Podivné chování

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: memphisto, Mods_senior, Security team

zik9
Level 3.5
Level 3.5
Příspěvky: 854
Registrován: červenec 12
Bydliště: Plzeň
Pohlaví: Muž

Re: Podivné chování

Příspěvekod zik9 » 12 říj 2021 00:07

C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-65c8-748-bd3ea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-65c8-748-bd3ec.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-65c8-748-bd3ee.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-65c8-748-bd400.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-65c8-748-bd402.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-65c8-748-bd404.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-65c8-748-bd406.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6810-60cc-499380.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6810-60cc-4993a1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6810-60cc-4993a3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6810-60cc-4993b5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6810-60cc-4993b7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6810-60cc-4993b9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6810-60cc-4993bb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6810-60cc-4993cd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6810-60cc-4993cf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6810-60cc-4993e0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6810-60cc-4993e2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6810-60cc-4993f4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6810-60cc-4993f6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6810-60cc-4993f8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6810-60cc-4993fa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6810-60cc-49940b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6810-60cc-49944c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6810-60cc-49945e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6810-60cc-49949e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6974-4b08-5d0345.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6974-4b08-5d0376.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6974-4b08-5d0378.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6974-4b08-5d0389.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6974-4b08-5d038b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6974-4b08-5d038d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6974-4b08-5d03ce.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6974-4b08-5d03e0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6974-4b08-5d0401.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6974-4b08-5d0422.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6974-4b08-5d0434.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6974-4b08-5d0436.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6974-4b08-5d0457.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6974-4b08-5d0459.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6974-4b08-5d045b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6974-4b08-5d045d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6974-4b08-5d046f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6974-4b08-5d0471.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6974-4b08-5d0473.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6bc-14b8-166ee48.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6bc-14b8-166ee4a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6bc-14b8-166ee4c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6bc-14b8-166ee4e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6bc-14b8-166ee50.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6bc-14b8-166ee52.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6bc-14b8-166ee64.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6bc-14b8-166ee66.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6bc-14b8-166ee68.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6bc-14b8-166ee6a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6bc-14b8-166ee6c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6bc-14b8-166ee6e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6bc-14b8-166ee70.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6bc-14b8-166ee81.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6bc-14b8-166ee83.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6bc-14b8-166ee85.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6bc-14b8-166ee87.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6bc-14b8-166ee89.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6bc-14b8-166ee8b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6f00-72f8-ff282.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6f00-72f8-ff284.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6f00-72f8-ff296.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6f00-72f8-ff298.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6f00-72f8-ff29a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6f00-72f8-ff29c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6f00-72f8-ff29e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6f00-72f8-ff2a0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6f00-72f8-ff2b2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6f00-72f8-ff2c3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6f00-72f8-ff2c5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6f00-72f8-ff2c7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6f00-72f8-ff2c9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6f00-72f8-ff2cb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6f00-72f8-ff2cd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6f00-72f8-ff2df.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6f00-72f8-ff2e1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6f00-72f8-ff2e3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6f00-72f8-ff2e5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-74b8-5c90-3ee8f8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-74b8-5c90-3ee90a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-74b8-5c90-3ee90c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-74b8-5c90-3ee90e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-74b8-5c90-3ee910.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-74b8-5c90-3ee912.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-74b8-5c90-3ee914.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-74b8-5c90-3ee926.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-74b8-5c90-3ee937.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-74b8-5c90-3ee939.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-74b8-5c90-3ee93b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-74b8-5c90-3ee94d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-74b8-5c90-3ee94f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-74b8-5c90-3ee951.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-74b8-5c90-3ee963.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-74b8-5c90-3ee965.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-74b8-5c90-3ee967.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-74b8-5c90-3ee978.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-74b8-5c90-3ee97a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-7c8-684-2b7d376.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-7c8-684-2b7d387.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-7c8-684-2b7d389.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-7c8-684-2b7d38b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-7c8-684-2b7d39d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-7c8-684-2b7d39f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-7c8-684-2b7d3a1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-7c8-684-2b7d3a3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-7c8-684-2b7d3b5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-7c8-684-2b7d3b7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-7c8-684-2b7d3b9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-7c8-684-2b7d3bb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-7c8-684-2b7d3cc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-7c8-684-2b7d3ce.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-7c8-684-2b7d3d0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-7c8-684-2b7d3e2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-7c8-684-2b7d3e4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-7c8-684-2b7d3e6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-7c8-684-2b7d3e8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-84c-2e74-ab042.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-84c-2e74-ab053.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-84c-2e74-ab055.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-84c-2e74-ab057.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-84c-2e74-ab059.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-84c-2e74-ab06b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-84c-2e74-ab06d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-84c-2e74-ab06f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-84c-2e74-ab071.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-84c-2e74-ab083.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-84c-2e74-ab085.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-84c-2e74-ab087.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-84c-2e74-ab098.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-84c-2e74-ab09a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-84c-2e74-ab09c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-84c-2e74-ab09e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-84c-2e74-ab0b0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-84c-2e74-ab0b2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-84c-2e74-ab0b4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-93c-c78-f4f5d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-93c-c78-f4f5f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-93c-c78-f4f61.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-93c-c78-f4f72.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-93c-c78-f4f74.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-93c-c78-f4f76.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-93c-c78-f4f88.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-93c-c78-f4f8a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-93c-c78-f4f8c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-93c-c78-f4f9e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-93c-c78-f4fa0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-93c-c78-f4fa2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-93c-c78-f4fb3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-93c-c78-f4fb5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-93c-c78-f4fb7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-93c-c78-f4fc9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-93c-c78-f4fcb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-93c-c78-f4fcd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-93c-c78-f4fdf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-984-2b40-9a7ea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-984-2b40-9a7ec.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-984-2b40-9a7fe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-984-2b40-9a800.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-984-2b40-9a802.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-984-2b40-9a804.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-984-2b40-9a806.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-984-2b40-9a817.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-984-2b40-9a829.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-984-2b40-9a82b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-984-2b40-9a82d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-984-2b40-9a83e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-984-2b40-9a840.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-984-2b40-9a842.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-984-2b40-9a844.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-984-2b40-9a856.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-984-2b40-9a858.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-984-2b40-9a85a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-984-2b40-9a85c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-9e0-43c-956cc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-9e0-43c-956ce.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-9e0-43c-956e0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-9e0-43c-956e2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-9e0-43c-956f4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-9e0-43c-956f6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-9e0-43c-95707.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-9e0-43c-95709.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-9e0-43c-9570b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-9e0-43c-9571d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-9e0-43c-9571f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-9e0-43c-95730.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-9e0-43c-95732.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-9e0-43c-95734.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-9e0-43c-95736.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-9e0-43c-95748.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-9e0-43c-9574a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-9e0-43c-9574c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-9e0-43c-9575e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a68-59cc-549f10f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a68-59cc-549f111.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a68-59cc-549f113.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a68-59cc-549f115.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a68-59cc-549f137.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a68-59cc-549f148.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a68-59cc-549f14a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a68-59cc-549f15c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a68-59cc-549f15e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a68-59cc-549f16f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a68-59cc-549f181.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a68-59cc-549f183.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a68-59cc-549f195.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a68-59cc-549f197.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a68-59cc-549f199.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a68-59cc-549f19b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a68-59cc-549f1ac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a68-59cc-549f1ae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a68-59cc-549f1b0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ccc-4b54-6c8945.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ccc-4b54-6c8947.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ccc-4b54-6c8949.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ccc-4b54-6c895a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ccc-4b54-6c895c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ccc-4b54-6c895e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ccc-4b54-6c8960.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ccc-4b54-6c8962.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ccc-4b54-6c8964.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ccc-4b54-6c8976.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ccc-4b54-6c8978.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ccc-4b54-6c897a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ccc-4b54-6c897c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ccc-4b54-6c897e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ccc-4b54-6c8980.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ccc-4b54-6c8992.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ccc-4b54-6c8994.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ccc-4b54-6c8996.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ccc-4b54-6c8998.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-de8-3b7c-119565.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-de8-3b7c-119567.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-de8-3b7c-119569.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-de8-3b7c-11956b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-de8-3b7c-11956d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-de8-3b7c-11957e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-de8-3b7c-119580.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-de8-3b7c-119582.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-de8-3b7c-119584.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-de8-3b7c-119586.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-de8-3b7c-119588.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-de8-3b7c-11959a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-de8-3b7c-11959c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-de8-3b7c-11959e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-de8-3b7c-1195a0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-de8-3b7c-1195a2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-de8-3b7c-1195a4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-de8-3b7c-1195a6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-de8-3b7c-1195b8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-df4-22e4-32cb0b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-df4-22e4-32cb0d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-df4-22e4-32cb1e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-df4-22e4-32cb20.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-df4-22e4-32cb32.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-df4-22e4-32cb34.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-df4-22e4-32cb36.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-df4-22e4-32cb38.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-df4-22e4-32cb4a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-df4-22e4-32cb4c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-df4-22e4-32cb4e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-df4-22e4-32cb50.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-df4-22e4-32cb61.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-df4-22e4-32cb63.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-df4-22e4-32cb65.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-df4-22e4-32cb77.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-df4-22e4-32cb79.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-df4-22e4-32cb7b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-df4-22e4-32cb8c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-eb8-1d8c-d1e1bb6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-eb8-1d8c-d1e1bc7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-eb8-1d8c-d1e1bc9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-eb8-1d8c-d1e1bcb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-eb8-1d8c-d1e1bcd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-eb8-1d8c-d1e1bdf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-eb8-1d8c-d1e1be1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-eb8-1d8c-d1e1be3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-eb8-1d8c-d1e1be5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-eb8-1d8c-d1e1be7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-eb8-1d8c-d1e1bf9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-eb8-1d8c-d1e1bfb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-eb8-1d8c-d1e1bfd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-eb8-1d8c-d1e1bff.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-eb8-1d8c-d1e1c01.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-eb8-1d8c-d1e1c12.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-eb8-1d8c-d1e1c14.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-eb8-1d8c-d1e1c16.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-eb8-1d8c-d1e1c18.tmp deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare deleted
C:\Users\Kuba\AppData\LocalLow\Unity deleted
"C:\DumpStack.log.tmp" not deleted
"C:\Users\Kuba\AppData\Roaming\LGHUB\lockfile" not deleted
"C:\Users\Kuba\AppData\Roaming\LGHUB\Local Storage\leveldb\000003.log" not deleted
"C:\Users\Kuba\AppData\Roaming\LGHUB\Local Storage\leveldb\LOCK" not deleted
"C:\Users\Kuba\AppData\Roaming\LGHUB\Local Storage\leveldb\LOG" not deleted
"C:\Users\Kuba\AppData\Roaming\LGHUB\Local Storage\leveldb\MANIFEST-000001" not deleted
"C:\Users\Kuba\AppData\Roaming\LGHUB" not deleted
"C:\Users\Kuba\AppData\Roaming\LGHUB\Local Storage" not deleted
"C:\Users\Kuba\AppData\Roaming\LGHUB\Local Storage\leveldb" not deleted

==== Orphaned Tasks deleted from Registry ======================

Zoner.Updater.S-1-5-21-2166569075-3562328185-4131405611-1001 deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\5cjkuezs.default-release
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

==== Firefox Plugins ======================

Profilepath: C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\5cjkuezs.default-release
3EF95A14071D861A722DF6ED066C54A1 - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
- C:\Users\Kuba\AppData\Roaming\Zoom\bin\npzoomplugin.dll - [?]


==== Chromium Look ======================

Google Chrome Version: 94.0.4606.71

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
ahkjpbeeocnddjkakilopmfdlnjdpcdm - https://chrome.google.com/webstore/deta ... fdlnjdpcdm[]
gomekmidlodglbbmalcneegieacbdmki - No path found[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[]

BTTV - Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped
SIH - Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl
VS Launcher - Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmhicdplfejcchpmimlnohfadpimciaa
Videostream for Google Chromecast™ - Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl
Mailto for Gmail™ - Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgkkmcknielgdhebimdnfahpipajcpjn
Rizikové weby - Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddkbojnnljflgkjchlpjlhpfhhbeefk
Video DownloadHelper - Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk
SIH - Kuba\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl
VS Launcher - Kuba\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cmhicdplfejcchpmimlnohfadpimciaa
Mailto for Gmail™ - Kuba\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dgkkmcknielgdhebimdnfahpipajcpjn
Malwarebytes Browser Guard - Kuba\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee
Imagus - Kuba\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\immpkjjlgappgfkkfieppnmlhakdmaab
Chrome Media Router - LUDK~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Rich Hints Agent - Kuba\Appdata\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk
Amazon Assistant Promotion - Kuba\Appdata\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02

==== Reset Google Chrome ======================

C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Kuba\AppData\Local\Microsoft\Edge\User Data\Default\Preferences was reset successfully
C:\Users\Kuba\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences was reset successfully
C:\Users\LUDK~1\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\LUDK~1\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\LUDK~1\AppData\Local\Microsoft\Edge\User Data\Default\Preferences was reset successfully
C:\Users\LUDK~1\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences was reset successfully
C:\Users\Kuba\Appdata\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\Kuba\Appdata\Roaming\Opera Software\Opera Stable\Preferences.backup was reset successfully
C:\Users\Kuba\Appdata\Roaming\Opera Software\Opera Stable\Secure Preferences was reset successfully
C:\Users\Kuba\Appdata\Roaming\Opera Software\Opera Stable\Secure Preferences.backup was reset successfully
C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\Kuba\AppData\Local\Microsoft\Edge\User Data\Default\Web Data was reset successfully
C:\Users\Kuba\AppData\Local\Microsoft\Edge\User Data\Default\Web Data-journal was reset successfully
C:\Users\LUDK~1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\LUDK~1\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\LUDK~1\AppData\Local\Microsoft\Edge\User Data\Default\Web Data was reset successfully
C:\Users\LUDK~1\AppData\Local\Microsoft\Edge\User Data\Default\Web Data-journal was reset successfully
C:\Users\Kuba\Appdata\Roaming\Opera Software\Opera Stable\Web Data was reset successfully
C:\Users\Kuba\Appdata\Roaming\Opera Software\Opera Stable\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Kuba\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Kuba\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Edge Cache ======================

Edge Cache Emptied Successfully

==== Empty Chrome Cache ======================

C:\Users\Kuba\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Cache will be emptied at reboot
C:\Users\Kuba\AppData\Local\Microsoft\Edge\User Data\Default\Cache emptied successfully
C:\Users\LUDK~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\LUDK~1\AppData\Local\Microsoft\Edge\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=214 folders=2125 236870869 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Kuba\AppData\Local\Temp will be emptied at reboot
C:\Users\LUDK~1\AppData\Local\Temp emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Kuba\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\DumpStack.log.tmp" not deleted
"C:\Users\Kuba\AppData\Roaming\LGHUB\lockfile" not found
"C:\Users\Kuba\AppData\Roaming\LGHUB\Local Storage\leveldb\000003.log" not found
"C:\Users\Kuba\AppData\Roaming\LGHUB\Local Storage\leveldb\LOCK" not found
"C:\Users\Kuba\AppData\Roaming\LGHUB\Local Storage\leveldb\LOG" not found
"C:\Users\Kuba\AppData\Roaming\LGHUB\Local Storage\leveldb\MANIFEST-000001" not found
"C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0" deleted
"C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1" deleted
"C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2" deleted
"C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3" deleted
"C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Cache\index" deleted
"C:\Users\Kuba\AppData\Roaming\LGHUB" not found

==== EOF on 11.10.2021 at 23:29:23,15 ======================
Fractal Design Define S2 bílá // ASUS CROSSHAIR VI EXTREME - AMD X370 // AMD Ryzen 7 3700X // GIGABYTE GeForce RTX 2080Ti WindForce OC 11G, 11GB GDDR6 // G.SKILL 2x16 GB DDR4 3200Mhz Trident Z RGB NEO // ADATA XPG GAMMIX S11 Pro M.2 NVMe 1.3 - 1TB // Corsair RMx RM650x (v.2018) // Be quiet! Dark Rock PRO 4 // Windows 10 Pro // 49" ASUS XG49VQ
CZC https://bit.ly/30fHPMp

Reklama
zik9
Level 3.5
Level 3.5
Příspěvky: 854
Registrován: červenec 12
Bydliště: Plzeň
Pohlaví: Muž

Re: Podivné chování

Příspěvekod zik9 » 12 říj 2021 00:07

Informace o kontroly
Název produktu    :  Zemana AntiMalware
Stav kontroly    :  Dokončena
Datum kontroly    :  11.10.2021 23:55:02
Typ kontroly    :  Inteligentní kontrola
Čas trvání    :  00:00:09
Zkontrolované objekty    :  2302
Zjištěné objekty    :  4
Vyloučené objekty    :  0
Automatické odesílání    :  Ne
Operační systém    :  Windows 10 x64
Procesor    :  16X AMD Ryzen 7 3700X 8-Core Processor
Režim systému BIOS    :  UEFI
Informace o doméně    :  WORKGROUP,False,NetSetupWorkgroupName
CUID    :  14069979D962724A9EE1D0


Odhalení
MD5    :  
Stav    :  Zkontrolováno
Objekt    :  c:\users\kuba\appdata\local\google\chrome\user data\default\extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm
Vydavatel    :  
Velikost    :  0
Odhalení    :  HijackExt:ChromePlugin/Ochrana Kaspersky
Akce    :  Vymazat
-----------------------------------------------------------------------
MD5    :  
Stav    :  Zkontrolováno
Objekt    :  c:\users\kuba\appdata\local\google\chrome\user data\default\extensions\iddkbojnnljflgkjchlpjlhpfhhbeefk
Vydavatel    :  
Velikost    :  0
Odhalení    :  HijackExt:ChromePlugin/Rizikové weby
Akce    :  Vymazat
-----------------------------------------------------------------------
MD5    :  
Stav    :  Zkontrolováno
Objekt    :  https://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
Vydavatel    :  
Velikost    :  0
Odhalení    :  HijackExt:ChromePlugin/Ochrana Kaspersky
Akce    :  Vymazat
-----------------------------------------------------------------------
MD5    :  
Stav    :  Zkontrolováno
Objekt    :  http://www.lyoness.net/browser
Vydavatel    :  
Velikost    :  0
Odhalení    :  Hijack:Browser/ChromeStartupUrl
Akce    :  Vymazat
-----------------------------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 23:57:41, on 11.10.2021
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.1202)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\FinalWire\AIDA64 Extreme\aida64.exe
C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3Svc32.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\Razer\Razer_Kraken0510_Driver\Drivers\SysAudio\Kraken0510Helper.exe
C:\Program Files (x86)\ASUS\GameFirst IV\GameFirst IV.exe
C:\Program Files (x86)\Microsoft Office\Root\Office16\SDXHelper.exe
C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe
C:\Users\Kuba\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_281\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_281\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
O4 - HKLM\..\Run: [Kraken0510Helper] C:\Program Files (x86)\Razer\Razer_Kraken0510_Driver\Drivers\SysAudio\Kraken0510Helper.exe /start
O4 - HKLM\..\Run: [Nero BackItUp] "D:\Program Files (x86)\Nero\Nero 2020\Nero BackItUp\BackItUp.exe" /WinStart
O4 - HKLM\..\Run: [DriveSpan] D:\Program Files (x86)\Nero\Transfer\Transfer.exe
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SP_WSPCHK] "C:\Program Files\Common Files\SOFTPRO\Shared\SP_WspInit.exe"
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
O4 - HKCU\..\Run: [LGHUB] "C:\Program Files\LGHUB\lghub.exe" --background
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Users\Kuba\AppData\Local\Programs\Zoner\ZPS X\binary\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [GoogleDriveFS] "C:\Program Files\Google\Drive File Stream\51.0.15.0\GoogleDriveFS.exe" --startup_mode
O4 - HKCU\..\Run: [Opera Browser Assistant] C:\Users\Kuba\AppData\Local\Programs\Opera\assistant\browser_assistant.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [GoogleDriveFS] C:\Program Files\Google\Drive File Stream\51.0.15.0\GoogleDriveFS.exe --startup_mode (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [GoogleDriveFS] C:\Program Files\Google\Drive File Stream\51.0.15.0\GoogleDriveFS.exe --startup_mode (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GoogleDriveFS] C:\Program Files\Google\Drive File Stream\51.0.15.0\GoogleDriveFS.exe --startup_mode (User 'Default user')
O4 - Startup: MEGAsync.lnk = C:\ProgramData\MEGAsync\MEGAsync.exe
O4 - Global Startup: GameFirstIVstart.lnk = C:\Program Files (x86)\ASUS\GameFirst IV\startGameFirstIV.bat
O4 - Global Startup: GV LicenseManager.lnk = C:\Program Files (x86)\Grass Valley\GV LicenseManager\AppMaintainer.exe
O4 - Global Startup: TREZOR Bridge.lnk = C:\Program Files (x86)\TREZOR Bridge\trezord.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {F680B28A-3AEE-4C88-93ED-45AE9215C128} (CryptSignX Control) - https://adisepo.mfcr.cz/adistc/adis/idp ... tsignx.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3176eab8-04b0-44b1-b910-8576b6d61c98}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AAHM\1.00.31\aaHMSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
O23 - Service: AsusFanControlService - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.16\AsusFanControlService.exe
O23 - Service: Kaspersky Anti-Virus Service 21.3 (AVP21.3) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_9febe - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Epic Online Services (EpicOnlineServices) - Epic Games, Inc. - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service - Flexera Software LLC - C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: Futuremark SystemInfo Service - Futuremark - C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe
O23 - Service: NVIDIA FrameView SDK service (FvSvc) - NVIDIA - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe
O23 - Service: GalaxyClientService - GOG.com - D:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe
O23 - Service: GalaxyCommunication - GOG.com - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\94.0.4606.71\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Grass Valley Download Agent Service (GVDownloadAgentService) - Grass Valley K.K. - C:\Program Files\Grass Valley\EDIUS 7\GV DownloadAgent\GVDownloadAgent.exe
O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Kaspersky Volume Shadow Copy Service Bridge 21.3 (klvssbridge64_21.3) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\vssbridge64.exe
O23 - Service: Kaspersky VPN Secure Connection Service 5.2 (KSDE5.2) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.2\ksde.exe
O23 - Service: LGHUB Updater Service (LGHUBUpdaterService) - Logitech, Inc. - C:\Program Files\LGHUB\lghub_updater.exe
O23 - Service: LightingService - ASUSTek Computer Inc. - C:\Program Files (x86)\LightingService\LightingService.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: Nero BackItUp Background Service 2021 (NeroBackItUpBackgroundService2021) - Nero AG - D:\Program Files (x86)\Nero\Nero 2020\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: nordvpn-service - TEFINCOM S.A. - C:\Program Files\NordVPN\nordvpn-service.exe
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_19c79fb6254e3b11\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: Razer Chroma SDK Server - Razer Inc. - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
O23 - Service: Razer Chroma SDK Service - Razer Inc. - C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
O23 - Service: RogueKiller RTP (rkrtservice) - Unknown owner - C:\Program Files\RogueKiller\RogueKillerSvc.exe
O23 - Service: Rockstar Game Library Service (Rockstar Service) - Rockstar Games - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @oem15.inf,%RtkBtManServ.SvcDesc%;Realtek Bluetooth Device Manager Service (RtkBtManServ) - Realtek Semiconductor Corp. - C:\WINDOWS\RtkBtManServ.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer - TeamViewer Germany GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Zoom Sharing Service (ZoomCptService) - Zoom Video Communications, Inc. - C:\Program Files (x86)\Common Files\Zoom\Support\CptService.exe

--
End of file - 16514 bytes
Fractal Design Define S2 bílá // ASUS CROSSHAIR VI EXTREME - AMD X370 // AMD Ryzen 7 3700X // GIGABYTE GeForce RTX 2080Ti WindForce OC 11G, 11GB GDDR6 // G.SKILL 2x16 GB DDR4 3200Mhz Trident Z RGB NEO // ADATA XPG GAMMIX S11 Pro M.2 NVMe 1.3 - 1TB // Corsair RMx RM650x (v.2018) // Be quiet! Dark Rock PRO 4 // Windows 10 Pro // 49" ASUS XG49VQ
CZC https://bit.ly/30fHPMp

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 41866
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Podivné chování

Příspěvekod jaro3 » 12 říj 2021 00:35

Stáhni si Memtest
http://www.stahuj.cz/utility_a_ostatni/ ... i/memtest/

Políčko , ve kterém je napsáno:
All unused RAM ponech.
-dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.
V případě vyšších kapacit RAM je třeba Memtest spustit několikrát , pro 2GB ( jednotlivá největší kapacita RAM) 2x , pro 4GB 3x , pro 8Gb 4x ap.
poklepej na Memtest , pak znovu a znovu , do políček všech Memtestů napiš 2048 , pak dej u všech Memtestů "Start".

Vypni antivir i firewall.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
další odkaz:
http://www.bleepingcomputer.com/downloa ... scan-tool/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

zik9
Level 3.5
Level 3.5
Příspěvky: 854
Registrován: červenec 12
Bydliště: Plzeň
Pohlaví: Muž

Re: Podivné chování

Příspěvekod zik9 » 12 říj 2021 23:32

Memtest doplním. Mám v plánu ráno až od PC odejdum, poběží to cca 4 hodiny. Může být?
A před spuštěním to píše o spuštění appky tolikrát, kolik jader má CPU. Tak jak? :D

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-10-2021
Ran by Kuba (administrator) on DESKTOP-SHIJOM1 (12-10-2021 23:24:31)
Running from C:\Users\Kuba\Desktop
Loaded Profiles: Kuba
Platform: Microsoft Windows 10 Pro Version 20H2 19042.1237 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apex Titan Technology Corp. -> Apextitan) C:\Program Files (x86)\ASUS\GameFirst IV\GameFirst IV.exe
(ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.31\aaHMSvc.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.16\AsusFanControlService.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\LightingService\LightingService.exe
(ASUSTeK COMPUTER INC.) [File not signed] C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3Svc32.exe
(ASUSTeK COMPUTER INC.) [File not signed] C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3Svc64.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(FinalWire Kft. -> FinalWire Ltd.) C:\Program Files (x86)\FinalWire\AIDA64 Extreme\aida64.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> ) C:\Program Files\Google\Drive File Stream\51.0.15.0\crashpad_handler.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\51.0.15.0\GoogleDriveFS.exe <7>
(Grass Valley K.K. -> Grass Valley K.K.) C:\Program Files\Grass Valley\EDIUS 7\GV DownloadAgent\GVDownloadAgent.exe
(Huawei Technologies Co., Ltd. -> ) C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel Corporation) [File not signed] C:\Windows\System32\IPROSetMonitor.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avpui.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <4>
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\logi_crashpad_handler.exe <2>
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> ) C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Nero AG -> Nero AG) D:\Program Files (x86)\Nero\Nero 2020\Nero BackItUp\NBService.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_19c79fb6254e3b11\Display.NvContainer\NVDisplay.Container.exe <2>
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer_Kraken0510_Driver\Drivers\SysAudio\Kraken0510Helper.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TEFINCOM S.A. -> TEFINCOM S.A.) C:\Program Files\NordVPN\nordvpn-service.exe
(Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Program Files (x86)\Common Files\Zoom\Support\CptService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9277520 2019-07-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Sonic Studio 3] => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3svc32.exe [1234432 2019-10-30] (ASUSTeK COMPUTER INC.) [File not signed]
HKLM\...\Run: [FWS_FlawlessWidescreen] => C:\Program Files (x86)\Flawless Widescreen\FlawlessWidescreen.exe [2607104 2014-05-30] (Flawless Widescreen) [File not signed]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [601784 2020-05-13] (Razer USA Ltd. -> Razer Inc.)
HKLM-x32\...\Run: [Kraken0510Helper] => C:\Program Files (x86)\Razer\Razer_Kraken0510_Driver\Drivers\SysAudio\Kraken0510Helper.exe [1599432 2016-09-08] (Razer USA Ltd. -> Razer Inc)
HKLM-x32\...\Run: [Nero BackItUp] => D:\Program Files (x86)\Nero\Nero 2020\Nero BackItUp\BackItUp.exe [1156376 2019-11-07] (Nero AG -> Nero AG)
HKLM-x32\...\Run: [DriveSpan] => D:\Program Files (x86)\Nero\Transfer\Transfer.exe [138520 2019-06-24] (Nero AG -> Nero AG)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2015-01-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-12-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [SP_WSPCHK] => C:\Program Files\Common Files\SOFTPRO\Shared\SP_WspInit.exe [122216 2014-08-06] (SOFTPRO GmbH -> SOFTPRO GmbH)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.15.0\GoogleDriveFS.exe [54124376 2021-09-09] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.15.0\GoogleDriveFS.exe [54124376 2021-09-09] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35093120 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [114017640 2021-08-10] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [136443296 2021-10-01] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Users\Kuba\AppData\Local\Programs\Zoner\ZPS X\binary\Program32\ZPSTRAY.EXE [814752 2021-10-01] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.15.0\GoogleDriveFS.exe [54124376 2021-09-09] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\...\Run: [Opera Browser Assistant] => C:\Users\Kuba\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4105424 2021-10-05] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\...\MountPoints2: {38928955-2ffd-11eb-8d5a-2cfda15b68ee} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\...\MountPoints2: {38928afb-2ffd-11eb-8d5a-2cfda15b68ee} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\...\MountPoints2: {3ba56f04-898e-11eb-8d93-646e6960af23} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\...\MountPoints2: {3ba56f36-898e-11eb-8d93-646e6960af23} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2166569075-3562328185-4131405611-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35093120 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2166569075-3562328185-4131405611-1002\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.15.0\GoogleDriveFS.exe [54124376 2021-09-09] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.15.0\GoogleDriveFS.exe [54124376 2021-09-09] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\Canon MG3600 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCT.DLL [30208 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3600 series: C:\Windows\system32\CNMLMCT.DLL [406528 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [375296 2015-03-17] (CANON INC.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\94.0.4606.81\Installer\chrmstp.exe [2021-10-12] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GameFirstIVstart.lnk [2019-10-21]
ShortcutTarget: GameFirstIVstart.lnk -> C:\Program Files (x86)\ASUS\GameFirst IV\startGameFirstIV.bat () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GV LicenseManager.lnk [2021-02-06]
ShortcutTarget: GV LicenseManager.lnk -> C:\Program Files (x86)\Grass Valley\GV LicenseManager\AppMaintainer.exe (Grass Valley K.K. -> Grass Valley K.K.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TREZOR Bridge.lnk [2021-02-18]
ShortcutTarget: TREZOR Bridge.lnk -> C:\Program Files (x86)\TREZOR Bridge\trezord.exe (SatoshiLabs, s.r.o. -> )
Startup: C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2021-08-11]
ShortcutTarget: MEGAsync.lnk -> C:\ProgramData\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08D134E8-023C-4B6A-989C-9594A7BD5CB2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-09-10] (Piriform Software Ltd -> Piriform)
Task: {090C846C-82B7-4CFA-8DBD-0270A9DF60CB} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {0F6C14F7-C0A0-40BA-BF69-594CFF4A7C00} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-10-10] (Google Inc -> Google LLC)
Task: {12E9A714-DDE3-46D6-8F15-D1147B813471} - System32\Tasks\SS3svc64Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\x64\SS3svc64.exe [811520 2019-10-30] (ASUSTeK COMPUTER INC.) [File not signed]
Task: {14290BF6-1629-4597-ABC1-59FC4680094D} - System32\Tasks\AIDA64 AutoStart => C:\Program Files (x86)\FinalWire\AIDA64 Extreme\aida64.exe [12517272 2020-04-06] (FinalWire Kft. -> FinalWire Ltd.)
Task: {19D3D038-F45C-459A-B19F-FE0D6D23BE47} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1AFB27A0-BA5A-461D-8521-B5A837AC1410} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1B37A594-AA2E-4A3F-A319-028B73687E96} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-10-10] (Google Inc -> Google LLC)
Task: {1C690880-2B90-4856-A486-67C73346CA1F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29155968 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {216082E3-C6C6-4D12-AAF5-459461414D46} - System32\Tasks\SS3Svc32Run => C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\SS3Svc32.exe [1234432 2019-10-30] (ASUSTeK COMPUTER INC.) [File not signed]
Task: {2295F753-D786-40A4-A380-CDA1B607378D} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2166569075-3562328185-4131405611-1002 => C:\Users\Kuba\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {29807174-E7E5-40B8-A2F7-302E6879228C} - System32\Tasks\Opera scheduled assistant Autoupdate 1605199730 => C:\Users\Kuba\AppData\Local\Programs\Opera\launcher.exe [42731728 2021-09-28] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Kuba\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {316172C5-FE7A-4A7E-989F-F7AD07C07A55} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2166569075-3562328185-4131405611-1001 => C:\ProgramData\MEGAsync\MEGAupdater.exe [1820848 2021-07-05] (Mega Limited -> Mega Limited)
Task: {48C0EBDA-0000-4EF7-B1E1-893DCB537A44} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4255680 2021-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {571D9E23-2CB3-465A-A1C5-51E44418463C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [110440 2021-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {5FD68E7A-B463-4EBD-9A6C-D419BF2A0699} - System32\Tasks\AMDAutoUpdate => C:\Program Files\AMD\AutoUpdate\AMDAutoUpdate.exe [677624 2019-11-21] (Advanced Micro Devices INC. -> )
Task: {6004F695-8A1E-453E-BDAE-E0137ED2531A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {68931D70-4EA3-45EA-92B1-391B7877842C} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [791608 2021-03-01] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {69723E22-1C25-4946-B91D-72E2FF0DF8F8} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [682008 2021-03-30] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {6D9ED7A1-2730-4DD4-A52F-4F8FED8FE258} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [7071000 2019-11-10] (Nero AG -> Nero AG)
Task: {79BEFDEC-98AD-43DD-ABC2-6759910413E2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4255680 2021-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {811DE6B4-22C0-4F4A-82C5-4CC84CD5E235} - System32\Tasks\CCleanerSkipUAC - Kuba => C:\Program Files\CCleaner\CCleaner.exe [29155968 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {84552799-75AD-4FA9-8831-B7F91FD829B2} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {99559909-C859-45AD-8EFA-B2151F66F1CB} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [110440 2021-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {99E35812-06D6-4AAD-890B-F9A4A1D0ACBF} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A2582F15-9A1F-4994-B733-25B186BDDF40} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A4469BD4-0210-4D52-A60A-F5E3873EB2DE} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21976976 2021-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {A88BFC47-EE96-44A9-AFC6-66C4DE11CE6B} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C0DBABCA-71C3-4FAA-80E0-3840013FE764} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {D7107DE1-B0B8-4150-93C9-477D7F83B3BC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {DA72B6E5-CC23-4110-8FB0-37678A7D4A9F} - System32\Tasks\Opera scheduled Autoupdate 1605199728 => C:\Users\Kuba\AppData\Local\Programs\Opera\launcher.exe [42731728 2021-09-28] (Opera Software AS -> Opera Software)
Task: {F511E663-3B8B-4DB5-B923-B97E1A8D0B04} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F8FD0892-42F4-4B81-B27E-52AEC8F58A61} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21976976 2021-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {F920CCC3-0F68-482C-ABC8-82B67A462529} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [743488 2021-04-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.255.255.10 10.255.255.20 8.8.8.8
Tcpip\..\Interfaces\{1fb1b402-3103-474e-a755-4c69756ec098}: [DhcpNameServer] 10.255.255.10 10.255.255.20 8.8.8.8
Tcpip\..\Interfaces\{3176eab8-04b0-44b1-b910-8576b6d61c98}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{5ed40f91-3db1-48bc-91f1-e5f6d765ae2d}: [DhcpNameServer] 10.255.255.10 10.255.255.20 8.8.8.8
Tcpip\..\Interfaces\{6c501004-d442-40d6-83c7-663aa6efb416}: [DhcpNameServer] 10.255.255.10 10.255.255.20 8.8.8.8

Edge:
=======
DownloadDir: C:\Users\Kuba\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKU\S-1-5-21-2166569075-3562328185-4131405611-1002\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]

FireFox:
========
FF DefaultProfile: imqion2g.default
FF ProfilePath: C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\imqion2g.default [2020-08-15]
FF ProfilePath: C:\Users\Kuba\AppData\Roaming\Mozilla\Firefox\Profiles\5cjkuezs.default-release [2021-10-11]
FF Homepage: Mozilla\Firefox\Profiles\5cjkuezs.default-release -> about:home
FF NewTab: Mozilla\Firefox\Profiles\5cjkuezs.default-release -> about:newtab
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.281.2 -> C:\Program Files (x86)\Java\jre1.8.0_281\bin\dtplugin\npDeployJava1.dll [2021-02-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.281.2 -> C:\Program Files (x86)\Java\jre1.8.0_281\bin\plugin2\npjp2.dll [2021-02-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-09-25] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default [2021-10-12]
CHR HomePage: Default -> hxxps://www.google.cz/
CHR StartupUrls: Default -> "hxxp://google.cz/","hxxp://www.lyoness.net/browser"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Překladač Google) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2021-10-11]
CHR Extension: (Prezentace) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-10-11]
CHR Extension: (Ochrana Kaspersky) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-10-12]
CHR Extension: (BetterTTV) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2021-10-11]
CHR Extension: (Dokumenty) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-10-11]
CHR Extension: (Disk Google) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-10-11]
CHR Extension: (YouTube) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-10-11]
CHR Extension: (Steam Inventory Helper) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2021-10-11]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2021-10-11]
CHR Extension: (Mailto: for Gmail™) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgkkmcknielgdhebimdnfahpipajcpjn [2021-10-11]
CHR Extension: (Tabulky) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-10-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-11]
CHR Extension: (Rizikové weby) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\iddkbojnnljflgkjchlpjlhpfhhbeefk [2021-10-12]
CHR Extension: (View image) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpcmhcelnjdmblfmjabdeclccemkghjk [2021-10-11]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-10-11]
CHR Extension: (Video DownloadHelper) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2021-10-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-11]
CHR Extension: (Gmail) - C:\Users\Kuba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-10-11]
CHR HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/deta ... fdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe [440368 2019-06-21] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.31\aaHMSvc.exe [975832 2017-06-01] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-24] (ASUSTeK Computer Inc. -> ) [File not signed]
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.16\AsusFanControlService.exe [1847256 2017-06-23] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe [184768 2021-06-15] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8895512 2021-02-05] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9250696 2021-10-11] (Microsoft Corporation -> Microsoft Corporation)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [926176 2021-03-16] (Epic Games Inc. -> Epic Games, Inc.)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2021-01-21] (FUTUREMARK INC -> Futuremark)
S3 GalaxyClientService; D:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1955680 2021-09-15] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6484832 2021-09-15] (GOG Sp. z o.o. -> GOG.com)
R2 GVDownloadAgentService; C:\Program Files\Grass Valley\EDIUS 7\GV DownloadAgent\GVDownloadAgent.exe [68536 2016-06-15] (Grass Valley K.K. -> Grass Valley K.K.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2020-12-05] (Huawei Technologies Co., Ltd. -> )
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [443344 2020-05-25] (Canon Inc. -> )
R2 Intel(R) PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [506368 2017-10-26] (Intel Corporation) [File not signed]
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 KSDE5.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.2\ksde.exe [644264 2020-10-22] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10831776 2021-10-01] (Logitech Inc -> Logitech, Inc.)
R2 LightingService; C:\Program Files (x86)\LightingService\LightingService.exe [2109376 2019-07-03] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7801016 2021-10-10] (Malwarebytes Inc -> Malwarebytes)
R2 NeroBackItUpBackgroundService2021; D:\Program Files (x86)\Nero\Nero 2020\Nero BackItUp\NBService.exe [287000 2019-11-07] (Nero AG -> Nero AG)
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [277688 2021-06-07] (TEFINCOM S.A. -> TEFINCOM S.A.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2557144 2021-10-05] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3475680 2021-10-05] (Electronic Arts, Inc. -> Electronic Arts)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [447080 2019-07-24] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [943240 2019-07-24] (Razer USA Ltd. -> Razer Inc.)
S3 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [14199640 2021-10-07] (ADLICE (ASCOET JULIEN) -> )
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1848624 2021-07-23] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5394872 2021-09-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13261608 2021-05-28] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_19c79fb6254e3b11\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_19c79fb6254e3b11\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
R2 ZoomCptService; "C:\Program Files (x86)\Common Files\Zoom\Support\CptService.exe" -user_path "C:\Users\Kuba\AppData\Roaming\Zoom"

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AIDA64Driver; C:\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [68592 2020-04-06] (FinalWire Kft. -> )
R3 AmdTools64; C:\WINDOWS\System32\drivers\AmdTools64.sys [63392 2020-06-16] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2021-10-11] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-09] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2017-03-14] (ASUSTeK Computer Inc. -> )
R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [33832 2019-06-21] (ASUSTeK Computer Inc. -> )
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [250032 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 dokan1; C:\WINDOWS\System32\DRIVERS\dokan1.sys [140280 2020-06-01] (ADAPP SASU -> Dokan Project)
R1 EneTechIo; C:\WINDOWS\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2021-10-10] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-09-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 gdrv2; C:\WINDOWS\gdrv2.sys [32600 2021-03-03] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R1 GLCKIO2; C:\Windows\system32\drivers\GLCKIO2.sys [29368 2019-04-24] (ASUSTeK Computer Inc. -> )
R1 googledrivefs3525; C:\WINDOWS\System32\DRIVERS\googledrivefs3525.sys [389640 2021-09-09] (Google LLC -> Google, Inc.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [110336 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [211704 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [126216 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [514840 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [674104 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [1469240 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [273176 2021-08-11] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1042712 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [98040 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [112392 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [112904 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [85256 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [96008 2021-06-15] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [55592 2020-10-22] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [265176 2021-09-29] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [315032 2021-09-29] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [113952 2021-09-29] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [225648 2021-10-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [155912 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [327936 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [300808 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 libusb0; C:\WINDOWS\system32\DRIVERS\libusb0.sys [72224 2019-10-17] (SZ DJI Technology Co., Ltd. -> http://libusb-win32.sourceforge.net)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [37200 2021-03-20] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [25928 2021-03-20] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [66896 2021-03-20] (Logitech Inc -> Logitech)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210344 2021-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-10-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [193448 2021-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69040 2021-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-10-10] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [149424 2021-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [17424 2021-03-03] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R2 NDivert; C:\WINDOWS\System32\drivers\NDivert.sys [105184 2021-02-22] (TEFINCOM S.A. -> )
R1 netfilter2; C:\WINDOWS\System32\drivers\netfilter2.sys [79504 2016-09-18] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 nlwt; C:\WINDOWS\system32\DRIVERS\nlwt.sys [39360 2021-04-28] (TEFINCOM S.A. -> WireGuard LLC)
R1 nordlwf; C:\WINDOWS\system32\DRIVERS\nordlwf.sys [38608 2020-12-14] (TEFINCOM S.A. -> TEFINCOM S.A.)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2019-11-08] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
S3 Revoflt; C:\WINDOWS\System32\DRIVERS\revoflt.sys [38400 2020-10-14] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> )
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2020-01-02] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49552 2021-02-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [419040 2021-02-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-12] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [37960 2021-09-30] (WireGuard LLC -> WireGuard LLC)
S2 AMDRyzenMasterDriverV15; \??\C:\Program Files\AMD\RyzenMaster\bin\AMDRyzenMasterDriver.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Naposledy upravil(a) zik9 dne 12 říj 2021 23:40, celkem upraveno 2 x.
Fractal Design Define S2 bílá // ASUS CROSSHAIR VI EXTREME - AMD X370 // AMD Ryzen 7 3700X // GIGABYTE GeForce RTX 2080Ti WindForce OC 11G, 11GB GDDR6 // G.SKILL 2x16 GB DDR4 3200Mhz Trident Z RGB NEO // ADATA XPG GAMMIX S11 Pro M.2 NVMe 1.3 - 1TB // Corsair RMx RM650x (v.2018) // Be quiet! Dark Rock PRO 4 // Windows 10 Pro // 49" ASUS XG49VQ
CZC https://bit.ly/30fHPMp

zik9
Level 3.5
Level 3.5
Příspěvky: 854
Registrován: červenec 12
Bydliště: Plzeň
Pohlaví: Muž

Re: Podivné chování

Příspěvekod zik9 » 12 říj 2021 23:33

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-12 23:24 - 2021-10-12 23:24 - 000041738 _____ C:\Users\Kuba\Desktop\FRST.txt
2021-10-12 23:24 - 2021-10-12 23:24 - 000000000 ____D C:\FRST
2021-10-12 23:23 - 2021-10-12 23:23 - 002310656 _____ (Farbar) C:\Users\Kuba\Desktop\FRST64.exe
2021-10-12 15:53 - 2021-10-12 23:21 - 000000000 ____D C:\Users\Kuba\Desktop\Bozďa
2021-10-12 15:51 - 2021-10-12 15:51 - 000000000 ____D C:\Users\Kuba\AppData\LocalLow\IGDump
2021-10-12 14:25 - 2021-10-12 14:25 - 000016687 _____ C:\Users\Kuba\Downloads\Bolt daňový přehled - 2021M09.pdf
2021-10-12 14:15 - 2021-10-12 14:15 - 000137022 _____ C:\Users\Kuba\Downloads\priloha_944153051_0_1_6341_2081_817910 (1).pdf
2021-10-12 14:15 - 2021-10-12 14:15 - 000068008 _____ C:\Users\Kuba\Downloads\priloha_929424889_0_00400996_dph_1021_2101454162.pdf
2021-10-12 13:23 - 2021-10-12 13:23 - 000000000 ____D C:\Users\Kuba\AppData\Local\PeerDistRepub
2021-10-12 12:42 - 2021-10-12 12:42 - 014650639 _____ C:\Users\Kuba\Downloads\1.12.3.1 (1).rar
2021-10-12 12:33 - 2021-10-12 12:33 - 000210344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-10-12 12:33 - 2021-10-12 12:33 - 000193448 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-10-12 12:33 - 2021-10-12 12:33 - 000149424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-10-12 12:33 - 2021-10-12 12:33 - 000069040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-10-12 00:35 - 2021-10-12 00:35 - 013339896 _____ C:\Users\Kuba\Downloads\trim.01F1EB01-8BA3-4958-8ACD-03638CA6BF6E.mov
2021-10-11 23:52 - 2021-10-11 23:52 - 000232792 _____ (Copyright 2018.) C:\WINDOWS\system32\Drivers\amsdk.sys
2021-10-11 23:52 - 2021-10-11 23:52 - 000003556 _____ C:\WINDOWS\system32\Tasks\AMHelper
2021-10-11 23:52 - 2021-10-11 23:52 - 000001333 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2021-10-11 23:52 - 2021-10-11 23:52 - 000000000 ____D C:\Users\Kuba\AppData\Local\Zemana
2021-10-11 23:52 - 2021-10-11 23:52 - 000000000 ____D C:\Users\Kuba\AppData\Local\AMSDK
2021-10-11 23:52 - 2021-10-11 23:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2021-10-11 23:52 - 2021-10-11 23:52 - 000000000 ____D C:\Program Files (x86)\Zemana
2021-10-11 23:29 - 2021-10-12 23:21 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\LGHUB
2021-10-11 23:28 - 2014-02-13 23:59 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2021-10-11 23:22 - 2021-10-11 23:29 - 000000000 ____D C:\zoek
2021-10-11 23:04 - 2021-10-11 23:24 - 000000000 ____D C:\zoek_backup
2021-10-11 23:04 - 2020-09-07 00:04 - 002038755 _____ C:\Users\Kuba\Desktop\zoek.exe
2021-10-11 23:03 - 2021-10-11 23:03 - 001800862 _____ C:\Users\Kuba\Downloads\zoek1.rar
2021-10-11 21:27 - 2021-10-11 21:27 - 000002900 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Kuba
2021-10-11 13:19 - 2021-10-11 13:19 - 000000899 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2021-10-11 13:19 - 2021-10-11 13:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2021-10-11 13:18 - 2021-10-11 13:26 - 000000000 ____D C:\ProgramData\RogueKiller
2021-10-11 13:18 - 2021-10-11 13:19 - 000000000 ____D C:\Program Files\RogueKiller
2021-10-11 03:39 - 2021-10-11 03:39 - 000000000 ____D C:\ProgramData\Sophos
2021-10-11 03:38 - 2021-10-11 03:38 - 000002775 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2021-10-11 03:38 - 2021-10-11 03:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2021-10-11 03:38 - 2021-10-11 03:38 - 000000000 ____D C:\Program Files (x86)\Sophos
2021-10-11 03:34 - 2021-10-11 03:34 - 001790024 _____ (Malwarebytes) C:\Users\Kuba\Desktop\JRT.exe
2021-10-11 03:34 - 2021-10-11 03:34 - 001084416 _____ () C:\Users\Kuba\Desktop\Solo Public Session by KR1SP_[unknowncheats.me]_.exe
2021-10-10 20:35 - 2021-10-10 20:35 - 000022912 _____ C:\Users\Kuba\Desktop\Desktop.rar
2021-10-10 19:24 - 2021-10-10 19:24 - 000001828 _____ C:\Users\Kuba\Desktop\CrystalDiskInfo.lnk
2021-10-10 19:24 - 2021-10-10 19:24 - 000000000 ____D C:\Users\Kuba\AppData\Local\Adobe
2021-10-10 19:24 - 2021-10-10 19:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2021-10-10 19:24 - 2021-10-10 19:24 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2021-10-10 19:19 - 2021-10-10 19:19 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-10-10 19:19 - 2021-10-10 19:19 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-10-10 19:19 - 2021-10-10 19:19 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-10-10 19:19 - 2021-10-10 19:19 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-10-10 19:19 - 2021-10-10 19:19 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-10-10 19:19 - 2021-10-10 19:19 - 000000000 ____D C:\Users\Kuba\AppData\Local\mbam
2021-10-10 19:19 - 2021-10-10 19:19 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-10-10 19:18 - 2021-10-10 19:18 - 002101944 _____ (Malwarebytes) C:\Users\Kuba\Downloads\MBSetup-19901.19901-consumer.exe
2021-10-10 19:18 - 2021-10-10 19:18 - 000000000 ____D C:\Program Files\Malwarebytes
2021-10-10 19:14 - 2021-10-10 19:17 - 000000000 ____D C:\AdwCleaner
2021-10-10 19:13 - 2021-10-10 19:13 - 008553680 _____ (Malwarebytes) C:\Users\Kuba\Desktop\AdwCleaner.exe
2021-10-10 19:09 - 2021-10-10 19:09 - 000448512 _____ (OldTimer Tools) C:\Users\Kuba\Desktop\TFC.exe
2021-10-10 19:06 - 2021-10-10 19:06 - 000050688 _____ (Atribune.org) C:\Users\Kuba\Desktop\ATF-Cleaner.exe
2021-10-09 17:47 - 2021-10-09 17:47 - 000388608 _____ (Trend Micro Inc.) C:\Users\Kuba\Desktop\HijackThis.exe
2021-10-06 14:00 - 2021-10-06 14:00 - 000457524 _____ C:\Users\Kuba\Downloads\Těžba 2021.pptx
2021-10-06 13:58 - 2021-10-06 13:58 - 000424746 _____ C:\Users\Kuba\Downloads\Brochure-EG-RPET (1).pdf
2021-10-06 13:58 - 2021-10-06 13:58 - 000273289 _____ C:\Users\Kuba\Downloads\EpitychiaGroup_investice.pdf
2021-10-06 13:56 - 2021-10-06 13:56 - 000120855 _____ C:\Users\Kuba\Downloads\VZOR Smlouva o zápůjčce se směnkou 0,67 p.m.- Wolf Trade.pdf
2021-10-06 13:56 - 2021-10-06 13:56 - 000016633 _____ C:\Users\Kuba\Downloads\Účetní uzávěřka 2020_Wolf trade.pdf
2021-10-06 03:38 - 2021-10-06 03:38 - 014650378 _____ C:\Users\Kuba\Downloads\1.12.3.1.rar
2021-10-06 03:27 - 2021-10-06 03:27 - 001688637 _____ C:\Users\Kuba\Downloads\video0.mov
2021-10-05 18:27 - 2021-10-05 18:28 - 000000000 ____D C:\Users\Kuba\Desktop\CookedPCConsole
2021-10-05 17:32 - 2021-10-05 17:32 - 000036352 _____ C:\Users\Kuba\Downloads\personalizace-tabulka.xls
2021-10-05 17:25 - 2021-10-05 17:25 - 000010617 _____ C:\Users\Kuba\Downloads\j_horak.xlsx
2021-10-05 16:12 - 2021-10-05 16:12 - 000039911 _____ C:\Users\Kuba\Downloads\[SkT]Mass_Effect_1_Legendary_Edition_-_Cestina.torrent
2021-10-05 15:16 - 2021-10-05 15:16 - 000196951 _____ C:\Users\Kuba\Downloads\SCAN0003.PDF.pdf (1).pdf
2021-10-05 15:16 - 2021-10-05 15:16 - 000163754 _____ C:\Users\Kuba\Downloads\Záznam škodní události - úraz.pdf.pdf
2021-10-05 15:15 - 2021-10-05 15:15 - 000353993 _____ C:\Users\Kuba\Downloads\Vyjádření ke škodní události.pdf.pdf
2021-10-05 15:13 - 2021-10-05 15:13 - 000213241 _____ C:\Users\Kuba\Downloads\Osobní dotazník (Ladislav Sedláček).pdf.pdf
2021-10-05 15:12 - 2021-10-05 15:12 - 000196951 _____ C:\Users\Kuba\Downloads\SCAN0003.PDF.pdf.pdf
2021-10-05 13:58 - 2021-10-05 13:58 - 000279149 _____ C:\Users\Kuba\Downloads\Poplatky.pdf
2021-10-05 13:32 - 2021-10-10 19:10 - 000000000 ____D C:\Users\Kuba\Desktop\Míša
2021-10-05 13:21 - 2021-10-05 13:21 - 000230508 _____ C:\Users\Kuba\Downloads\Osobní dotazník (Michaela Nováková).pdf.pdf
2021-10-05 12:22 - 2021-10-05 12:23 - 000000000 ____D C:\Users\Kuba\Desktop\CS v XML
2021-10-05 01:27 - 2021-10-05 01:27 - 000000000 ____D C:\Users\Kuba\AppData\Local\MassEffectModder
2021-10-04 01:38 - 2021-10-04 01:38 - 002189621 _____ C:\Users\Kuba\Desktop\1.7z
2021-10-03 23:16 - 2021-09-15 14:20 - 000000000 ____D C:\Users\Kuba\Desktop\MELE
2021-10-03 23:13 - 2021-10-03 23:13 - 050824007 _____ C:\Users\Kuba\Desktop\MELE.rar
2021-10-03 20:52 - 2021-10-03 20:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2021-10-03 20:52 - 2021-10-03 20:52 - 000000000 ____D C:\Program Files\LGHUB
2021-10-01 22:32 - 2021-10-01 22:32 - 137147147 _____ C:\Users\Kuba\Downloads\Mass effect.exe
2021-10-01 21:53 - 2021-10-01 21:53 - 000001390 _____ C:\Users\Kuba\Desktop\ME3TweaksModManager.lnk
2021-10-01 20:43 - 2021-10-01 20:44 - 000000000 ____D C:\Program Files (x86)\Flawless Widescreen
2021-10-01 20:43 - 2021-10-01 20:43 - 000001207 _____ C:\Users\Public\Desktop\Flawless Widescreen.lnk
2021-10-01 20:43 - 2021-10-01 20:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flawless Widescreen
2021-10-01 20:42 - 2021-10-01 20:42 - 001315331 _____ (Flawless Widescreen ) C:\Users\Kuba\Downloads\fws_setup_x64.exe
2021-09-30 17:48 - 2021-09-30 17:48 - 000021732 _____ C:\Users\Kuba\Downloads\Statistika_prijemcu_leadu_1.7.2020-30.6.2021.xlsx
2021-09-30 16:48 - 2021-09-30 16:48 - 000125634 _____ C:\Users\Kuba\Downloads\Průvodní dopis pro lékaře - vyžádán výpis ze ZD.pdf (3).pdf
2021-09-29 23:18 - 2021-09-29 23:18 - 098455356 _____ C:\Users\Kuba\Downloads\Alina Nikitina - Liinaliis (Ижевск 1 июня 2002 г.р.).rar
2021-09-29 21:54 - 2021-09-29 21:54 - 005559944 _____ C:\Users\Kuba\Downloads\girlsleaks.pw28.mov
2021-09-29 21:53 - 2021-09-29 21:53 - 005233681 _____ C:\Users\Kuba\Downloads\girlsleaks.pw1 (1).mov
2021-09-29 21:53 - 2021-09-29 21:53 - 005152332 _____ C:\Users\Kuba\Downloads\girlsleaks.pw2 (1).mov
2021-09-29 21:46 - 2021-09-29 21:46 - 008351909 _____ C:\Users\Kuba\Downloads\girlsleaks.pw1.mp4
2021-09-29 21:38 - 2021-09-29 21:38 - 061719613 _____ C:\Users\Kuba\Downloads\girlsleaks.pw5.mov
2021-09-29 21:37 - 2021-09-29 21:37 - 049661192 _____ C:\Users\Kuba\Downloads\girlsleaks.pw1.mov
2021-09-29 21:37 - 2021-09-29 21:37 - 041020934 _____ C:\Users\Kuba\Downloads\girlsleaks.pw2.mov
2021-09-29 17:09 - 2021-09-29 17:09 - 000045336 _____ C:\Users\Kuba\Downloads\Kariérový plán VIP (2).pdf
2021-09-29 15:41 - 2021-09-29 15:41 - 000315032 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2021-09-29 15:40 - 2021-10-01 16:34 - 000225648 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2021-09-29 15:40 - 2021-09-29 15:40 - 000265176 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2021-09-29 15:40 - 2021-09-29 15:40 - 000113952 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2021-09-21 23:59 - 2021-09-21 23:59 - 000145622 _____ C:\Users\Kuba\Downloads\OckovaciCertifikat.pdf
2021-09-21 23:27 - 2021-09-21 23:27 - 000089896 _____ C:\Users\Kuba\Downloads\Výroční dopis k pojistné smlouvě č 3164107416 .pdf
2021-09-21 14:31 - 2021-09-21 14:31 - 000077766 _____ C:\Users\Kuba\Downloads\L5U1464711.pdf
2021-09-21 14:08 - 2021-09-21 14:08 - 000078229 _____ C:\Users\Kuba\Downloads\J9T4825516.pdf
2021-09-21 00:00 - 2021-09-16 05:28 - 001858672 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-09-21 00:00 - 2021-09-16 05:28 - 001858672 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-09-21 00:00 - 2021-09-16 05:28 - 001474688 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-09-21 00:00 - 2021-09-16 05:28 - 001438832 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-09-21 00:00 - 2021-09-16 05:28 - 001438832 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-09-21 00:00 - 2021-09-16 05:28 - 001212544 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-09-21 00:00 - 2021-09-16 05:28 - 001097832 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-09-21 00:00 - 2021-09-16 05:28 - 001097832 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-09-21 00:00 - 2021-09-16 05:28 - 000951920 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-09-21 00:00 - 2021-09-16 05:28 - 000951920 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-09-21 00:00 - 2021-09-16 05:25 - 001520760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-09-21 00:00 - 2021-09-16 05:25 - 001171064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-09-21 00:00 - 2021-09-16 05:25 - 000716920 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-09-21 00:00 - 2021-09-16 05:25 - 000676472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-09-21 00:00 - 2021-09-16 05:25 - 000645240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-09-21 00:00 - 2021-09-16 05:25 - 000577144 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-09-21 00:00 - 2021-09-16 05:25 - 000564344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-09-21 00:00 - 2021-09-16 05:24 - 002112120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-09-21 00:00 - 2021-09-16 05:24 - 001595512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-09-21 00:00 - 2021-09-16 05:24 - 000919160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-09-21 00:00 - 2021-09-16 05:24 - 000750200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-09-21 00:00 - 2021-09-16 05:24 - 000706168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-09-21 00:00 - 2021-09-16 05:23 - 005681280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2021-09-21 00:00 - 2021-09-14 05:39 - 000083133 _____ C:\WINDOWS\system32\nvinfo.pb
2021-09-20 23:59 - 2021-09-16 05:24 - 008854144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-09-20 23:59 - 2021-09-16 05:24 - 000447096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-09-20 23:59 - 2021-09-16 05:23 - 007920760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-09-20 23:59 - 2021-09-16 05:23 - 004987512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-09-20 23:59 - 2021-09-16 05:23 - 002925688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-09-20 23:59 - 2021-09-16 05:23 - 000849016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-09-20 23:45 - 2021-09-20 23:45 - 000002064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2021-09-20 23:45 - 2021-09-20 23:45 - 000001899 _____ C:\Users\Default\Desktop\Google Slides.lnk
2021-09-20 23:45 - 2021-09-20 23:45 - 000001899 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2021-09-20 23:45 - 2021-09-20 23:45 - 000001887 _____ C:\Users\Default\Desktop\Google Docs.lnk
2021-09-20 23:45 - 2021-09-09 10:29 - 000389640 _____ (Google, Inc.) C:\WINDOWS\system32\Drivers\googledrivefs3525.sys
2021-09-19 17:55 - 2021-09-19 17:55 - 000059621 _____ C:\Users\Kuba\Downloads\19_09_2021.pdf
2021-09-17 19:23 - 2021-09-20 01:30 - 000049897 _____ C:\Users\Kuba\Desktop\Startup_INT - GlobalTlk_tlk_M.xlsx
2021-09-16 18:23 - 2021-09-16 18:23 - 000012724 _____ C:\Users\Kuba\Downloads\BIDLI - kalkulačka výnosů AKTUÁLNÍ 4 EMISE dle SPLATNOSTÍ_B3Y+B5Y NOVÉ 03_2021.xlsx
2021-09-16 00:51 - 2021-09-16 00:51 - 014646742 _____ C:\Users\Kuba\Downloads\1.12.3-cestina-PCBS.rar
2021-09-15 22:09 - 2021-09-15 22:09 - 000558040 _____ C:\Users\Kuba\Downloads\Smlouva_Amundi_Invest.pdf
2021-09-15 22:09 - 2021-09-15 22:09 - 000550370 _____ C:\Users\Kuba\Downloads\Smlouva_Platforma.pdf
2021-09-15 22:03 - 2021-09-15 22:03 - 000111798 _____ C:\Users\Kuba\Downloads\Ceník_Platforma.pdf
2021-09-15 22:03 - 2021-09-15 22:03 - 000073248 _____ C:\Users\Kuba\Downloads\Ceník_Amundi_platforma.pdf
2021-09-15 21:38 - 2021-09-15 21:38 - 000607793 _____ C:\Users\Kuba\Downloads\2218762940.pdf
2021-09-15 21:00 - 2021-09-15 21:00 - 003500631 _____ C:\Users\Kuba\Downloads\brozura-trigea-2021-web-01.pdf
2021-09-15 21:00 - 2021-09-15 21:00 - 000630224 _____ C:\Users\Kuba\Downloads\statut-trigea-sicav-samospravnost-20210730 (1).pdf
2021-09-15 21:00 - 2021-09-15 21:00 - 000384861 _____ C:\Users\Kuba\Downloads\trigea-letak-a5-2021-03.pdf
2021-09-15 20:38 - 2021-09-15 20:38 - 000630224 _____ C:\Users\Kuba\Downloads\statut-trigea-sicav-samospravnost-20210730.pdf
2021-09-15 16:25 - 2021-09-15 16:25 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2021-09-15 16:25 - 2021-09-15 16:25 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-09-15 16:25 - 2021-09-15 16:25 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2021-09-15 16:25 - 2021-09-15 16:25 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-09-15 16:25 - 2021-09-15 16:25 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-09-15 16:25 - 2021-09-15 16:25 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-09-15 16:25 - 2021-09-15 16:25 - 001313608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-09-15 16:25 - 2021-09-15 16:25 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-09-15 16:25 - 2021-09-15 16:25 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-09-15 16:25 - 2021-09-15 16:25 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-09-15 16:25 - 2021-09-15 16:25 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-09-15 16:25 - 2021-09-15 16:25 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-09-15 16:25 - 2021-09-15 16:25 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-09-15 16:25 - 2021-09-15 16:25 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-09-15 16:25 - 2021-09-15 16:25 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-09-15 16:25 - 2021-09-15 16:25 - 000170496 _____ C:\WINDOWS\system32\DeviceUpdateCenterCsp.dll
2021-09-15 16:25 - 2021-09-15 16:25 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-09-15 16:25 - 2021-09-15 16:25 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2021-09-15 16:25 - 2021-09-15 16:25 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2021-09-15 16:25 - 2021-09-15 16:25 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-09-15 16:25 - 2021-09-15 16:25 - 000011355 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-09-15 16:21 - 2021-09-15 16:21 - 000000000 ___HD C:\$WinREAgent
2021-09-15 12:25 - 2021-09-15 12:27 - 002539117 _____ C:\Users\Kuba\Documents\IMG_20210915_0001.pdf
2021-09-15 09:37 - 2021-09-15 09:37 - 000000000 ____D C:\Users\Kuba\Documents\ME3TweaksModManager
2021-09-15 09:37 - 2021-09-15 09:37 - 000000000 ____D C:\Users\Kuba\AppData\Local\LegendaryExplorer
2021-09-15 09:36 - 2021-09-15 09:36 - 063752760 _____ (ME3Tweaks) C:\Users\Kuba\Downloads\ME3Tweaks Mod Manager - 7.0.4 (Build 122)-2-7-0-4-122-1630252017.exe
2021-09-15 09:24 - 2021-09-15 09:24 - 000297064 _____ C:\Users\Kuba\Downloads\CEDOK-rezervace-3360531 (1).pdf
2021-09-15 09:24 - 2021-09-15 09:24 - 000244148 _____ C:\Users\Kuba\Downloads\CEDOK-before_departure-3360531 (1).pdf
2021-09-15 09:02 - 2021-09-15 09:02 - 033408499 _____ C:\Users\Kuba\Downloads\Legendary Explorer - 6.0-1-6-0-0-3468-1627573682 (1).7z
2021-09-15 03:04 - 2021-09-15 03:04 - 000513105 _____ C:\Users\Kuba\Downloads\elektronicke-pristroje-a-baterie.pdf
2021-09-15 02:55 - 2021-09-15 02:55 - 000244148 _____ C:\Users\Kuba\Downloads\CEDOK-before_departure-3360531.pdf
2021-09-15 02:54 - 2021-09-15 02:54 - 000297067 _____ C:\Users\Kuba\Downloads\CEDOK-rezervace-3360531.pdf
2021-09-14 20:40 - 2021-09-14 20:40 - 000055500 _____ C:\Users\Kuba\Downloads\i30 N Fastback (1).pdf
2021-09-14 18:49 - 2021-09-14 18:49 - 001408707 _____ C:\Users\Kuba\Downloads\Pravidelná investice pokyn k nákupu pro FO PO a FOP.pdf
2021-09-14 18:49 - 2021-09-14 18:49 - 001330940 _____ C:\Users\Kuba\Downloads\Jednorázová investice pokyn k nákupu a prodeji pro Fyzickou osobu, Právnickou osobu a podnikatele.pdf
2021-09-14 18:49 - 2021-09-14 18:49 - 001330940 _____ C:\Users\Kuba\Downloads\Jednorázová investice pokyn k nákupu a prodeji pro FO, PO a FOP.pdf
2021-09-14 18:49 - 2021-09-14 18:49 - 000044942 _____ C:\Users\Kuba\Downloads\Platební instrukce.pdf
2021-09-14 13:17 - 2021-09-14 13:17 - 001344786 _____ C:\Users\Kuba\Documents\nehoda.pdf
2021-09-14 13:13 - 2021-09-14 13:15 - 004803389 _____ C:\Users\Kuba\Documents\VTP.pdf
2021-09-13 23:57 - 2021-09-13 23:57 - 000138707 _____ C:\Users\Kuba\Desktop\wspdf790235846099051122hlasenka.pdf
2021-09-13 23:55 - 2021-09-13 23:55 - 000138707 _____ C:\Users\Kuba\Downloads\wspdf790235846099051122hlasenka.pdf
2021-09-13 17:45 - 2021-09-13 17:45 - 000109206 _____ C:\Users\Kuba\Downloads\Ucastnicke_fondy_CPS.pdf
2021-09-12 17:41 - 2021-09-12 17:41 - 000081426 _____ C:\Users\Kuba\Downloads\02000000C39DA20A0199A4AE06F54BDBF70B465D374EF933341E3238DA9AD4AA238506C7628AA037FAE96A767B09EE493778E3A6.pdf.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-12 23:24 - 2020-02-24 20:55 - 001012543 _____ C:\WINDOWS\ZAM.krnl.trace
2021-10-12 23:23 - 2019-10-10 01:34 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-12 23:22 - 2019-10-10 00:46 - 000000000 ____D C:\ProgramData\NVIDIA
2021-10-12 23:21 - 2019-10-10 01:37 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-12 23:20 - 2021-09-03 15:55 - 000000000 ____D C:\Users\Kuba\AppData\Local\LGHUB
2021-10-12 23:20 - 2019-10-10 02:24 - 000000000 ____D C:\Program Files\CCleaner
2021-10-12 16:01 - 2021-04-21 15:10 - 000003140 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner
2021-10-12 15:53 - 2021-02-01 01:44 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\Origin
2021-10-12 15:53 - 2019-10-10 03:55 - 000000000 ____D C:\ProgramData\Origin
2021-10-12 15:48 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-12 14:54 - 2021-02-01 01:44 - 000000000 ____D C:\Users\Kuba\AppData\Local\Origin
2021-10-12 13:24 - 2020-11-05 22:32 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-10-12 12:40 - 2020-11-05 22:42 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-10-12 12:40 - 2019-12-07 16:43 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2021-10-12 12:40 - 2019-12-07 16:43 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2021-10-12 12:40 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-10-12 12:39 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-10-12 12:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-10-12 12:34 - 2019-10-10 02:11 - 000011466 _____ C:\CosairDram.txt
2021-10-12 12:33 - 2020-11-05 22:37 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-10-12 12:33 - 2020-11-05 22:32 - 000008192 ___SH C:\DumpStack.log.tmp
2021-10-12 12:33 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-10-12 12:33 - 2019-10-10 03:39 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-10-12 03:02 - 2021-09-10 23:27 - 000000000 ____D C:\ProgramData\ME3TweaksModManager
2021-10-11 23:51 - 2019-10-10 02:59 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-10-11 23:24 - 2020-11-05 20:15 - 000000000 ____D C:\Users\Kuba
2021-10-11 23:04 - 2021-02-16 19:43 - 000000000 ____D C:\Users\Kuba\AppData\Local\CrashDumps
2021-10-11 22:44 - 2019-10-10 00:43 - 000000000 ____D C:\Users\Kuba\AppData\Local\Packages
2021-10-11 21:27 - 2020-11-05 22:37 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-10-11 21:12 - 2019-10-15 21:41 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-10-11 14:43 - 2021-07-31 20:12 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\Telegram Desktop
2021-10-10 19:19 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-10-10 18:06 - 2020-11-05 22:37 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-10 18:06 - 2020-11-05 22:37 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-10-09 19:05 - 2021-07-31 20:27 - 000000000 ____D C:\Users\Kuba\Downloads\Telegram Desktop
2021-10-09 19:05 - 2019-10-14 16:52 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\vlc
2021-10-08 18:11 - 2021-06-24 20:57 - 000001344 _____ C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-10-08 18:11 - 2021-06-24 20:57 - 000000000 ____D C:\Users\Kuba\AppData\Local\PCHealthCheck
2021-10-08 03:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-10-07 03:19 - 2019-10-10 01:35 - 000000000 ____D C:\Users\Kuba\AppData\Local\D3DSCache
2021-10-07 01:47 - 2021-04-28 19:46 - 000000000 ____D C:\ProgramData\Zoner
2021-10-06 21:17 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-10-05 22:34 - 2019-10-10 01:48 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\uTorrent
2021-10-05 15:27 - 2020-11-12 18:48 - 000004454 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1605199730
2021-10-05 12:16 - 2020-11-12 18:48 - 000004202 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1605199728
2021-10-05 12:16 - 2020-11-12 18:48 - 000001406 _____ C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2021-10-05 01:48 - 2021-02-09 11:26 - 000000000 ____D C:\Users\Kuba\Documents\BioWare
2021-10-05 01:42 - 2019-10-10 03:57 - 000000000 ____D C:\Program Files (x86)\Origin
2021-10-04 23:44 - 2020-12-23 00:29 - 000000000 ____D C:\ProgramData\CanonIJPLM
2021-10-04 23:35 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-10-04 02:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-10-03 20:02 - 2020-06-04 13:05 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-10-03 19:58 - 2019-10-14 19:42 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-10-01 20:27 - 2020-05-25 00:40 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-10-01 20:12 - 2019-10-10 01:59 - 000000000 ____D C:\Users\Kuba\AppData\Local\NVIDIA
2021-10-01 19:47 - 2021-04-28 19:46 - 000001562 _____ C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Zoner Photo Studio X.lnk
2021-10-01 16:23 - 2020-10-01 13:25 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-10-01 02:33 - 2020-11-05 22:37 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-10-01 02:33 - 2020-11-05 22:37 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-09-30 20:59 - 2020-07-23 00:10 - 000037960 _____ (WireGuard LLC) C:\WINDOWS\system32\Drivers\wintun.sys
2021-09-20 23:56 - 2019-10-10 01:34 - 000000000 ____D C:\Users\Kuba\AppData\Local\Google
2021-09-20 23:45 - 2021-04-29 17:41 - 000000000 ____D C:\Program Files\Google
2021-09-17 14:59 - 2020-02-01 17:54 - 000000000 __SHD C:\Users\Kuba\wc
2021-09-17 01:10 - 2020-06-12 21:09 - 000000000 ____D C:\Users\Kuba\AppData\Roaming\Notepad++
2021-09-16 05:22 - 2021-03-31 13:33 - 007280840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-09-16 05:21 - 2021-03-31 13:33 - 006216336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-09-16 03:00 - 2020-12-10 19:36 - 000000597 _____ C:\Users\Kuba\Documents\RockstarPlayTimeCache.txt
2021-09-16 00:10 - 2020-11-05 22:37 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-09-15 20:32 - 2020-12-12 01:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cyberpunk 2077 [GOG.com]
2021-09-15 20:27 - 2020-11-05 22:32 - 000446792 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-09-15 20:26 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-09-15 20:26 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-09-15 20:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-09-15 20:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-09-15 20:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-09-15 20:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-09-15 20:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-09-15 20:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-09-15 20:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-09-15 20:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-09-15 20:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-09-15 20:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-09-15 20:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-09-15 20:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-09-15 20:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-09-15 20:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-09-15 20:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-09-15 20:26 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-09-15 16:20 - 2019-10-11 00:35 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-09-15 16:17 - 2019-10-11 00:35 - 135637312 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-09-15 11:47 - 2020-03-18 21:22 - 000000000 ____D C:\Users\Kuba\Documents\Zoom
2021-09-15 09:37 - 2021-09-10 23:27 - 000000000 ____D C:\Users\Kuba\AppData\Local\ME3Tweaks

==================== Files in the root of some directories ========

2020-03-04 00:36 - 2020-03-04 00:36 - 042886902 _____ () C:\Users\Kuba\AppData\Roaming\gta5_patch.bin
2019-10-13 15:59 - 2019-10-13 16:07 - 002128896 _____ () C:\Users\Kuba\AppData\Local\file__0.localstorage
2021-04-28 20:01 - 2021-04-28 20:01 - 000000900 _____ () C:\Users\Kuba\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Fractal Design Define S2 bílá // ASUS CROSSHAIR VI EXTREME - AMD X370 // AMD Ryzen 7 3700X // GIGABYTE GeForce RTX 2080Ti WindForce OC 11G, 11GB GDDR6 // G.SKILL 2x16 GB DDR4 3200Mhz Trident Z RGB NEO // ADATA XPG GAMMIX S11 Pro M.2 NVMe 1.3 - 1TB // Corsair RMx RM650x (v.2018) // Be quiet! Dark Rock PRO 4 // Windows 10 Pro // 49" ASUS XG49VQ
CZC https://bit.ly/30fHPMp

zik9
Level 3.5
Level 3.5
Příspěvky: 854
Registrován: červenec 12
Bydliště: Plzeň
Pohlaví: Muž

Re: Podivné chování

Příspěvekod zik9 » 12 říj 2021 23:33

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-10-2021
Ran by Kuba (12-10-2021 23:25:22)
Running from C:\Users\Kuba\Desktop
Microsoft Windows 10 Pro Version 20H2 19042.1237 (X64) (2020-11-05 20:37:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2166569075-3562328185-4131405611-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2166569075-3562328185-4131405611-503 - Limited - Disabled)
Guest (S-1-5-21-2166569075-3562328185-4131405611-501 - Limited - Disabled)
Kuba (S-1-5-21-2166569075-3562328185-4131405611-1001 - Administrator - Enabled) => C:\Users\Kuba
Luděk (S-1-5-21-2166569075-3562328185-4131405611-1002 - Administrator - Enabled) => C:\Users\Luděk
WDAGUtilityAccount (S-1-5-21-2166569075-3562328185-4131405611-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Security Cloud (Disabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
FW: Kaspersky Security Cloud (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1394 OHCI Compliant Host Controller (Legacy) (HKLM-x32\...\{B12878BB-DA05-4F25-96E7-E0200428B220}) (Version: 0.0.1 - Microsoft Corporation)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.007.20095 - Adobe Systems Incorporated)
AIDA64 Extreme v6.25 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 6.25 - FinalWire Ltd.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{D8561EEF-2B90-4BDB-B197-16E96924E6AA}) (Version: 1.7.29.0115 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 1.7.29.0115 - Advanced Micro Devices, Inc.)
Anakin (HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\...\Anakin) (Version: - )
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.49.1 - Asmedia Technology)
ASUS Aac_NBDT HAL (HKLM\...\{01D3B7AA-D078-4506-B460-60877FCDDBD6}) (Version: 2.3.4.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Aac_NBDT HAL (HKLM-x32\...\{e8758547-b06a-4534-a291-d9062d2a6bf6}) (Version: 2.3.4.0 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Display Component (HKLM\...\{AFD1CF98-FE97-434C-A095-9F27C5BEA53C}) (Version: 1.1.23 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Display Component (HKLM-x32\...\{b8af8e27-5c72-412c-bab7-dc6430e70f1b}) (Version: 1.1.23 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA Extension Card HAL (HKLM\...\{2C39FF80-1BB2-42C5-A58D-DC90EFF048F6}) (Version: 1.0.16 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Extension Card HAL (HKLM-x32\...\{e46f527f-1e64-4554-abc1-115f3429c25c}) (Version: 1.0.16 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Headset Component (HKLM\...\{A3C4120D-8096-4307-91A2-FFE37EBD5A3D}) (Version: 1.2.4 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Headset Component (HKLM-x32\...\{7f23d3ea-a821-4293-b7f7-34383bf06437}) (Version: 1.2.4 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM\...\{D800D836-DE15-4B00-8273-521F022CD837}) (Version: 1.0.50 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Motherboard HAL (HKLM-x32\...\{12b6811a-dcdb-43c1-b3e4-80aef31134c5}) (Version: 1.0.50 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Odd Component (HKLM\...\{B5E322FB-C191-463E-BDDD-4F22290EDFDB}) (Version: 1.0.8 - ASUSTeK COMPUTER INC.) Hidden
ASUS AURA Odd Component (HKLM-x32\...\{277875e0-972c-4705-b09c-ca5acf5b2f7c}) (Version: 1.0.8 - ASUSTeK COMPUTER INC.) Hidden
ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.03.38 - ASUSTek COMPUTER INC.) Hidden
ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.2.0 - ASUSTek COMPUTER INC. ) Hidden
ASUS AURA VGA Component (HKLM-x32\...\{55c3ae30-56f9-48ea-a96d-1fad2739e1a2}) (Version: 0.0.2.0 - ASUSTek COMPUTER INC. ) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{3507c756-a80f-4b0e-8475-975d8b432176}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS GLCKIO2 Driver (HKLM-x32\...\{5960FD0F-BB3B-49AF-B175-F77DC91E995A}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden
ASUS Keyboard HAL (HKLM\...\{0FA0CDEE-5DC8-421E-A97D-C74FA6E66FC3}) (Version: 1.0.37 - ASUSTek COMPUTER INC.) Hidden
ASUS Keyboard HAL (HKLM-x32\...\{ae71a627-f426-4c18-afc9-b379b0e88f97}) (Version: 1.0.37 - ASUSTek COMPUTER INC.) Hidden
ASUS MB Peripheral Products (HKLM\...\{BFED9861-7D96-4528-89F1-B090ABBF11A7}) (Version: 1.0.30 - ASUSTeK Computer Inc.) Hidden
ASUS MB Peripheral Products (HKLM-x32\...\{a3a1beb0-9f5b-4b4e-8cfa-ef25842faf55}) (Version: 1.0.30 - ASUSTeK Computer Inc.) Hidden
ASUS Mouse HAL (HKLM\...\{1838F91B-D481-45AA-B92F-071C62D0A19A}) (Version: 1.0.39 - ASUSTek COMPUTER INC.) Hidden
ASUS Mouse HAL (HKLM-x32\...\{d25743f5-a12e-4fa8-a426-6ee9c7b2ef9c}) (Version: 1.0.39 - ASUSTek COMPUTER INC.) Hidden
ASUS MousePad HAL (HKLM\...\{723B40A4-5BF2-4DC6-834A-2ADF75F3CF7E}) (Version: 1.0.1.1 - ASUSTek COMPUTER INC.) Hidden
ASUS MousePad HAL (HKLM-x32\...\{3fb92594-5d14-44b6-aa83-5e9823daa7e8}) (Version: 1.0.1.1 - ASUSTek COMPUTER INC.) Hidden
Asus ProductDaemonSetup (HKLM\...\{36606417-B1C4-42C2-B5C1-67972DA63DAB}) (Version: 3.6.4501 - ASUSTeK COMPUTER INC) Hidden
Asus Sonic Radar 3 (HKLM-x32\...\{f302c1fc-67c2-40b1-93c7-266d93310a2d}) (Version: 3.6.45.60920 - ASUSTeK COMPUTER INC)
Asus Sonic Studio 3 (HKLM-x32\...\{44d9a0cd-0414-49c0-8488-dc0849f46bd1}) (Version: 3.6.45.60920 - ASUSTeK COMPUTER INC)
Asus SonicRadar3Setup (HKLM\...\{09AE428F-CB54-42C8-8342-D0EC6E4136D0}) (Version: 3.6.45.60920 - ASUSTeK COMPUTER INC) Hidden
Asus SonicStudio3Setup (HKLM\...\{ACA23ED7-018F-47AE-8C9C-2096E1455DA4}) (Version: 3.6.45.60920 - ASUSTeK COMPUTER INC) Hidden
Audacity 3.0.2 (HKLM-x32\...\Audacity_is1) (Version: 3.0.2 - Audacity Team)
AURA (HKLM-x32\...\{5899CD4F-8764-4303-A0D9-C60A62CFC24F}) (Version: 1.07.71 - ASUSTeK Computer Inc.)
AURA DRAM Component (HKLM\...\{3881F403-B6B7-4D2F-BDAC-7901EB677F52}) (Version: 1.0.30 - ASUS) Hidden
AURA DRAM Component (HKLM-x32\...\{e6f373bb-3881-463c-bd1a-3c948b067041}) (Version: 1.0.30 - ASUS) Hidden
AURA Service (HKLM-x32\...\{0E536061-3B55-4D45-BF58-0BDA261C94B0}) (Version: 3.03.56 - ASUSTeK Computer Inc.) Hidden
AURA Service (HKLM-x32\...\{fae81274-d8ce-4fcf-a8c8-2c1d949df742}) (Version: 3.03.56 - ASUSTeK Computer Inc.)
Backup and Sync from Google (HKLM\...\{AE7B9534-BD28-4C51-838F-A847C2A206E2}) (Version: 3.57.3958.2866 - Google, Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.4.4 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.7.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.20.13 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.3.0 - Canon Inc.)
Canon MG3600 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3600_series) (Version: 1.00 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.85 - Piriform)
Control - Čeština (HKLM\...\{34AD213D-1A18-4480-80DC-77C341DCAD70}}_is1) (Version: 1.1 - Necronos)
Corsair AURA DRAM Component (HKLM\...\{376E0869-A4F1-4DC7-A1FD-EBF3AFFEB832}) (Version: 1.0.12 - CORSAIR COMPONENTS INC.) Hidden
Corsair AURA DRAM Component (HKLM-x32\...\{7f2fddab-1f7d-4301-b534-6723e6315fe1}) (Version: 1.0.12 - CORSAIR COMPONENTS INC.) Hidden
CPUID HWMonitor 1.43 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.43 - CPUID, Inc.)
CryptSignX verze 2.3.21113.0 (HKLM-x32\...\CryptSignX verze 2.3.21113.0) (Version: - )
CrystalDiskInfo 8.12.8 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.12.8 - Crystal Dew World)
Cyberpunk 2077 (HKLM-x32\...\1423049311_is1) (Version: 1.31 - GOG.com)
DJI Assistant 2 For Mavic version V2.0.12.1 (HKLM-x32\...\{6859F742-537E-44EA-AF45-000EC275335F}_is1) (Version: V2.0.12.1 - DJI)
Dokan Library 1.4.0.1000 (x64) (HKLM\...\{65A3A964-3DC3-0104-0000-200601191219}) (Version: 1.4.0.1000 - Dokany Project) Hidden
Dokan Library 1.4.0.1000 Bundle (HKLM-x32\...\{97cfdb6c-2faa-43ba-afbc-469e01845e99}) (Version: 1.4.0.1000 - Dokany Project)
EDIUS (HKLM\...\{E7CCB338-2A54-4F44-947B-958BD847A5D3}) (Version: 7.53 - Grass Valley K.K.)
EDIUS Codec Option 7.53 (HKLM-x32\...\{7E4E5B65-9B8B-4ECE-9C1F-9C96DA0BC620}) (Version: 7.53 - Grass Valley K.K.)
ENE RGB HAL (HKLM\...\{87316426-A33E-41E9-942B-968E928A9A47}) (Version: 1.00.10 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{de9f7705-d509-49a2-90f2-29a80ff3b785}) (Version: 1.00.10 - Ene Tech.) Hidden
ENE_AIC_Marvell_HAL (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden
ENE_AIC_Marvell_HAL (HKLM-x32\...\{887e18fb-6bc3-4cd4-b34e-32d9ff71bbae}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.0.10 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{52d1d7de-19c3-4f83-97bb-f9435dc84c5b}) (Version: 1.0.0.10 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.8.4 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{0f607f07-7957-4887-9d5e-be8efe9595a9}) (Version: 1.0.8.4 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.1.8 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{bf256b46-8ff7-48be-ab7f-5661e9a0651f}) (Version: 1.0.1.8 - ENE TECHNOLOGY INC.) Hidden
ENE_X_AIC_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version: 1.0.3.1 - ENE TECHNOLOGY INC.) Hidden
ENE_X_AIC_HAL (HKLM-x32\...\{33f042cf-0ae3-4241-b8c8-7f544533ea8e}) (Version: 1.0.3.1 - ENE TECHNOLOGY INC.) Hidden
ENE_X-JMI_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.5.1 - ENE Tech) Hidden
ENE_X-JMI_HAL (HKLM-x32\...\{50ec3a07-291b-463e-be86-487eb8cbb71c}) (Version: 1.0.5.1 - ENE Tech) Hidden
Epic Games Launcher (HKLM-x32\...\{C69A2919-0662-4390-9418-67C931B44C18}) (Version: 1.1.236.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{0B736177-814A-4ADE-81D1-66A0FDD55BB4}) (Version: 1.1.11.0 - Epic Games, Inc.)
Flawless Widescreen version 1.0.15 (HKLM-x32\...\{7348D82E-8C68-48FF-BA2D-8C97B5B4B3D8}_is1) (Version: 1.0.15 - Flawless Widescreen)
FormatFactory 4.9.5.0 (HKLM-x32\...\FormatFactory) (Version: 4.9.5.0 - Free Time)
Futuremark SystemInfo (HKLM-x32\...\{03196584-8E63-455A-94AD-A417BB89B74E}) (Version: 5.37.888.0 - Futuremark)
GALAX GAMER RGB (HKLM\...\{06A16AA8-BBA7-4362-962E-16651962D87C}) (Version: 1.00.02 - Galaxy Microsystems Ltd.) Hidden
GALAX GAMER RGB (HKLM-x32\...\{1257fdeb-ffa3-4e17-9d4b-189075ea3656}) (Version: 1.00.02 - Galaxy Microsystems Ltd.)
GameFirst IV (HKLM-x32\...\{370651DD-8ABF-4807-9533-0869FDF79BFA}) (Version: 1.5.31 - ASUSTeK COMPUTER INC.) Hidden
GameFirst IV (HKLM-x32\...\GameFirst IV 1.5.31) (Version: 1.5.31 - ASUSTeK COMPUTER INC.)
GIMP 2.10.24 (HKLM\...\GIMP-2_is1) (Version: 2.10.24 - The GIMP Team)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 51.0.15.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 94.0.4606.81 - Google LLC)
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.2245.0 - Rockstar Games)
GV LicenseManager 2.53 (HKLM-x32\...\{EE256B6B-7F66-409B-9CF2-CE9B64947CBC}) (Version: 2.53 - Grass Valley K.K.)
hide.me Wintun (HKLM\...\{6A3B09CD-8B4A-4A66-9C90-833023E463E9}) (Version: 0.8 - hide.me) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.500 - Huawei Technologies Co., Ltd.)
Intel(R) Network Connections 22.9.16.0 (HKLM\...\PROSetDX) (Version: 22.9.16.0 - Intel)
Java 8 Update 281 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180281F0}) (Version: 8.0.2810.9 - Oracle Corporation)
Kaspersky Security Cloud (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky Security Cloud (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky)
Kaspersky VPN (HKLM-x32\...\{221FA56C-0A92-4E58-98FD-CAF82237540C}) (Version: 21.2.16.590 - Kaspersky) Hidden
Kaspersky VPN (HKLM-x32\...\InstallWIX_{221FA56C-0A92-4E58-98FD-CAF82237540C}) (Version: 21.2.16.590 - Kaspersky)
Kingston AURA DRAM Component (HKLM\...\{6D2D2DAF-BFE4-45A6-BF40-8A9F7FF54F42}) (Version: 1.0.15 - KINGSTON COMPONENTS INC.) Hidden
Kingston AURA DRAM Component (HKLM-x32\...\{83d4c398-3b93-4ab0-95f0-6091b0a2f601}) (Version: 1.0.15 - KINGSTON COMPONENTS INC.) Hidden
Kontrola stavu osobního počítače s Windows (HKLM\...\{D18FE9D2-2F54-4C68-A2DE-A59D4A80A9BC}) (Version: 3.1.2109.29003 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LOADER_753 (HKLM-x32\...\LOADER_753) (Version: LOADER_753 - LOADER_753)
LOADER_753_V4 (HKLM-x32\...\LOADER_753_V4) (Version: 4 - home)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2021.9.7463 - Logitech)
Malwarebytes version 4.4.8.137 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.8.137 - Malwarebytes)
MediaHuman YouTube to MP3 Converter 3.9.9.60 (HKLM-x32\...\MediaHuman YouTube to MP3 Converter_is1) (Version: 3.9.9.60 - MediaHuman)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 94.0.992.38 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Retail - cs-cz) (Version: 16.0.14430.20270 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2166569075-3562328185-4131405611-1002\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.9 (x64) (HKLM-x32\...\{70502eec-6d06-46ce-8acb-84c9d5248a12}) (Version: 5.0.9.30315 - Microsoft Corporation)
MiniTool Partition Wizard 12 DEMO (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Software Limited)
MSI Afterburner 4.6.3 (HKLM-x32\...\Afterburner) (Version: 4.6.3 - MSI Co., LTD)
Nero 2020 (HKLM-x32\...\{756D7C0B-8324-4D23-9701-CDF27D1A25B1}) (Version: 22.0.02100 - Nero AG)
Nero Core (HKLM-x32\...\{D8562B54-9F33-413E-B38E-4B273BCE3019}) (Version: 2.0.05700 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 21.0.1007 - Nero AG)
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 6.39.6.0 - TEFINCOM S.A.)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NordVPN network TUN (HKLM\...\{BD0E4F38-D3F6-452D-A32E-B14D721839AC}) (Version: 1.0.1 - NordVPN)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.1.4 - Notepad++ Team)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 472.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 472.12 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NVIDIA USBC Driver 1.46.831.832 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_USBC) (Version: 1.46.831.832 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{7F5DCD33-1039-C3B2-9538-B645B65BBA63}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14430.20270 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14430.20234 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14430.20270 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Opera Stable 79.0.4143.72 (HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\...\Opera 79.0.4143.72) (Version: 79.0.4143.72 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.105.49133 - Electronic Arts, Inc.)
Partners ANAKIN (HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\...\2ec0ff373b818ceb) (Version: 7.1.0.17 - Partners ANAKIN)
Patriot Viper M2 SSD RGB (HKLM\...\{0886A906-0625-4A43-930D-AA92F6665AF4}) (Version: 1.00.04 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{ebb7013c-0b03-497c-bed1-1e48e806a593}) (Version: 1.00.04 - Patriot Memory)
Patriot Viper RGB (HKLM\...\{E42E13B0-071E-49C1-B1CC-58198E82F302}) (Version: 1.00.06 - Patriot Memory) Hidden
Patriot Viper RGB (HKLM-x32\...\{72d8889e-2136-423e-b16f-aa8db820adad}) (Version: 1.00.06 - Patriot Memory)
PC Building Simulator - Čeština 1.12 (BEZ esports) (HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\...\PC Building Simulator - Čeština 1.12 (BEZ esports)) (Version: - )
PC Building Simulator - Čeština 1.12.1 (BEZ esports) (HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\...\PC Building Simulator - Čeština 1.12.1 (BEZ esports)) (Version: - )
PC Building Simulator - Čeština 1.12.2 (BEZ esports) (HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\...\PC Building Simulator - Čeština 1.12.2 (BEZ esports)) (Version: - )
PerformanceTest v9.0 (HKLM\...\PerformanceTest 9_is1) (Version: 9.0.1035.0 - Passmark Software)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 - Advanced Micro Devices, Inc.) Hidden
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 2.10.6 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.24.34 - Razer Inc.)
REALTEK Bluetooth Filter Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AD}) (Version: 1.4.887.170518 - REALTEK Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8746.1 - Realtek Semiconductor Corp.)
Realtek PCI-E Wireless LAN Driver (HKLM-x32\...\InstallShield_{70714FB7-4084-4202-A599-2D5935DECB67}) (Version: Drv_3.00.0019 - REALTEK Semiconductor Corp.)
Registrace uživatele zařízení Canon MG3600 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG3600 series) (Version: - ‭Canon Inc.)
Revo Uninstaller Pro 4.4.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.4.8 - VS Revo Group, Ltd.)
RGB Fusion (HKLM-x32\...\{FFA8F1FA-3C2C-4A94-AC0B-0DF47272C25F}) (Version: 3.21.0222.1 - GIGABYTE)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.44.403 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.8.9 - Rockstar Games)
RogueKiller version 15.1.1.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 15.1.1.0 - Adlice Software)
Skype verze 8.75 (HKLM-x32\...\Skype_is1) (Version: 8.75 - Skype Technologies S.A.)
SOFTPRO Driver (HKLM\...\{7EE87E94-7412-4723-9D86-ED0951876113}) (Version: 3.1.10 - SOFTPRO GmbH) Hidden
SOFTPRO Driver (HKLM-x32\...\InstallShield_{7EE87E94-7412-4723-9D86-ED0951876113}) (Version: 3.1.10 - SOFTPRO GmbH)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.9.0 - Sophos Limited)
Spotify (HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\...\Spotify) (Version: 1.1.17.543.geb9254e9 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.3 - TeamSpeak Systems GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.18.5 - TeamViewer)
Telegram Desktop version 3.1.8 (HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 3.1.8 - Telegram FZ-LLC)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.80.69.1030 - Electronic Arts Inc.)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 97.0 - Ubisoft)
VdhCoApp 1.6.1 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Wacom STU Driver (HKLM-x32\...\{28bc24e9-48c1-4d65-bfd8-ee7c5d70c062}) (Version: 5.2.0 - Wacom Co., Ltd.)
Wacom STU Driver (x64) (HKLM\...\{D5FDBD50-C14F-44C5-8BB3-49A3765406C7}) (Version: 5.2.0 - Wacom Co., Ltd.) Hidden
WiFi+Transfer (HKLM-x32\...\{9E363AFB-7AA6-49AF-8911-505761B75DC0}) (Version: 1.0.3078 - Nero AG)
WinRAR 6.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.01.0 - win.rar GmbH)
Wondershare Filmora9(Build 9.5.0) (HKLM\...\Wondershare Filmora9_is1) (Version: - Wondershare Software)
Zemana AntiMalware verze 3.2.28 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.2.28 - Zemana)
Zoner Photo Studio X CS (HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\...\ZPS X) (Version: 19.2109.2.346 - ZONER software)
Zoom (HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\...\ZoomUMX) (Version: 5.7.7 (1105) - Zoom Video Communications, Inc.)

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-04-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-04-28] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-10-01] (NVIDIA Corp.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2021-07-05] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2021-07-05] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2021-07-05] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\51.0.15.0\drivefsext.dll [2021-09-09] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\51.0.15.0\drivefsext.dll [2021-09-09] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\51.0.15.0\drivefsext.dll [2021-09-09] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\51.0.15.0\drivefsext.dll [2021-09-09] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2021-03-30] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2021-03-22] (Notepad++ -> )
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\51.0.15.0\drivefsext.dll [2021-09-09] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_106.dll [2019-09-25] (Free Time) [File not signed]
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-04-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2021-07-05] (Mega Limited -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-04-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2021-07-05] (Mega Limited -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-10-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2021-07-05] (Mega Limited -> )
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\51.0.15.0\drivefsext.dll [2021-09-09] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_106.dll [2019-09-25] (Free Time) [File not signed]
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-04-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\ProgramData\MEGAsync\ShellExtX64.dll [2021-07-05] (Mega Limited -> )
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\51.0.15.0\drivefsext.dll [2021-09-09] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_19c79fb6254e3b11\nvshext.dll [2021-09-16] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2021-03-30] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\shellex.dll [2021-04-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-10-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2020-09-28] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.CDV5] => C:\Windows\system32\cdv5codc.dll [59320 2016-06-15] (Grass Valley K.K. -> Grass Valley K.K.)
HKLM\...\Drivers32: [vidc.CLLC] => C:\Windows\system32\cllccodc.dll [1411512 2016-06-15] (Grass Valley K.K. -> Grass Valley K.K.)
HKLM\...\Drivers32: [vidc.CUVC] => C:\Windows\system32\cuvccodc.dll [75192 2016-06-15] (Grass Valley K.K. -> Grass Valley K.K.)
HKLM\...\Drivers32: [vidc.CDVC] => C:\Windows\system32\cdvccodc.dll [66488 2016-06-15] (Grass Valley K.K. -> Grass Valley K.K.)
HKLM\...\Drivers32: [vidc.CDVH] => C:\Windows\system32\cdvhcodc.dll [59320 2016-06-15] (Grass Valley K.K. -> Grass Valley K.K.)
HKLM\...\Drivers32: [vidc.CMIC] => C:\Windows\system32\cmiccodc.dll [495032 2016-06-15] (Grass Valley K.K. -> Grass Valley K.K.)
HKLM\...\Drivers32: [vidc.CHQX] => C:\Windows\system32\chqxcodc.dll [111544 2016-06-15] (Grass Valley K.K. -> Grass Valley K.K.)
HKLM\...\Drivers32: [vidc.C210] => C:\Windows\system32\c210codc.dll [1418168 2016-06-15] (Grass Valley K.K. -> Grass Valley K.K.)
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.CDV5] => C:\Windows\SysWOW64\cdv5codc.dll [59320 2016-06-15] (Grass Valley K.K. -> Grass Valley K.K.)
HKLM\...\Drivers32: [vidc.CLLC] => C:\Windows\SysWOW64\cllccodc.dll [1828792 2016-06-15] (Grass Valley K.K. -> Grass Valley K.K.)
HKLM\...\Drivers32: [vidc.CUVC] => C:\Windows\SysWOW64\cuvccodc.dll [69048 2016-06-15] (Grass Valley K.K. -> Grass Valley K.K.)
HKLM\...\Drivers32: [vidc.CDVC] => C:\Windows\SysWOW64\cdvccodc.dll [65464 2016-06-15] (Grass Valley K.K. -> Grass Valley K.K.)
HKLM\...\Drivers32: [vidc.CDVH] => C:\Windows\SysWOW64\cdvhcodc.dll [59320 2016-06-15] (Grass Valley K.K. -> Grass Valley K.K.)
HKLM\...\Drivers32: [vidc.CMIC] => C:\Windows\SysWOW64\cmiccodc.dll [604600 2016-06-15] (Grass Valley K.K. -> Grass Valley K.K.)
HKLM\...\Drivers32: [vidc.CHQX] => C:\Windows\SysWOW64\chqxcodc.dll [103864 2016-06-15] (Grass Valley K.K. -> Grass Valley K.K.)
HKLM\...\Drivers32: [vidc.C210] => C:\Windows\SysWOW64\c210codc.dll [1865656 2016-06-15] (Grass Valley K.K. -> Grass Valley K.K.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Videostream for Google Chromecast™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl
ShortcutWithArgument: C:\Users\Kuba\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2021-10-03 20:52 - 2021-10-01 18:04 - 000634880 _____ () [File not signed] \\?\C:\Program Files\LGHUB\resources\app.asar.unpacked\node_modules\keytar\build\Release\keytar.node
2019-10-10 01:10 - 2017-05-05 08:39 - 006065152 ____R () [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.16\libprotobufd.dll
2016-04-22 11:16 - 2016-04-22 11:16 - 000118784 _____ () [File not signed] C:\Program Files (x86)\ASUS\GameFirst IV\nfapi.DLL
2021-02-08 16:24 - 2021-02-08 16:24 - 000232960 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2021-02-08 16:24 - 2021-02-08 16:24 - 000057344 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2021-02-08 16:24 - 2021-02-08 16:24 - 000668160 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2021-02-08 16:24 - 2021-02-08 16:24 - 000074240 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2021-02-08 16:24 - 2021-02-08 16:24 - 000371712 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2019-10-30 18:17 - 2019-10-30 18:17 - 000368128 _____ () [File not signed] C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Foundation\NSConfiguratorDaemonModule.dll
2019-10-30 18:30 - 2019-10-30 18:30 - 000230912 _____ () [File not signed] C:\Program Files\ASUSTeKcomputer.Inc\Sonic Suite 3\Sonic Studio 3\ProfileSwitcherDaemonModule.dll
2019-06-19 09:43 - 2019-06-19 09:43 - 000207872 _____ () [File not signed] C:\Program Files\ENE\Aac_ENE RGB HAL\x86\AacHal_x86.dll
2018-03-20 14:34 - 2018-03-20 14:34 - 000265728 _____ () [File not signed] C:\Program Files\ENE\Aac_ENE RGB HAL\x86\SB_SMBUS_SDK.dll
2018-09-20 09:39 - 2018-09-20 09:39 - 000156672 _____ () [File not signed] C:\Program Files\Galaxy\Aac_GALAX GAMER RGB\AacHal_x86.dll
2019-03-07 13:48 - 2019-03-07 13:48 - 000156672 _____ () [File not signed] C:\Program Files\Patriot\Aac_Patriot Viper RGB\AacHal_x86.dll
2019-05-06 17:07 - 2019-05-06 17:07 - 002831360 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\LightingService\log4cxx.dll
2019-10-10 01:09 - 2017-06-01 16:24 - 000108544 ____R (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AAHM\1.00.31\ASACPI.DLL
2019-10-10 02:12 - 2021-10-12 12:34 - 000043776 _____ (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files (x86)\ASUS\AXSP\4.00.38\PEbiosinterface32.dll
2019-10-14 17:45 - 2015-03-17 08:51 - 000375296 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2019-09-25 18:52 - 2019-09-25 18:52 - 000305152 _____ (Free Time) [File not signed] C:\Program Files (x86)\FormatFactory\ShellEx64_106.dll
2017-10-18 14:23 - 2017-10-18 14:23 - 000349696 _____ (Intel(R) Corporation) [File not signed] C:\Windows\system32\NCS2Setp.dll
2018-09-20 09:08 - 2018-09-20 09:08 - 000053760 _____ (MS) [File not signed] C:\Program Files\Galaxy\Aac_GALAX GAMER RGB\MsIo32_Galax.dll
2019-03-07 13:35 - 2019-03-07 13:35 - 000053248 _____ (MS) [File not signed] C:\Program Files\Patriot\Aac_Patriot Viper RGB\MsIo32_Patriot.dll
2019-06-28 16:23 - 2019-06-28 16:23 - 000428544 _____ (TODO: <Company name>) [File not signed] C:\Program Files\ASUS\Aac_Keyboard\AacKbHal_x86.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

SearchScopes: HKU\S-1-5-21-2166569075-3562328185-4131405611-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-10-11] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-10-11] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_281\bin\ssv.dll [2021-02-23] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_281\bin\jp2ssv.dll [2021-02-23] (Oracle America, Inc. -> Oracle Corporation)
DPF: HKLM-x32 {F680B28A-3AEE-4C88-93ED-45AE9215C128} hxxps://adisepo.mfcr.cz/adistc/adis/idp ... tsignx.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-11] (Microsoft Corporation -> Microsoft Corporation)
Fractal Design Define S2 bílá // ASUS CROSSHAIR VI EXTREME - AMD X370 // AMD Ryzen 7 3700X // GIGABYTE GeForce RTX 2080Ti WindForce OC 11G, 11GB GDDR6 // G.SKILL 2x16 GB DDR4 3200Mhz Trident Z RGB NEO // ADATA XPG GAMMIX S11 Pro M.2 NVMe 1.3 - 1TB // Corsair RMx RM650x (v.2018) // Be quiet! Dark Rock PRO 4 // Windows 10 Pro // 49" ASUS XG49VQ
CZC https://bit.ly/30fHPMp

zik9
Level 3.5
Level 3.5
Příspěvky: 854
Registrován: červenec 12
Bydliště: Plzeň
Pohlaví: Muž

Re: Podivné chování

Příspěvekod zik9 » 12 říj 2021 23:33

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-11-26 02:44 - 2021-10-11 23:07 - 000000841 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\SOFTPRO\Shared;C:\Program Files (x86)\Common Files\SOFTPRO\Shared;C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Users\Kuba\AppData\Local\Microsoft\WindowsApps;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\dotnet\
HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kuba\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-2166569075-3562328185-4131405611-1002\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 10.255.255.10 - 10.255.255.20
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

Network Binding:
=============
Připojení k místní síti: NordVPN LightWeight Firewall -> NordLwf (enabled)
Připojení k místní síti 2: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet 3: NordVPN LightWeight Firewall -> NordLwf (enabled)
Wi-Fi: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet 2: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet: NordVPN LightWeight Firewall -> NordLwf (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "TREZOR Bridge.lnk"
HKLM\...\StartupApproved\StartupFolder: => "GV LicenseManager.lnk"
HKLM\...\StartupApproved\Run: => "SP_WSPCHK"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "DriveSpan"
HKLM\...\StartupApproved\Run32: => "Nero BackItUp"
HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\...\StartupApproved\StartupFolder: => "hide.me VPN.lnk"
HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_8DE71DA2DA81B795B6ABDB72281EA8CB"
HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_00020AD6DFF5EB12C6A1648CAF1C02D4"
HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\...\StartupApproved\Run: => "GalaxyClient"
HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\...\StartupApproved\Run: => "Opera Browser Assistant"
HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\...\StartupApproved\Run: => "NordVPN"
HKU\S-1-5-21-2166569075-3562328185-4131405611-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{9D35757E-3BC3-437A-ACDF-2EA10DE96F97}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{91F01127-F0D3-43C0-AECE-889B174B5686}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2BC11406-C99F-40CD-923C-6B8F3E66332B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{026265EE-1031-42F2-98DD-12CA0449474F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A02F8C22-707A-4735-82D4-37D970408927}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1ED1A653-D467-4C29-B427-8CDC705F9C0C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{36B1D787-7F88-47B0-90B9-7303B9326FC4}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{2ADAFDC7-AF21-4254-82FD-7B4FAD05B9AC}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{A85C9AD7-5D7A-4259-8638-FA357FDF096C}D:\program files (x86)\steam\steam.exe] => (Allow) D:\program files (x86)\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{98D16261-E20B-436E-A17F-EF4F4795FC81}D:\program files (x86)\steam\steam.exe] => (Allow) D:\program files (x86)\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{A6BBCC42-2526-4E47-8F00-B254438F9A1D}D:\program files (x86)\origin games\titanfall2\titanfall2.exe] => (Allow) D:\program files (x86)\origin games\titanfall2\titanfall2.exe => No File
FirewallRules: [TCP Query User{A9563B74-B6EA-4262-8274-1C8524B0284D}D:\program files (x86)\origin games\titanfall2\titanfall2.exe] => (Allow) D:\program files (x86)\origin games\titanfall2\titanfall2.exe => No File
FirewallRules: [{29E4471B-716D-456D-AF43-72F394D682EA}] => (Allow) E:\Program Files (x86)\SteamLibrary\steamapps\common\PC Building Simulator\PCBS.exe () [File not signed]
FirewallRules: [{A88E12F1-E9D7-4065-A08C-E5C879EE3504}] => (Allow) E:\Program Files (x86)\SteamLibrary\steamapps\common\PC Building Simulator\PCBS.exe () [File not signed]
FirewallRules: [{A0418203-CB1D-48B0-9019-763860C225CC}] => (Allow) D:\Program Files (x86)\Nero\Transfer\Transfer.exe (Nero AG -> Nero AG)
FirewallRules: [{C175A896-6885-48CD-AC91-F3824B2BBFDC}] => (Allow) D:\Program Files (x86)\Nero\Nero 2020\Nero Burning ROM\nero.exe (Nero AG -> Nero AG)
FirewallRules: [{AC4085DD-5764-4860-83FA-91F9F3E1A4D1}] => (Allow) D:\Program Files (x86)\Nero\Nero 2020\Nero MediaHome\MediaHome.exe (Nero AG -> Nero AG)
FirewallRules: [{C6DE8F3A-859D-480E-BD32-038A5C244D74}] => (Allow) D:\Program Files (x86)\Nero\Nero 2020\Nero MediaHome\NMDllHost.exe (Nero AG -> Nero AG)
FirewallRules: [{A9CF038C-8B8C-4A7B-AB49-F8EA755B5E5B}] => (Allow) D:\Program Files (x86)\Nero\Nero 2020\Nero Burning ROM\StartNBR.exe (Nero AG -> Nero AG)
FirewallRules: [{790644AC-D60E-4000-8E6A-572FF02FA989}] => (Block) D:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\visionstarter2.exe () [File not signed]
FirewallRules: [{9386594B-046E-415C-A70E-E2DDC49AF602}] => (Block) D:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\visionstarter2.exe () [File not signed]
FirewallRules: [UDP Query User{125FCCBC-D956-43D3-B746-717EF37BA9A1}D:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\visionstarter2.exe] => (Allow) D:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\visionstarter2.exe () [File not signed]
FirewallRules: [TCP Query User{E57ED763-780E-4A8C-925A-02D7470EE427}D:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\visionstarter2.exe] => (Allow) D:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\visionstarter2.exe () [File not signed]
FirewallRules: [UDP Query User{7A541280-79F2-4299-9D40-F9D9D85BB613}D:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservicecore.exe] => (Allow) D:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservicecore.exe (SZ DJI Technology Co., Ltd. -> )
FirewallRules: [TCP Query User{AC1B4056-FE88-458C-B082-F2467E093FFD}D:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservicecore.exe] => (Allow) D:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservicecore.exe (SZ DJI Technology Co., Ltd. -> )
FirewallRules: [UDP Query User{3221E416-A513-4666-AC47-9F4CDF6A2A06}D:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservice.exe] => (Allow) D:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservice.exe (SZ DJI Technology Co., Ltd. -> )
FirewallRules: [TCP Query User{CCE5B37A-E081-4AFA-A86E-A61EC700F3CA}D:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservice.exe] => (Allow) D:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservice.exe (SZ DJI Technology Co., Ltd. -> )
FirewallRules: [{4AC5214E-F01F-4455-94EA-4F9BBAA7456F}] => (Allow) C:\Users\Kuba\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{94F0EF81-B794-43B5-8BA6-D0861DF51B95}] => (Allow) C:\Users\Kuba\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{4563D2D2-AF00-4ED6-9FD6-3C846A817378}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{F3658AFE-06C3-4900-8D11-5DF58D47847A}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{1953CFB7-BF2B-4826-A5FB-1B893B906F28}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{C7BA96E9-1A4B-49C4-A241-C497C7A62CA3}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [UDP Query User{6C114104-8070-4DC1-BDE5-CAA06E5F3184}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{79323DA2-7B1F-4702-AAA4-4898DD90C7DE}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{31F6EA7F-4231-45FF-BA8B-EBD669B720FB}] => (Allow) D:\program files\rockstar games\grand theft auto v\gta5.exe (Rockstar Games) [File not signed]
FirewallRules: [{658F0CED-305A-4437-87B1-006431C1D9BC}] => (Allow) D:\program files\rockstar games\grand theft auto v\gta5.exe (Rockstar Games) [File not signed]
FirewallRules: [UDP Query User{F41F4720-71F3-4450-BFFF-8871C10BECBF}D:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\program files\rockstar games\grand theft auto v\gta5.exe (Rockstar Games) [File not signed]
FirewallRules: [TCP Query User{846FA5B0-5933-4C15-9382-890283F20533}D:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\program files\rockstar games\grand theft auto v\gta5.exe (Rockstar Games) [File not signed]
FirewallRules: [{8BA5F019-BE98-4DAA-BD61-FF0C4923B71C}] => (Block) C:\users\kuba\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{48966BC5-875F-4165-8994-1ABCAD0599FC}] => (Block) C:\users\kuba\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{AC013597-C92C-41DE-B58C-AC64F00EB28D}C:\users\kuba\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\kuba\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{4D771D21-7151-4247-85BE-A66DDDF60815}C:\users\kuba\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\kuba\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{1C6D905D-F674-4BBA-8C0E-024DF72A01F2}D:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [UDP Query User{AA9CD670-00AE-4649-90B7-9DCCD0E9DEDD}D:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [{C19A9956-BB4D-4AEF-BC90-AC1BF0E62FFC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{669D4266-9C79-4819-AA2E-9CA6F9C3B0C5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0E73EAD9-42ED-4578-89E8-0D066AE43416}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C95D7E8F-A9E0-4048-A2E4-661FFFB9EF7E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9D2E4CF0-4934-429C-9D7B-4417B1113D6D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2F366F59-F267-4491-A1D8-6F14A0FD78CB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{B8020800-11FB-4778-A6AB-043E619AD9CE}D:\program files\rockstar games\red dead redemption 2\rdr2.exe] => (Allow) D:\program files\rockstar games\red dead redemption 2\rdr2.exe => No File
FirewallRules: [UDP Query User{812AA974-D0FB-4983-8368-7D6908793371}D:\program files\rockstar games\red dead redemption 2\rdr2.exe] => (Allow) D:\program files\rockstar games\red dead redemption 2\rdr2.exe => No File
FirewallRules: [{CE58B156-E398-44D4-A760-BD3B6F8352FD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe => No File
FirewallRules: [{361DC246-80F9-4A0C-9A09-225F3D1EA5F2}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe => No File
FirewallRules: [{CC853612-7F62-45E1-9021-38877C4CFEBD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe => No File
FirewallRules: [{A8AADD45-3DFA-41FB-ACD2-5D7584F472C0}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe => No File
FirewallRules: [TCP Query User{E71A1417-012F-49FE-BCB0-83D18127E08C}D:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe => No File
FirewallRules: [UDP Query User{5103122E-B0BF-4108-AA8E-89A1EDDB7853}D:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe => No File
FirewallRules: [{E918BE3F-07A2-4E0E-9665-8603D9CAFAAF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B84A8023-24F3-4D08-8BFD-E12D057BEAC7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{471A4B0A-0ED5-486E-A6C1-BE3D6F2372BD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DE819B61-5DA8-43AA-AFF1-D1549E644F48}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{22FAB443-2362-4649-AEEB-93744B5BD38F}] => (Allow) E:\Program Files (x86)\SteamLibrary\steamapps\common\TellMeWhy\TME-Win64-Shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{AA9D3AA6-7DAF-4E60-B658-3564D3B64269}] => (Allow) E:\Program Files (x86)\SteamLibrary\steamapps\common\TellMeWhy\TME-Win64-Shipping.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{4566379C-BEAE-4342-A548-BD5C1BF7FDCB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E81F396E-1136-4988-95ED-77805F24A99E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{535F8E0C-2A04-4195-8E77-515CA8740D6B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A80B500A-8892-4B98-BA03-4864D9AA9065}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3734F967-6E90-4EE0-A06B-4A4BA119892A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5377847A-44E3-4B9F-86A0-19F57A5B8732}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E15480DE-31D0-4155-8672-D0DBD539484E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{53C2AD67-AAD0-4D3A-8D28-781F29812610}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DA905494-2DC7-421C-AD6F-46E39D4E64B5}] => (Allow) E:\Program Files (x86)\SteamLibrary\steamapps\common\Shadow of the Tomb Raider\SOTTR.exe => No File
FirewallRules: [{05E42051-782C-4B81-B05D-2B96554FB7A0}] => (Allow) E:\Program Files (x86)\SteamLibrary\steamapps\common\Shadow of the Tomb Raider\SOTTR.exe => No File
FirewallRules: [{E2313541-D9C8-4417-A82B-365E4901D072}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CBE9108C-3468-4692-98F0-32EDE99C0662}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{61DC0D54-102A-4555-8568-AF148C7656CE}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{20F62B61-973D-448D-9209-F007F7075178}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{B74F0FE2-361A-4D65-AF52-755D6F2AEB36}] => (Allow) E:\Program Files (x86)\SteamLibrary\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe () [File not signed]
FirewallRules: [{A37B387C-DF5B-42AB-AC73-9A0DCA93CDC6}] => (Allow) E:\Program Files (x86)\SteamLibrary\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe () [File not signed]
FirewallRules: [{51E7E815-C833-4B6F-92BC-CA00B4956D54}] => (Allow) C:\Users\Kuba\AppData\Local\Programs\Opera\79.0.4143.50\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{EF772662-B13E-45E4-BCA9-38720026B8D9}] => (Allow) E:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin_LE\TS4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{D7A74330-6DFD-436E-A93D-90112FF839A8}] => (Allow) E:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin_LE\TS4.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{30D2FA92-58A2-4AA2-B882-595EF23F50D4}] => (Allow) E:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{E4E5A648-938A-4F5E-BB4B-17C7F908711F}] => (Allow) E:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{5690FD5A-9AA0-49E5-BCCB-3BE5BB00E23F}] => (Allow) C:\Users\Kuba\AppData\Local\Programs\Opera\79.0.4143.72\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{BA7FFBB9-1A82-4A86-AFDE-08DE9E94822A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{98F864D6-D40A-4994-878C-F062BB99B4AB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{18442D6F-05BF-4C3F-A89D-EC2A03789A5A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BB0F8249-3EAC-4832-9912-B757E86CE856}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3C784975-5D69-4E85-9C44-56E9AB75901E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C15FE2DA-952C-47D6-80A1-209626E025D8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

08-10-2021 18:11:28 Installed Windows PC Health Check
11-10-2021 03:35:41 JRT Pre-Junkware Removal
11-10-2021 03:38:48 Installed Sophos Virus Removal Tool.
11-10-2021 13:32:50 Revo Uninstaller Pro's restore point - Popcorn Time
11-10-2021 23:06:45 zoek.exe restore point

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (10/11/2021 11:04:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: zoek.exe, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1202, časové razítko: 0x448a4f5d
Kód výjimky: 0xc0000409
Posun chyby: 0x0012b5b2
ID chybujícího procesu: 0x62d0
Čas spuštění chybující aplikace: 0x01d7bee3959b617a
Cesta k chybující aplikaci: C:\Users\Kuba\Desktop\zoek.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 304652cf-afcb-4169-8fb0-43aaa137bc43
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/11/2021 09:05:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: aida64.exe, verze: 6.25.5400.0, časové razítko: 0x2a425e19
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.1202, časové razítko: 0xef8beaeb
Kód výjimky: 0xc0000005
Posun chyby: 0x00087c7a
ID chybujícího procesu: 0x2a44
Čas spuštění chybující aplikace: 0x01d7bed2ef674752
Cesta k chybující aplikaci: C:\Program Files (x86)\FinalWire\AIDA64 Extreme\aida64.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: f92bbc46-10e6-42ab-b69c-e22ef24aeb96
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/11/2021 01:32:50 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {dbdb1451-d0da-4354-809e-d517105fd4e6}

Error: (10/11/2021 10:52:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GameFirst IV.exe, verze: 1.5.31.0, časové razítko: 0x57e4973f
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x084401c2
ID chybujícího procesu: 0x41b8
Čas spuštění chybující aplikace: 0x01d7be7cdb963559
Cesta k chybující aplikaci: C:\Program Files (x86)\ASUS\GameFirst IV\GameFirst IV.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 6bf878c3-2bea-477a-a7cf-be3079657f80
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/11/2021 10:52:38 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: GameFirst IV.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.NullReferenceException
na GameFirst_IV_4.EventHandler.messageControl()
na System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
na System.Threading.ThreadHelper.ThreadStart()

Error: (10/09/2021 05:02:21 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (10/06/2021 09:42:15 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL na řádku 1.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definice je UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (10/05/2021 11:29:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MassEffect1.exe, verze: 2.0.0.48602, časové razítko: 0x60aeefa2
Název chybujícího modulu: MassEffect1.exe, verze: 2.0.0.48602, časové razítko: 0x60aeefa2
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000012df33
ID chybujícího procesu: 0x1700
Čas spuštění chybující aplikace: 0x01d7ba066ca918db
Cesta k chybující aplikaci: D:\Program Files (x86)\Steam\steamapps\common\Mass Effect Legendary Edition\Game\ME1\Binaries\Win64\MassEffect1.exe
Cesta k chybujícímu modulu: D:\Program Files (x86)\Steam\steamapps\common\Mass Effect Legendary Edition\Game\ME1\Binaries\Win64\MassEffect1.exe
ID zprávy: 686506d0-4823-41db-9b46-0a9fba13ecaa
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (10/12/2021 11:20:32 PM) (Source: nvlddmkm) (EventID: 14) (User: )
Description: Event-ID 14

Error: (10/12/2021 12:34:00 PM) (Source: nvlddmkm) (EventID: 14) (User: )
Description: Event-ID 14

Error: (10/12/2021 12:33:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AMDRyzenMasterDriverV15 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (10/12/2021 12:31:34 PM) (Source: nvlddmkm) (EventID: 14) (User: )
Description: Event-ID 14

Error: (10/12/2021 12:31:30 PM) (Source: nvlddmkm) (EventID: 14) (User: )
Description: Event-ID 14

Error: (10/12/2021 12:01:25 AM) (Source: nvlddmkm) (EventID: 14) (User: )
Description: Event-ID 14

Error: (10/12/2021 12:01:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AMDRyzenMasterDriverV15 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (10/11/2021 11:59:22 PM) (Source: nvlddmkm) (EventID: 14) (User: )
Description: Event-ID 14


Windows Defender:
================
Date: 2021-02-15 14:34:19
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {EFC4BB62-AD73-49DF-BCB4-59A0F40D83D3}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-02-13 14:08:21
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {6C1F1610-D66C-4BDB-9C84-A840D2A865DF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-02-06 13:22:30
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {14233A41-E1C3-440C-A2F1-D8F3FFC2E1CD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-02-04 16:56:29
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {11408366-B009-4F78-B3A2-D80F2EAAB43E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-01-31 21:35:01
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {89FA56BE-7ACB-481F-AA87-BD87FF459C8A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2021-10-12 23:24:14
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2021-10-12 12:43:53
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dokannp1.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-10-12 12:34:22
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 7501 09/23/2019
Motherboard: ASUSTeK COMPUTER INC. ROG CROSSHAIR VI EXTREME
Processor: AMD Ryzen 7 3700X 8-Core Processor
Percentage of memory in use: 18%
Total physical RAM: 32694.9 MB
Available physical RAM: 26801.01 MB
Total Virtual: 34742.9 MB
Available Virtual: 26821.03 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:243.51 GB) (Free:111.55 GB) NTFS
Drive d: () (Fixed) (Total:709.73 GB) (Free:431.15 GB) NTFS
Drive e: () (Fixed) (Total:931.5 GB) (Free:369.42 GB) NTFS
Drive g: (Google Drive) (Fixed) (Total:200 GB) (Free:100.51 GB) FAT32

\\?\Volume{8c4d0bea-b436-43c5-ac7b-3643cbdad268}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
\\?\Volume{6d9463e6-d556-4f13-8b22-4179e4ec127c}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==================== End of Addition.txt =======================
Fractal Design Define S2 bílá // ASUS CROSSHAIR VI EXTREME - AMD X370 // AMD Ryzen 7 3700X // GIGABYTE GeForce RTX 2080Ti WindForce OC 11G, 11GB GDDR6 // G.SKILL 2x16 GB DDR4 3200Mhz Trident Z RGB NEO // ADATA XPG GAMMIX S11 Pro M.2 NVMe 1.3 - 1TB // Corsair RMx RM650x (v.2018) // Be quiet! Dark Rock PRO 4 // Windows 10 Pro // 49" ASUS XG49VQ
CZC https://bit.ly/30fHPMp

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 41866
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Podivné chování

Příspěvekod jaro3 » 13 říj 2021 00:29

Ano , aplikací Memtestu musí být spuštěno , jedna na každých 2GB.

Lepší bude tohle:
Memtest 86
http://www.memtest86.com/
klikni vlevo na Free Download , vyber:
ISO image for creating bootable CD (Windows - zip) , stáhni , rozbal , otevři , vypal třeba v programu:
http://www.slunecnice.cz/sw/active-iso-burner/
Vlož do mechaniky a nabootuj z něj.
Test udělej alespoň 8h ( přes noc).

http://www.memtest86.com/download.htm
http://www.eopcservis.cz/jak-otestovat-ram.html
http://www.memtest86.com/download.htm
pro USB:
http://www.memtest86.com/downloads/memt ... sb.img.zip

https://www.memtest86.com/screenshots.html

Možná dojde ke smazání některý doplňlů , které nemají jméno , v prohlížeči Chrome.

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\...\MountPoints2: {38928955-2ffd-11eb-8d5a-2cfda15b68ee} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\...\MountPoints2: {38928afb-2ffd-11eb-8d5a-2cfda15b68ee} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\...\MountPoints2: {3ba56f04-898e-11eb-8d93-646e6960af23} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\...\MountPoints2: {3ba56f36-898e-11eb-8d93-646e6960af23} - "F:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {0F6C14F7-C0A0-40BA-BF69-594CFF4A7C00} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-10-10] (Google Inc -> Google LLC)
Task: {1B37A594-AA2E-4A3F-A319-028B73687E96} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-10-10] (Google Inc -> Google LLC)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKU\S-1-5-21-2166569075-3562328185-4131405611-1002\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
CHR HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/deta ... fdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
SearchScopes: HKU\S-1-5-21-2166569075-3562328185-4131405611-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
FirewallRules: [UDP Query User{A6BBCC42-2526-4E47-8F00-B254438F9A1D}D:\program files (x86)\origin games\titanfall2\titanfall2.exe] => (Allow) D:\program files (x86)\origin games\titanfall2\titanfall2.exe => No File
FirewallRules: [TCP Query User{A9563B74-B6EA-4262-8274-1C8524B0284D}D:\program files (x86)\origin games\titanfall2\titanfall2.exe] => (Allow) D:\program files (x86)\origin games\titanfall2\titanfall2.exe => No File
FirewallRules: [TCP Query User{B8020800-11FB-4778-A6AB-043E619AD9CE}D:\program files\rockstar games\red dead redemption 2\rdr2.exe] => (Allow) D:\program files\rockstar games\red dead redemption 2\rdr2.exe => No File
FirewallRules: [UDP Query User{812AA974-D0FB-4983-8368-7D6908793371}D:\program files\rockstar games\red dead redemption 2\rdr2.exe] => (Allow) D:\program files\rockstar games\red dead redemption 2\rdr2.exe => No File
FirewallRules: [{CE58B156-E398-44D4-A760-BD3B6F8352FD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe => No File
FirewallRules: [{361DC246-80F9-4A0C-9A09-225F3D1EA5F2}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe => No File
FirewallRules: [{CC853612-7F62-45E1-9021-38877C4CFEBD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe => No File
FirewallRules: [{A8AADD45-3DFA-41FB-ACD2-5D7584F472C0}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe => No File
FirewallRules: [TCP Query User{E71A1417-012F-49FE-BCB0-83D18127E08C}D:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe => No File
FirewallRules: [UDP Query User{5103122E-B0BF-4108-AA8E-89A1EDDB7853}D:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe => No File
FirewallRules: [{DA905494-2DC7-421C-AD6F-46E39D4E64B5}] => (Allow) E:\Program Files (x86)\SteamLibrary\steamapps\common\Shadow of the Tomb Raider\SOTTR.exe => No File
FirewallRules: [{05E42051-782C-4B81-B05D-2B96554FB7A0}] => (Allow) E:\Program Files (x86)\SteamLibrary\steamapps\common\Shadow of the Tomb Raider\SOTTR.exe => No File

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

zik9
Level 3.5
Level 3.5
Příspěvky: 854
Registrován: červenec 12
Bydliště: Plzeň
Pohlaví: Muž

Re: Podivné chování

Příspěvekod zik9 » 13 říj 2021 00:51

Memtest tedy spustím přes noc.

Fix result of Farbar Recovery Scan Tool (x64) Version: 12-10-2021
Ran by Kuba (13-10-2021 00:45:53) Run:1
Running from C:\Users\Kuba\Desktop
Loaded Profiles: Kuba & Luděk
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\...\MountPoints2: {38928955-2ffd-11eb-8d5a-2cfda15b68ee} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\...\MountPoints2: {38928afb-2ffd-11eb-8d5a-2cfda15b68ee} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\...\MountPoints2: {3ba56f04-898e-11eb-8d93-646e6960af23} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\...\MountPoints2: {3ba56f36-898e-11eb-8d93-646e6960af23} - "F:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {0F6C14F7-C0A0-40BA-BF69-594CFF4A7C00} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-10-10] (Google Inc -> Google LLC)
Task: {1B37A594-AA2E-4A3F-A319-028B73687E96} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-10-10] (Google Inc -> Google LLC)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKU\S-1-5-21-2166569075-3562328185-4131405611-1002\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
CHR HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/deta ... fdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
SearchScopes: HKU\S-1-5-21-2166569075-3562328185-4131405611-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
FirewallRules: [UDP Query User{A6BBCC42-2526-4E47-8F00-B254438F9A1D}D:\program files (x86)\origin games\titanfall2\titanfall2.exe] => (Allow) D:\program files (x86)\origin games\titanfall2\titanfall2.exe => No File
FirewallRules: [TCP Query User{A9563B74-B6EA-4262-8274-1C8524B0284D}D:\program files (x86)\origin games\titanfall2\titanfall2.exe] => (Allow) D:\program files (x86)\origin games\titanfall2\titanfall2.exe => No File
FirewallRules: [TCP Query User{B8020800-11FB-4778-A6AB-043E619AD9CE}D:\program files\rockstar games\red dead redemption 2\rdr2.exe] => (Allow) D:\program files\rockstar games\red dead redemption 2\rdr2.exe => No File
FirewallRules: [UDP Query User{812AA974-D0FB-4983-8368-7D6908793371}D:\program files\rockstar games\red dead redemption 2\rdr2.exe] => (Allow) D:\program files\rockstar games\red dead redemption 2\rdr2.exe => No File
FirewallRules: [{CE58B156-E398-44D4-A760-BD3B6F8352FD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe => No File
FirewallRules: [{361DC246-80F9-4A0C-9A09-225F3D1EA5F2}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe => No File
FirewallRules: [{CC853612-7F62-45E1-9021-38877C4CFEBD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe => No File
FirewallRules: [{A8AADD45-3DFA-41FB-ACD2-5D7584F472C0}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe => No File
FirewallRules: [TCP Query User{E71A1417-012F-49FE-BCB0-83D18127E08C}D:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe => No File
FirewallRules: [UDP Query User{5103122E-B0BF-4108-AA8E-89A1EDDB7853}D:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe => No File
FirewallRules: [{DA905494-2DC7-421C-AD6F-46E39D4E64B5}] => (Allow) E:\Program Files (x86)\SteamLibrary\steamapps\common\Shadow of the Tomb Raider\SOTTR.exe => No File
FirewallRules: [{05E42051-782C-4B81-B05D-2B96554FB7A0}] => (Allow) E:\Program Files (x86)\SteamLibrary\steamapps\common\Shadow of the Tomb Raider\SOTTR.exe => No File

EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{38928955-2ffd-11eb-8d5a-2cfda15b68ee} => removed successfully
HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{38928afb-2ffd-11eb-8d5a-2cfda15b68ee} => removed successfully
HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3ba56f04-898e-11eb-8d93-646e6960af23} => removed successfully
HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3ba56f36-898e-11eb-8d93-646e6960af23} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0F6C14F7-C0A0-40BA-BF69-594CFF4A7C00}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0F6C14F7-C0A0-40BA-BF69-594CFF4A7C00}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1B37A594-AA2E-4A3F-A319-028B73687E96}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1B37A594-AA2E-4A3F-A319-028B73687E96}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\SOFTWARE\Microsoft\Edge\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm => removed successfully
HKU\S-1-5-21-2166569075-3562328185-4131405611-1002\SOFTWARE\Microsoft\Edge\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm => removed successfully
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.10 => removed successfully
C:\Program Files\VideoLAN\VLC\npvlc.dll => moved successfully
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.11 => removed successfully
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => not found
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.8 => removed successfully
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => not found
HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKU\S-1-5-21-2166569075-3562328185-4131405611-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A6BBCC42-2526-4E47-8F00-B254438F9A1D}D:\program files (x86)\origin games\titanfall2\titanfall2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A9563B74-B6EA-4262-8274-1C8524B0284D}D:\program files (x86)\origin games\titanfall2\titanfall2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B8020800-11FB-4778-A6AB-043E619AD9CE}D:\program files\rockstar games\red dead redemption 2\rdr2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{812AA974-D0FB-4983-8368-7D6908793371}D:\program files\rockstar games\red dead redemption 2\rdr2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CE58B156-E398-44D4-A760-BD3B6F8352FD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{361DC246-80F9-4A0C-9A09-225F3D1EA5F2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CC853612-7F62-45E1-9021-38877C4CFEBD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A8AADD45-3DFA-41FB-ACD2-5D7584F472C0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E71A1417-012F-49FE-BCB0-83D18127E08C}D:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5103122E-B0BF-4108-AA8E-89A1EDDB7853}D:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DA905494-2DC7-421C-AD6F-46E39D4E64B5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{05E42051-782C-4B81-B05D-2B96554FB7A0}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 103876445 B
Java, Flash, Steam htmlcache => 779970041 B
Windows/system/drivers => 18098781 B
Edge => 0 B
Chrome => 1423974305 B
Firefox => 671806 B
Opera => 33143963 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 53288 B
NetworkService => 57534 B
Kuba => 32166282 B
Luděk => 32245363 B

RecycleBin => 221105029 B
EmptyTemp: => 2.5 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 00:48:40 ====
Fractal Design Define S2 bílá // ASUS CROSSHAIR VI EXTREME - AMD X370 // AMD Ryzen 7 3700X // GIGABYTE GeForce RTX 2080Ti WindForce OC 11G, 11GB GDDR6 // G.SKILL 2x16 GB DDR4 3200Mhz Trident Z RGB NEO // ADATA XPG GAMMIX S11 Pro M.2 NVMe 1.3 - 1TB // Corsair RMx RM650x (v.2018) // Be quiet! Dark Rock PRO 4 // Windows 10 Pro // 49" ASUS XG49VQ
CZC https://bit.ly/30fHPMp

zik9
Level 3.5
Level 3.5
Příspěvky: 854
Registrován: červenec 12
Bydliště: Plzeň
Pohlaví: Muž

Re: Podivné chování

Příspěvekod zik9 » 13 říj 2021 11:52

Tak to přes noc běželo, ale ne 8 hodin. Samo se to dodělalo po 6:14. Vadí to?
Nemáte oprávnění prohlížet přiložené soubory.
Fractal Design Define S2 bílá // ASUS CROSSHAIR VI EXTREME - AMD X370 // AMD Ryzen 7 3700X // GIGABYTE GeForce RTX 2080Ti WindForce OC 11G, 11GB GDDR6 // G.SKILL 2x16 GB DDR4 3200Mhz Trident Z RGB NEO // ADATA XPG GAMMIX S11 Pro M.2 NVMe 1.3 - 1TB // Corsair RMx RM650x (v.2018) // Be quiet! Dark Rock PRO 4 // Windows 10 Pro // 49" ASUS XG49VQ
CZC https://bit.ly/30fHPMp

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 41866
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Podivné chování

Příspěvekod jaro3 » 13 říj 2021 16:25

RAM OK , pokud byly všechny kontrolovány.

Co problémy?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

zik9
Level 3.5
Level 3.5
Příspěvky: 854
Registrován: červenec 12
Bydliště: Plzeň
Pohlaví: Muž

Re: Podivné chování

Příspěvekod zik9 » 13 říj 2021 23:23

V nastavení jsem nic neměnil, takže snad všechny. Jsou to ty z podpisu, takže 2x16 GB.
Problémy jsem zatím nezpozoroval. Uvidím jak se PC bude chovat při zítřejším spouštění a jak v průběhu pár dní bude reagovat chrome.
Zatím tedy děkuji, info za pár dní aktualizuji.
Fractal Design Define S2 bílá // ASUS CROSSHAIR VI EXTREME - AMD X370 // AMD Ryzen 7 3700X // GIGABYTE GeForce RTX 2080Ti WindForce OC 11G, 11GB GDDR6 // G.SKILL 2x16 GB DDR4 3200Mhz Trident Z RGB NEO // ADATA XPG GAMMIX S11 Pro M.2 NVMe 1.3 - 1TB // Corsair RMx RM650x (v.2018) // Be quiet! Dark Rock PRO 4 // Windows 10 Pro // 49" ASUS XG49VQ
CZC https://bit.ly/30fHPMp


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: CommonCrawl [Bot] a 2 hosti