A039-2C076A633A38}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.38.33135 (HKLM-x32\...\{286DC39B-5FB7-4AFF-9DD4-22DB47664CD7}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Minimal ADB and Fastboot version 1.4.3 (HKLM-x32\...\{B561660D-8B3C-491D-9E3E-293F14FCAADA}_is1) (Version: 1.4.3 - Samuel Rodberg)
Modern Warfare Remastered v.1.15.1251288.0 (HKLM-x32\...\{6033673D-2930-7711-3AD2-EB059FC263F9}_is1) (Version: - RePack by Canek77)
MSI Afterburner 4.6.4 Beta 3 (HKLM-x32\...\Afterburner) (Version: 4.6.4 Beta 3 - MSI Co., LTD)
MSI MysticLight (HKLM-x32\...\{93874B70-6C5E-446A-AF4D-E5AC776A0386}}_is1) (Version: 3.0.0.70 - MSI)
NewBlue Effects (HKLM\...\{C68BAB1A-C7DF-4D81-83FC-981B31921924}) (Version: 2.1.0 - Corel Corporation)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.28.0.417 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.28.0.417 - NVIDIA Corporation)
NVIDIA LED Visualizer 1.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.LEDVisualizer) (Version: 1.3 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.4.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.0.1 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 560.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 560.94 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
Paint Shop Pro 7 ESD (HKLM-x32\...\{D6DE02C7-1F47-11D4-9515-00105AE4B89A}) (Version: 7.0.0.0000 - Jasc Software Inc)
qBittorrent (HKLM-x32\...\qBittorrent) (Version: 4.6.0 - The qBittorrent project)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.46.1231.2020 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
Red Dead Redemption 2 (HKLM-x32\...\Red Dead Redemption 2_is1) (Version: - )
RivaTuner Statistics Server 7.3.2 Beta 2 (HKLM-x32\...\RTSS) (Version: 7.3.2 Beta 2 - Unwinder)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.37.349 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.9.3 - Rockstar Games)
Sapphire TRIXX 8.6.0 (HKLM-x32\...\{49272457-BEDE-4A3A-808F-7BBD4840E85B}_is1) (Version: 8.6.0 - Sapphire)
ScoreFitter Volumes 1-2 (HKLM\...\{5CA29919-6361-4A17-91C5-6819E43794B1}) (Version: 3.0 - Corel Corporation)
Sims 4 Mod Manager version b1.0.9 (HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\{0A555FCD-A8E3-47F6-B776-033D8017BFDC}_is1) (Version: b1.0.9 - GameTimeDev)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.99.305.1020 - Electronic Arts Inc.)
The Witcher 3: Wild Hunt - Game of the Year Edition (HKLM-x32\...\1495134320_is1) (Version: 4.02_Hotfix - GOG.com)
Title Extreme (HKLM\...\{3B519225-B4B2-40B7-A431-3C6AAE2831B4}) (Version: 3.0 - Corel Corporation)
TP-Link Archer T2U Plus Driver (HKLM-x32\...\{D646A985-33A6-4D98-973F-44CC267BD834}) (Version: 2.1.0 - TP-Link)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{85C69797-7336-4E83-8D97-32A7C8465A3B}) (Version: 8.94.0.0 - Microsoft Corporation)
Wondershare Filmora 11(Build 11.0.10.2) (HKLM\...\Wondershare Filmora 11_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
YKB 3000 Gaming Keyboard Driver (HKLM-x32\...\YKB 3000 Gaming Keyboard Driver) (Version: V1.01n - YENKEE)

Chrome apps:
============
YouTube Music (HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\7d0759e527abc1afd161532a334cc2fe) (Version: 1.0 - Google\Chrome)

Packages:
=========

AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.2.1293.0_x64__8wekyb3d8bbwe [2024-06-09] (Microsoft Corporation)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2023-11-16] (Canon Inc.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-07-25] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-04-16] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-04-16] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-08-24] (NVIDIA Corp.)
Pantone Color of the Year 2022 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.PantoneColoroftheYear2022_1.0.0.0_neutral__8wekyb3d8bbwe [2023-11-07] (Microsoft Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.20.235.0_x64__dt26b99r8h8gj [2023-06-10] (Realtek Semiconductor Corp)
Vyhledávání na webu z Microsoft Bingu -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.95.0_x64__8wekyb3d8bbwe [2024-07-23] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-11058042-1712766284-1418202981-1001_Classes\CLSID\{e1a7f602-67b7-44f7-ad19-439e41f06cd8}\localserver32 -> "C:\Program Files\Global Delight\Boom 3D\Boom3D.exe" -ToastActivated => No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Programy\mbshlext.dll [2024-08-28] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_78cd02ab022cd554\nvshext.dll [2024-08-15] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Programy\mbshlext.dll [2024-08-28] (Malwarebytes Inc. -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.RTV1] => C:\WINDOWS\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2023-08-06] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2023-08-06] (Electronic Arts -> On2.com)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Sysel\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_cinhimbnkkaeohfgghhklpknlkffjgod\YouTube Music.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cinhimbnkkaeohfgghhklpknlkffjgod
ShortcutWithArgument: C:\Users\Sysel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube Music.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cinhimbnkkaeohfgghhklpknlkffjgod
ShortcutWithArgument: C:\Users\Sysel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\YouTube Music.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cinhimbnkkaeohfgghhklpknlkffjgod

==================== Loaded Modules (Whitelisted) =============

2023-07-15 22:55 - 2017-08-02 14:48 - 000237568 _____ () [File not signed] C:\Program Files (x86)\MSI\MysticLight\LEDControl.dll
2020-01-13 13:51 - 2020-01-13 13:51 - 000210432 _____ () [File not signed] C:\Program Files\ENE\Aac_ENE RGB HAL\x86\AacHal_x86.dll
2019-10-22 02:16 - 2019-10-22 02:16 - 000264704 _____ () [File not signed] C:\Program Files\ENE\Aac_ENE RGB HAL\x86\SB_SMBUS_SDK.dll
2019-11-06 14:09 - 2019-11-06 14:09 - 000190976 _____ () [File not signed] C:\Program Files\ENE\Aac_ENE_DRAM_RGB_AURA42\x86\AacHal_x86.dll
2019-06-28 10:51 - 2019-06-28 10:51 - 000184832 _____ () [File not signed] C:\Program Files\ENE\Aac_ENE_EHD_M2_HAL\AacHal_x86.dll
2023-07-15 22:55 - 2018-11-14 23:08 - 002200784 _____ (Dexin Corp -> MICRO-STAR INTERNATIONAL) [File not signed] C:\Program Files (x86)\MSI\MysticLight\IcMSIDll.dll
2021-04-16 18:07 - 2019-02-21 18:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2023-07-15 22:55 - 2016-10-03 13:43 - 000399872 _____ (TODO: <公司名稱>) [File not signed] C:\Program Files (x86)\MSI\MysticLight\Lib\SDKDLL.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2021-04-15 19:36 - 2024-08-27 19:05 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

2023-10-07 16:01 - 2024-08-27 17:20 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.32.1 DESKTOP-SRFASFD.mshome.net # 2029 8 0 26 15 20 48 831

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-11058042-1712766284-1418202981-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sysel\Pictures\wallpaper-mania.com_High_resolution_wallpaper_background_ID_77700001659.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

Network Binding:
=============
Wi-Fi 3: TP-Link Wireless USB Adapter -> rtwlanu.sys
Ethernet: Realtek Gaming GbE Family Controller -> rt640x64.sys

vms_vsf: Hyper-V Virtual Switch Extension Filter
ms_vfpext: Microsoft Azure VFP Switch Extension
vms_vsp: Hyper-V Virtual Switch Extension Protocol

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "YKB 3000 Gaming Keyboard Driver"
HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\StartupApproved\StartupFolder: => "Boom3D.lnk"
HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\StartupApproved\Run: => "GogGalaxy"
HKU\S-1-5-21-11058042-1712766284-1418202981-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_034C0662AD04BF19A02F5311BBF66569"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C4C5FBC2-D058-4C3E-B956-5616A11F3565}] => (Allow) D:\Programy\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3A28D871-FD36-4243-9651-597AA33A826C}] => (Allow) D:\Programy\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{F7B0B944-B267-4D80-8CE6-B94DF75B746D}] => (Allow) D:\Programy\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7BF9B97D-51F3-43BF-977E-6E9CFFE0B487}] => (Allow) D:\Programy\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{762B8DC1-B6F3-4217-B868-6BBFB2501B58}] => (Allow) D:\Programy\Steam\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [{FC341532-D3FA-489F-A0CC-C86EF585F0A6}] => (Allow) D:\Programy\Steam\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [TCP Query User{689E6190-A0CF-4D0A-A189-761E02E1D4CE}D:\hry\grand theft auto v\gta5.exe] => (Block) D:\hry\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) [File not signed]
FirewallRules: [UDP Query User{559DB2A7-0A44-49A4-9716-FCCA6F92DEB6}D:\hry\grand theft auto v\gta5.exe] => (Block) D:\hry\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games) [File not signed]
FirewallRules: [{C694B2A3-AA51-49DC-9847-00A31CC018F9}] => (Allow) LPort=1542
FirewallRules: [{EFA625FA-4A5C-46C3-B8B4-A200C5470FBF}] => (Allow) LPort=1542
FirewallRules: [{37153D3B-B556-4E1C-A738-820CC63E772D}] => (Allow) LPort=53
FirewallRules: [{CBF19A06-A456-4C54-A371-FA3CF28E4C53}] => (Allow) LPort=53
FirewallRules: [{7BA01785-BBEC-4FDD-B5CD-77582B42636E}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{C6CFAB22-6647-421B-A7A2-5AF6B3236466}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{4EB754EA-5E5F-4955-A908-A1D2FC9C2D57}] => (Allow) D:\Programy\Steam\steamapps\common\Rocksmith2014\Rocksmith2014.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{BFE63AB1-9C3B-4360-B4D4-4C0E3877C37A}] => (Allow) D:\Programy\Steam\steamapps\common\Rocksmith2014\Rocksmith2014.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{206093AF-1F37-4FBA-85A3-FCEAE906ADC7}] => (Allow) D:\Hry\Red Dead Redemption 2\RDR2.exe (Rockstar Games) [File not signed]
FirewallRules: [{6D4EF899-4E64-45BD-BFE6-C0527007AD17}] => (Allow) D:\Hry\Red Dead Redemption 2\RDR2.exe (Rockstar Games) [File not signed]
FirewallRules: [TCP Query User{B8B7503B-D1BF-4419-BD3A-6E1899DD18D7}D:\hry\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Block) D:\hry\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe (Warner Bros. Interactive) [File not signed]
FirewallRules: [UDP Query User{2FF3FAE1-F2A3-44A5-A6CA-D49B8CE54C74}D:\hry\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Block) D:\hry\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe (Warner Bros. Interactive) [File not signed]
FirewallRules: [{9E8A40A0-10E9-41F0-92F6-FE2AD5C5DF89}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{E7323F3B-BF56-47EC-A91C-2487934CC1C3}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [TCP Query User{12F28879-48CB-412A-B96F-C8C1A8F9076C}F:\dying light\dyinglightgame.exe] => (Block) F:\dying light\dyinglightgame.exe => No File
FirewallRules: [UDP Query User{E47410DA-76AA-4E7D-85E3-EFF470FA38D3}F:\dying light\dyinglightgame.exe] => (Block) F:\dying light\dyinglightgame.exe => No File
FirewallRules: [TCP Query User{113875F6-83C9-4690-A0F7-ED6E88B666F7}D:\hry\polylithic.early.access\polylithic.early.access\polylithic.exe] => (Block) D:\hry\polylithic.early.access\polylithic.early.access\polylithic.exe () [File not signed]
FirewallRules: [UDP Query User{8DFE5DD2-F82F-4F80-9802-979E63EFBB3D}D:\hry\polylithic.early.access\polylithic.early.access\polylithic.exe] => (Block) D:\hry\polylithic.early.access\polylithic.early.access\polylithic.exe () [File not signed]
FirewallRules: [TCP Query User{316CBD2F-67BA-4B56-B721-2E05AE7D3660}F:\heavy rain\heavyrain.exe] => (Block) F:\heavy rain\heavyrain.exe () [File not signed]
FirewallRules: [UDP Query User{250F37B0-B3EB-4D05-80F9-96A2A1DB09C2}F:\heavy rain\heavyrain.exe] => (Block) F:\heavy rain\heavyrain.exe () [File not signed]
FirewallRules: [TCP Query User{D979709A-D374-4383-B30A-648D667F76C3}F:\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) F:\kingdom come deliverance\bin\win64\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [UDP Query User{E1D70A88-B79B-48DF-8D79-8F10FE670566}F:\kingdom come deliverance\bin\win64\kingdomcome.exe] => (Block) F:\kingdom come deliverance\bin\win64\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{B58F636A-1489-456A-8592-AAD6A07A6C5B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.126.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0DD4EA35-FF70-46CB-B016-D70DEF6D661F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.126.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8B882604-C966-443A-B933-F849896B555A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.126.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F8E63711-74F3-47DF-BC22-7367A48C3BA4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.126.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{90652C57-1F8B-4C87-86C0-B8F4BCD90EC0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CF71C379-E184-4835-83F0-85AEE64969F1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2A34FFC1-F432-49C6-960F-F50448070C07}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8C3E0872-B569-4339-B8FB-4872AE5C6C04}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8B6D8B8F-E03B-4E87-AC8C-C51226372913}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CC245BE1-B8C2-49D5-A901-62DBB3ACFBFF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{03E8255C-0D76-41A4-BFE0-7C4E67AA15FD}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{0BA4CE96-6F34-4A93-9AE1-4527EA0D1902}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\128.0.2739.42\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{56D32386-3722-4EAC-82D9-42B35443B5D6}] => (Allow) LPort=26820
FirewallRules: [{C0E4436B-5E4D-44C7-8B16-10D1BE64E510}] => (Allow) LPort=26822

==================== Restore Points =========================

25-08-2024 20:30:44 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (08/27/2024 10:10:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program bsplayer.exe verze 2.7.4.1085 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 13f4

Čas spuštění: 01daf8b71dcd33aa

Čas ukončení: 4294967295

Cesta k aplikaci: D:\Programy\BSplayerPro\bsplayer.exe

ID hlášení: ccf0778c-cd9c-4c0c-807d-35e5976df270

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Top level window is idle

Error: (08/27/2024 05:58:43 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.

Error: (08/25/2024 04:03:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GhostOfTsushima.exe, verze: 1053.0.515.2048, časové razítko: 0x664503dd
Název chybujícího modulu: GhostOfTsushima.exe, verze: 1053.0.515.2048, časové razítko: 0x664503dd
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000034a3d68
ID chybujícího procesu: 0xe30
Čas spuštění chybující aplikace: 0x01daf6f654f397f8
Cesta k chybující aplikaci: F:\Ghost of Tsushima DC\GhostOfTsushima.exe
Cesta k chybujícímu modulu: F:\Ghost of Tsushima DC\GhostOfTsushima.exe
ID zprávy: 6d6201fa-6a5b-46df-b9cb-99d765bde498
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/24/2024 09:52:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GhostOfTsushima.exe, verze: 1053.0.515.2048, časové razítko: 0x664503dd
Název chybujícího modulu: GhostOfTsushima.exe, verze: 1053.0.515.2048, časové razítko: 0x664503dd
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000034a3d68
ID chybujícího procesu: 0x15cc
Čas spuštění chybující aplikace: 0x01daf65e606fd554
Cesta k chybující aplikaci: F:\Ghost of Tsushima DC\GhostOfTsushima.exe
Cesta k chybujícímu modulu: F:\Ghost of Tsushima DC\GhostOfTsushima.exe
ID zprávy: c7a12db1-6ee6-446a-927a-e4dd6df3d9d7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (08/24/2024 08:32:57 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač..

Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (08/24/2024 05:17:53 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Instalace (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (08/24/2024 04:35:29 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Data (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (08/24/2024 03:16:17 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Data (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)


System errors:
=============
Error: (08/29/2024 09:39:51 AM) (Source: TPM) (EventID: 15) (User: )
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.

Error: (08/28/2024 03:05:16 PM) (Source: TPM) (EventID: 15) (User: )
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.

Error: (08/27/2024 07:12:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (08/27/2024 07:12:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).

Error: (08/27/2024 07:10:19 PM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.

Error: (08/27/2024 07:05:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (08/27/2024 07:05:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (08/27/2024 07:05:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Realtek Audio Universal Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.


Windows Defender:
================
Date: 2024-08-27 20:59:32
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {BF6A1B4E-C388-4FD9-BE19-85B467EC3F05}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Vlastní prohledávání
Uživatel: DESKTOP-SRFASFD\Sysel

Date: 2024-08-27 18:46:48
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D34BE5CC-CCFE-44F2-A20D-BE062F63BBC1}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-08-27 18:20:51
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: containerfile:_C:\Users\Sysel\Desktop\Nepotvrzeno 743115.crdownload; file:_C:\Users\Sysel\Desktop\Nepotvrzeno 743115.crdownload->MalwareBytes_Anti-Malware_Keygen_v1.7_URET.exe; file:_C:\Users\Sysel\Desktop\Nepotvrzeno 743115.crdownload->MalwareBytes_Anti-Malware_Keygen_v1.7_URET\MalwareBytes_Anti-Malware_Keygen_v1.7_URET.exe; file:_C:\Users\Sysel\Desktop\Nepotvrzeno 743115.crdownload->MalwareBytes_Anti-Malware_Keygen_v1.7_URET\MalwareBytes_Anti-Malware_Keygen_v1.7_URET.rar->MalwareBytes_Anti-Malware_Keygen_v1.7_URET.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Uživatel
Uživatel: DESKTOP-SRFASFD\Sysel
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.417.346.0, AS: 1.417.346.0, NIS: 1.417.346.0
Verze modulu: AM: 1.1.24070.3, NIS: 1.1.24070.3

Date: 2024-08-27 16:54:10
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {190F1FC4-F5D4-4700-AE00-B95A2E4A5BA8}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-08-27 16:41:50
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {B507C04E-C47A-4317-B5DF-FDE41A871E65}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: DESKTOP-SRFASFD\Sysel
Event[0]:

Date: 2024-08-27 17:04:43
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.

Date: 2024-04-14 12:09:26
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Zálohování
Kód chyby: 0x80004004
Popis chyby: Operace přerušena
Verze bezpečnostních informací: 1.409.198.0;1.409.198.0
Verze modulu: 1.1.24030.4

Date: 2024-04-14 12:09:26
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80004004
Popis chyby: Operace přerušena
Verze bezpečnostních informací: 1.409.248.0;1.409.248.0
Verze modulu: 1.1.24030.4

Date: 2023-10-07 15:55:44
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.399.194.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23090.2007
Kód chyby: 0x8024001e
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2023-04-20 20:24:33
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.387.1554.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20200.4
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===============
Date: 2024-08-29 10:02:27
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume4\Programy\mbamsi64.dll that did not meet the Windows signing level requirements.

Date: 2024-08-29 09:56:15
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Programy\mbae64.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. F12 08/13/2019
Motherboard: Gigabyte Technology Co., Ltd. H310M S2 2.0
Processor: Intel(R) Core(TM) i3-9100F CPU @ 3.60GHz
Percentage of memory in use: 29%
Total physical RAM: 16328.12 MB
Available physical RAM: 11488.79 MB
Total Virtual: 18760.12 MB
Available Virtual: 13300.95 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:118.7 GB) (Free:15.56 GB) (Model: Apacer AS350 128GB) NTFS
Drive d: (Instalace) (Fixed) (Total:931.5 GB) (Free:345.54 GB) (Model: TOSHIBA HDWD110) NTFS
Drive e: (Data) (Fixed) (Total:465.76 GB) (Free:287.62 GB) (Model: WDC WD5000AAKX-60U6AA0) NTFS
Drive f: (Gaming) (Fixed) (Total:953.87 GB) (Free:778.57 GB) (Model: Verbatim Vi550 S3) NTFS

\\?\Volume{6cbf6b1f-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS
\\?\Volume{6cbf6b1f-0000-0000-0000-40b01d000000}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==================== End of Addition.txt =======================
Nahoru
syslos
Návštěvník
Návštěvník
Příspěvky: 15
Registrován: 27 srp 2024 16:26

Re: Detekován PUAbundler:win32/candyopen

#15 Příspěvek od syslos »

Omlouvám se ,dal jsem starý log. Udělám nový
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“