Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2023
Ran by danha (administrator) on CISLOCZ (ASUS System Product Name) (07-12-2023 17:50:30)
Running from C:\Users\danha\Desktop\logtest program\FRST64.exe
Loaded Profiles: danha
Platform: Microsoft Windows 11 Pro Version 23H2 22631.2792 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.30700.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\119.0.2151.97\msedgewebview2.exe <7>
(explorer.exe ->) (A FOUR TECH CO., LTD. -> ) C:\Program Files (x86)\Bloody7\Bloody7\Bloody7.exe
(explorer.exe ->) (Creative Technology Ltd -> Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Command\Creative.SBCommand.exe
(explorer.exe ->) (The qBittorrent Project) [File not signed] C:\Program Files\qBittorrent\qbittorrent.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler64.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.01.12\AsusFanControlService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.02.12\atkexComSvc.exe
(services.exe ->) (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\PresentMon\Service\PresentMonService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd) C:\Windows\SysWOW64\CtxSvc32.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_31dab972145ae5a9\Display.NvContainer\NVDisplay.Container.exe <2>
(svchost.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2311.1001.7.0_x64__8wekyb3d8bbwe\XboxGameBarWidgets.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2311.1001.7.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.30700.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [195576 2023-11-14] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [Creative.SBCommand] => C:\Program Files (x86)\Creative\Sound Blaster Command\Creative.SBCommand.exe [207984 2022-11-08] (Creative Technology Ltd -> Creative Technology Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [748624 2023-10-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\Run: [MicrosoftEdgeAutoLaunch_739984D67ED48D532AB489E0D9A494F2] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3896768 2023-11-29] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody7\Bloody7\Bloody7.exe [20998160 2022-11-29] (A FOUR TECH CO., LTD. -> )
HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\Run: [Creative.SBCommand.exe] => C:\Program Files (x86)\Creative\Sound Blaster Command\Creative.SBCommand.exe [207984 2022-11-08] (Creative Technology Ltd -> Creative Technology Ltd)
HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\MountPoints2: {9922213d-8a37-11ee-a06c-f8d6f4591554} - "F:\setup.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\119.0.6045.200\Installer\chrmstp.exe [2023-12-01] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {45F258B7-8877-433F-B7BA-AACC4B29C986} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2159944 2021-10-18] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {DBF09162-E610-4629-8706-9F8479458DE9} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [1471104 2021-10-22] (ASUSTeK Computer Inc. -> )
Task: {D0558203-06BA-42C1-8E7B-D8566AF1713D} - System32\Tasks\GoogleUpdateTaskMachineCore{F0E87F3C-5E8F-496C-9262-B32CF193462E} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-08-24] (Google LLC -> Google LLC)
Task: {58438B8C-E72B-441E-8E00-C7DFA19A5377} - System32\Tasks\GoogleUpdateTaskMachineUA{3006C261-15EA-498F-97CA-C4886A2E3A2B} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-08-24] (Google LLC -> Google LLC)
Task: {FFB3FFE9-15DD-48ED-87CC-8DE7037F6829} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28175336 2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {3D2C275A-3AB0-49CF-8E50-4911313FF01E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28175336 2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {CC741DF0-150A-458B-92A7-458EA3663BED} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306624 2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {CEA9E664-D508-4F3C-85D0-B1EB128DF5CB} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306624 2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {EC98FB80-54D1-40A6-BCE9-9A0967E3B75D} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [169144 2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {56DBF762-3431-46FA-B751-A6366746BEA4} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache => {07369A67-07A6-4608-ABEA-379491CB7C46} C:\Windows\System32\UpdatePolicy.dll [137176 2023-12-05] (Microsoft Windows -> Microsoft Corporation)
Task: {ECC598D5-83CC-4B9F-B40B-47389F32AA66} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [674208 2023-12-01] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {F64E29E5-E2E3-47AA-B11E-E2AAC106578A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [35232 2023-12-01] (Mozilla Corporation -> Mozilla Foundation)
Task: {35D0A71C-09B7-4961-ABA9-CEC21840A18E} - System32\Tasks\nhAsusStrixSvc32Run => "C:\Program Files\ASUSTeKcomputer.Inc\nhAsusStrix\UserInterface\nhAsusStrixSvc32.exe" $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7) (No File)
Task: {948182B9-C6B8-4DB2-9FB1-F915FF8E6223} - System32\Tasks\nhAsusStrixSvc64Run => "C:\Program Files\ASUSTeKcomputer.Inc\nhAsusStrix\UserInterface\x64\nhAsusStrixSvc64.exe" $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7) (No File)
Task: {9B58774F-EE08-4914-B387-22ADABE37878} - System32\Tasks\nhAsusStrixUILauncherRun => "C:\Program Files\ASUSTeKcomputer.Inc\nhAsusStrix\UserInterface\nhAsusStrixUILauncher.exe" $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7) (No File)
Task: {684431C9-1A8D-4E4F-A148-6B5B8EC69CCB} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {54E932C9-E9FB-488D-BB45-2714797D2BD6} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0BB99382-0978-4AB7-88A1-725490C462C9} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9E3A4652-0944-4AD5-A0F2-159389CC4DAB} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7CD92E15-107B-4D05-8779-F7446E432F45} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C447E570-D54D-4DB1-8272-EF0BFF84852B} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B5D7A0BB-5974-4795-80E1-197983EC073B} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3E75AB75-D914-44DF-8EC0-20F37746FC14} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {99EAABE2-C725-4FCB-BD2E-62BC1D62118D} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.15.1
Tcpip\..\Interfaces\{dfae9c32-e378-44ba-8e0b-6907294b931e}: [DhcpNameServer] 192.168.15.1
Edge:
=======
Edge Profile: C:\Users\danha\AppData\Local\Microsoft\Edge\User Data\Default [2023-12-04]
Edge Session Restore: Default -> is enabled.
Edge Extension: (Dokumenty Google offline) - C:\Users\danha\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-30]
Edge Extension: (Edge relevant text changes) - C:\Users\danha\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-17]
Edge HKLM-x32\...\Edge\Extension: [nkapkmklnmidbbgjaipbgpcnbomnaakc]
FireFox:
========
FF DefaultProfile: y7i35wwu.default
FF ProfilePath: C:\Users\danha\AppData\Roaming\Mozilla\Firefox\Profiles\y7i35wwu.default [2023-11-20]
FF ProfilePath: C:\Users\danha\AppData\Roaming\Mozilla\Firefox\Profiles\sylg3kto.default-release [2023-12-06]
FF Session Restore: Mozilla\Firefox\Profiles\sylg3kto.default-release -> is enabled.
FF Plugin: @java.com/DTPlugin,version=11.391.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-10-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.391.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-10-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2023-12-07]
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\danha\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-12-07]
CHR HomePage: Profile 1 -> hxxp://www.google.com/
CHR Session Restore: Profile 1 -> is enabled.
CHR Extension: (Překladač Google) - C:\Users\danha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-08-24]
CHR Extension: (BetterTTV) - C:\Users\danha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2023-11-18]
CHR Extension: (7TV) - C:\Users\danha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ammjkodgmmoknidbanneddgankgfejfh [2023-08-24]
CHR Extension: (Avira Password Manager) - C:\Users\danha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2023-11-03]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\danha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-11-29]
CHR Extension: (FrankerFaceZ) - C:\Users\danha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2023-08-24]
CHR Extension: (Return YouTube Dislike) - C:\Users\danha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gebbhagfogifgggkldgodflihgfeippi [2023-12-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\danha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-17]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\danha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-11-28]
CHR Extension: (Void Theme - Black and Minimal) - C:\Users\danha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kioklelcojgbjoljlilalgdcppkiioge [2023-08-24]
CHR Extension: (Shazam: Hledejte názvy skladeb v prohlížeči) - C:\Users\danha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mmioliijnhnoblpgimnlajmefafdfilb [2023-10-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\danha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-08-24]
CHR Extension: (Hlídač Shopů) - C:\Users\danha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\plmlonggbfebcjelncogcnclagkmkikk [2023-11-15]
CHR Profile: C:\Users\danha\AppData\Local\Google\Chrome\User Data\System Profile [2023-08-24]
CHR HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [oombnmpbbhbakfpfgdflaajkhicgfaam]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AORUS LCD Panel Service; C:\Program Files\GIGABYTE\Control Center\Lib\GBT_VGA\Service\MonitorService-exec.exe [371304 2023-06-21] (GIGA-BYTE TECHNOLOGY CO., LTD. -> CloudBees, Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.12\atkexComSvc.exe [457544 2021-10-01] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [313008 2021-02-02] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.01.12\AsusFanControlService.exe [2203464 2021-10-13] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 AsusUpdateCheck; C:\Windows\System32\AsusUpdateCheck.exe [845256 2023-12-06] (ASUSTeK Computer Inc. -> )
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15772456 2023-11-25] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13233744 2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
S3 CloudBackupRestoreSvc; C:\Windows\System32\CloudRestoreLauncher.dll [1376256 2023-12-05] (Microsoft Windows -> Microsoft Corporation)
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [458240 2020-03-12] (Creative Technology Ltd) [File not signed]
R2 CtxSvc32; C:\Windows\sysWow64\CtxSvc32.exe [167416 2022-12-20] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [955816 2023-09-26] (EasyAntiCheat Oy -> Epic Games, Inc.)
R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [2537928 2023-11-14] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3850920 2023-11-14] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3850920 2023-11-14] (ESET, spol. s r.o. -> ESET)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-05-01] (Epic Games Inc. -> Epic Games, Inc.)
S3 GameInputSvc; C:\Windows\System32\GameInputSvc.exe [71288 2023-12-05] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_31dab972145ae5a9\Display.NvContainer\NVDisplay.Container.exe [1275424 2023-11-30] (NVIDIA Corporation -> NVIDIA Corporation)
R2 PresentMonService; C:\Program Files\Intel\PresentMon\Service\PresentMonService.exe [1097264 2023-10-12] (Intel Corporation -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534592 2023-12-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\NisSrv.exe [3116904 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe [133584 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AmdTools64; C:\Windows\System32\drivers\AmdTools64.sys [63392 2020-06-16] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [34384 2021-06-01] (ASUSTeK Computer Inc. -> )
R1 Asusgio3; C:\Windows\system32\drivers\AsIO3.sys [43160 2021-07-25] (ASUSTeK Computer Inc. -> )
S3 ASUSSC150; C:\Windows\system32\DRIVERS\ASUSSC150.sys [3805696 2016-12-07] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTeK)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [532480 2023-05-05] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [184320 2023-05-05] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
R3 CtxHda; C:\Windows\system32\drivers\CtxHda.sys [1227280 2022-12-20] (Creative Technology Ltd -> Creative Technology Ltd)
R3 CtxHdb; C:\Windows\system32\DRIVERS\Ctxhdb.sys [64056 2022-12-20] (Creative Technology Ltd -> Creative Technology Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [215616 2023-11-14] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [120032 2023-11-14] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [16336 2023-11-14] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [254344 2023-11-14] (ESET, spol. s r.o. -> ESET)
S4 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [55528 2023-11-14] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [81824 2023-11-14] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [124168 2023-11-14] (ESET, spol. s r.o. -> ESET)
R3 IOMap; C:\Windows\system32\drivers\IOMap64.sys [34064 2021-10-13] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 MTKBTFilterx64; C:\Windows\System32\drivers\mtkbtfilterx.sys [361472 2022-11-16] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 mtkwlex; C:\Windows\System32\drivers\mtkwl6ex.sys [1617920 2022-11-20] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2023-08-15] (Nvidia Corporation -> NVIDIA Corporation)
R3 rt25cx21; C:\Windows\System32\DriverStore\FileRepository\rt25cx21x64sta.inf_amd64_dd00ea3bb081bca5\rt25cx21x64.sys [752600 2023-08-20] (Realtek Semiconductor Corp. -> Realtek)
S3 rtcx21; C:\Windows\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
S4 UCPD; C:\Windows\System32\drivers\UCPD.sys [33792 2023-12-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [55856 2023-10-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [572712 2023-10-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105872 2023-10-05] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz152; \??\C:\Windows\temp\cpuz152\cpuz152_x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-12-07 17:50 - 2023-12-07 17:50 - 000000000 ____D C:\FRST
2023-12-07 17:48 - 2023-12-07 17:50 - 000000000 ____D C:\Users\danha\Desktop\logtest program
2023-12-07 13:12 - 2023-12-07 13:12 - 000019028 _____ C:\Users\danha\Downloads\[SkT]Special_Ops_Lioness_S01E06_-_Lež_je_pravdou_(CZ)[1080p][WEBRip][HEVC]_=_CSFD_69%.torrent
2023-12-07 13:12 - 2023-12-07 13:12 - 000011150 _____ C:\Users\danha\Downloads\[SkT]Special_Ops_Lioness_S01E07_-_Ať_boj_skončí_(CZ)[1080p][WEBRip][HEVC]_=_CSFD_69%.torrent
2023-12-07 13:11 - 2023-12-07 13:11 - 000019566 _____ C:\Users\danha\Downloads\[SkT]Special_Ops_Lioness_S01E03_-_Rána_pěstí_(CZ)[1080p][WEBRip][HEVC]_=_CSFD_70%.torrent
2023-12-07 13:11 - 2023-12-07 13:11 - 000019461 _____ C:\Users\danha\Downloads\[SkT]Special_Ops_Lioness_S01E02_-_Výprask_(CZ)[1080p][WEBRip][HEVC]_=_CSFD_68%.torrent
2023-12-07 13:11 - 2023-12-07 13:11 - 000018570 _____ C:\Users\danha\Downloads\[SkT]Special_Ops_Lioness_S01E04_-_Volba_neúspěchu_(CZ)[1080p][WEBRip][HEVC]_=_CSFD_69%.torrent
2023-12-07 13:11 - 2023-12-07 13:11 - 000017986 _____ C:\Users\danha\Downloads\[SkT]Special_Ops_Lioness_S01E05_-_Pravda_je_ta_nejchytřejší_lež_(CZ)[1080p][WEBRip][HEVC]_=_CSFD_69%.torrent
2023-12-07 13:10 - 2023-12-07 13:10 - 000019010 _____ C:\Users\danha\Downloads\[SkT]Special_Ops_Lioness_S01E01_-_Obětní_vojáci__(CZ)[1080p][WEBRip][HEVC]_=_CSFD_68%.torrent
2023-12-07 13:05 - 2023-12-07 13:05 - 000125633 _____ C:\Users\danha\Downloads\[SkT]_Rod___Kin_S01_(CZ_EN)[WEB-DL][1080p]_=_CSFD_71%.torrent
2023-12-07 13:04 - 2023-12-07 13:04 - 000020065 _____ C:\Users\danha\Downloads\[SkT]Myška_Pattie__Na_vlnách_dobrodružství___Pattie_et_la_colère_de_Poséidon_(2022)(CZ_SK)[WebRip][1080p]_=_CSFD_70%.torrent
2023-12-07 07:11 - 2023-12-07 07:11 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2023-12-06 17:14 - 2023-12-07 10:35 - 000000225 _____ C:\Users\danha\Desktop\krevetky a pavi ocka.txt
2023-12-06 06:29 - 2023-12-06 06:29 - 000691102 _____ C:\Windows\system32\perfh005.dat
2023-12-06 06:29 - 2023-12-06 06:29 - 000143008 _____ C:\Windows\system32\perfc005.dat
2023-12-05 18:44 - 2023-12-05 18:45 - 000000000 ____D C:\Windows\LastGood.Tmp
2023-12-05 18:43 - 2023-11-30 10:11 - 001246288 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2023-12-05 18:43 - 2023-11-30 10:11 - 001246288 _____ C:\Windows\SysWOW64\vulkan-1.dll
2023-12-05 18:43 - 2023-11-30 10:11 - 000850512 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2023-12-05 18:43 - 2023-11-30 10:11 - 000850512 _____ C:\Windows\system32\vulkaninfo.exe
2023-12-05 18:43 - 2023-11-30 10:11 - 000731216 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-12-05 18:43 - 2023-11-30 10:11 - 000731216 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2023-12-05 18:43 - 2023-11-30 10:10 - 001487472 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2023-12-05 18:43 - 2023-11-30 10:10 - 001423960 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2023-12-05 18:43 - 2023-11-30 10:10 - 001423960 _____ C:\Windows\system32\vulkan-1.dll
2023-12-05 18:43 - 2023-11-30 10:10 - 001226760 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2023-12-05 18:43 - 2023-11-30 10:07 - 001541152 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2023-12-05 18:43 - 2023-11-30 10:07 - 001198192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2023-12-05 18:43 - 2023-11-30 10:07 - 000670240 _____ (NVIDIA Corporation) C:\Windows\system32\nvofapi64.dll
2023-12-05 18:43 - 2023-11-30 10:07 - 000505376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvofapi.dll
2023-12-05 18:43 - 2023-11-30 10:06 - 002170992 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2023-12-05 18:43 - 2023-11-30 10:06 - 001624712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2023-12-05 18:43 - 2023-11-30 10:06 - 000996976 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2023-12-05 18:43 - 2023-11-30 10:06 - 000810096 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2023-12-05 18:43 - 2023-11-30 10:06 - 000774280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2023-12-05 18:43 - 2023-11-30 10:05 - 015095840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2023-12-05 18:43 - 2023-11-30 10:05 - 012375584 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2023-12-05 18:43 - 2023-11-30 10:05 - 006461960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2023-12-05 18:43 - 2023-11-30 10:05 - 005862408 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll
2023-12-05 18:43 - 2023-11-30 10:05 - 005860472 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2023-12-05 18:43 - 2023-11-30 10:05 - 003619848 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2023-12-05 18:43 - 2023-11-30 10:05 - 000459912 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2023-12-05 18:42 - 2023-11-30 10:05 - 000853640 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2023-12-05 18:42 - 2023-11-30 00:05 - 000113947 _____ C:\Windows\system32\nvinfo.pb
2023-12-05 06:01 - 2023-12-05 06:02 - 000000000 ___HD C:\$WinREAgent
2023-12-04 20:41 - 2023-12-04 20:41 - 000099231 _____ C:\Users\danha\Downloads\[SkT]Sound_of_Freedom_(2023)_WEBRip_1080p_=_CSFD_77%.torrent
2023-12-04 14:14 - 2023-12-04 14:14 - 000000000 ____D C:\Users\danha\Desktop\balik prazdny
2023-12-04 12:32 - 2023-12-04 12:32 - 000020085 _____ C:\Users\danha\Downloads\[SkT]Tlapková_patrola_ve_velkofilmu___Paw_Patrol__The_Mighty_Movie_(2023)(CZ)[1080p]_=_CSFD_61%.torrent
2023-12-03 17:58 - 2023-12-03 18:12 - 000000000 ____D C:\Users\danha\Desktop\nod32
2023-12-03 10:55 - 2023-12-03 10:55 - 000043294 _____ C:\Users\danha\Downloads\[SkT]Modrooký_samuraj___Blue_Eye_Samurai_S01_(CZ)[WebRip][1080p]_=_CSFD_50%.torrent
2023-12-02 14:33 - 2023-12-02 14:33 - 000084948 _____ C:\ProgramData\agent.uninstall.1701523986.bdinstall.v2.bin
2023-12-02 14:28 - 2023-12-02 14:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2023-12-02 14:28 - 2023-12-02 14:28 - 000000000 ____D C:\ProgramData\ESET
2023-12-02 14:28 - 2023-12-02 14:28 - 000000000 ____D C:\Program Files\ESET
2023-12-02 14:25 - 2023-12-02 14:25 - 000459948 _____ C:\ProgramData\cl.uninstall.1701523510.bdinstall.v2.bin
2023-12-01 16:59 - 2023-12-01 16:59 - 000000000 ____D C:\Users\danha\AppData\Roaming\DOGE
2023-12-01 16:59 - 2023-12-01 16:59 - 000000000 ____D C:\Users\danha\AppData\Local\THE_PLANE_EFFECT
2023-12-01 16:57 - 2023-12-02 14:26 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-12-01 16:56 - 2023-12-01 16:56 - 000000597 _____ C:\Users\Public\Desktop\The Plane Effect.lnk
2023-12-01 10:30 - 2023-12-02 15:56 - 000000053 _____ C:\Users\danha\Desktop\jox erdomed.txt
2023-11-30 10:06 - 2023-12-02 14:25 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2023-11-30 08:17 - 2023-11-30 08:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2023-11-30 08:17 - 2023-11-30 08:17 - 000000000 ____D C:\Program Files\qBittorrent
2023-11-25 17:07 - 2023-11-25 17:07 - 000000000 ____D C:\Users\danha\AppData\Local\BattlEye
2023-11-25 16:55 - 2023-11-25 16:55 - 000091384 _____ C:\ProgramData\agent.update.1700927730.bdinstall.v2.bin
2023-11-25 12:54 - 2023-11-25 12:54 - 000000000 ____D C:\Users\danha\AppData\Local\nhAsusStrix1.1.22
2023-11-25 12:27 - 2023-11-26 11:34 - 000000000 ____D C:\Users\danha\Desktop\zvukovka
2023-11-25 11:26 - 2023-11-25 11:26 - 000000000 ____D C:\Users\danha\.insomniac
2023-11-25 11:20 - 2023-11-25 11:27 - 000000000 ____D C:\Users\danha\Documents\Ratchet & Clank - Rift Apart
2023-11-25 11:20 - 2023-11-25 11:20 - 000000000 ____D C:\Users\danha\AppData\Roaming\Insomniac Games
2023-11-24 19:53 - 2023-11-25 11:27 - 000000000 ____D C:\Users\danha\AppData\Roaming\FLT
2023-11-24 19:53 - 2023-11-24 19:53 - 000000000 ____D C:\Users\danha\AppData\Local\AdInfinitum
2023-11-23 14:15 - 2023-11-23 14:15 - 000000222 _____ C:\Users\danha\Desktop\Northgard.url
2023-11-23 14:12 - 2023-11-23 14:12 - 000000746 _____ C:\Users\Public\Desktop\Trine 5.lnk
2023-11-23 14:12 - 2023-11-23 14:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trine 5 [GOG.com]
2023-11-23 14:11 - 2023-11-23 14:11 - 000000000 ____D C:\ProgramData\GOG.com
2023-11-23 12:36 - 2023-11-23 12:36 - 000000000 ____D C:\Users\danha\Documents\My Games
2023-11-23 12:36 - 2023-11-23 12:36 - 000000000 ____D C:\Users\danha\AppData\Roaming\Goldberg SteamEmu Saves
2023-11-23 12:20 - 2023-12-05 15:18 - 000000083 _____ C:\Users\danha\Desktop\zubar.txt
2023-11-23 12:13 - 2023-11-23 12:13 - 000000218 _____ C:\Users\danha\AppData\Local\recently-used.xbel
2023-11-23 11:57 - 2023-11-23 11:57 - 000000000 ____D C:\Users\danha\AppData\Local\gtk-3.0
2023-11-20 16:35 - 2023-12-01 18:35 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-11-20 16:35 - 2023-11-20 16:35 - 000002048 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox — anonymní prohlížení.lnk
2023-11-20 16:35 - 2023-11-20 16:35 - 000000993 _____ C:\Users\Public\Desktop\Firefox.lnk
2023-11-20 16:35 - 2023-11-20 16:35 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2023-11-20 16:35 - 2023-11-20 16:35 - 000000000 ____D C:\Users\danha\AppData\Local\Mozilla
2023-11-18 13:32 - 2023-11-18 13:35 - 000000000 ____D C:\Users\danha\Desktop\klavesnice
2023-11-16 22:13 - 2023-11-16 22:13 - 000000000 ____D C:\Users\danha\AppData\LocalLow\Jumpship
2023-11-16 19:46 - 2023-11-16 19:46 - 000000000 ____D C:\Users\danha\Desktop\poker
2023-11-15 21:42 - 2023-11-15 21:45 - 000000000 ____D C:\Users\danha\Desktop\Letaky
2023-11-14 12:04 - 2023-11-14 12:04 - 000254344 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2023-11-14 12:04 - 2023-11-14 12:04 - 000215616 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2023-11-14 12:04 - 2023-11-14 12:04 - 000124168 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2023-11-14 12:04 - 2023-11-14 12:04 - 000120032 _____ (ESET) C:\Windows\system32\Drivers\edevmon.sys
2023-11-14 12:04 - 2023-11-14 12:04 - 000081824 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys
2023-11-14 12:04 - 2023-11-14 12:04 - 000055528 _____ (ESET) C:\Windows\system32\Drivers\ekbdflt.sys
2023-11-13 15:18 - 2023-11-25 16:09 - 000000000 ____D C:\Users\danha\AppData\Local\nhAsusStrix1.1.23
2023-11-13 15:17 - 2023-11-13 15:17 - 000003278 _____ C:\Windows\system32\Tasks\nhAsusStrixUILauncherRun
2023-11-13 15:17 - 2023-11-13 15:17 - 000003266 _____ C:\Windows\system32\Tasks\nhAsusStrixSvc64Run
2023-11-13 15:17 - 2023-11-13 15:17 - 000003258 _____ C:\Windows\system32\Tasks\nhAsusStrixSvc32Run
2023-11-13 15:17 - 2023-11-13 15:17 - 000000000 ____D C:\Program Files\ASUSTeKcomputer.Inc
2023-11-12 19:42 - 2023-11-12 19:42 - 000000000 ____D C:\Users\danha\AppData\Local\MG3
2023-11-12 03:16 - 2023-11-12 03:16 - 000000223 _____ C:\Users\danha\Desktop\Seen.url
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-12-07 17:48 - 2023-08-24 18:18 - 000000000 ____D C:\Program Files (x86)\Steam
2023-12-07 17:39 - 2023-08-24 17:15 - 000000000 ____D C:\Users\danha\AppData\Local\D3DSCache
2023-12-07 17:39 - 2023-08-24 17:04 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-12-07 17:39 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-12-07 17:38 - 2023-08-24 21:02 - 000000000 ____D C:\Users\danha\AppData\Roaming\qBittorrent
2023-12-07 17:11 - 2023-08-24 18:24 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-12-07 17:06 - 2023-08-24 17:39 - 000000000 ____D C:\Program Files (x86)\Google
2023-12-07 17:06 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemTemp
2023-12-07 16:55 - 2023-08-25 19:34 - 000000000 ____D C:\Users\danha\AppData\Roaming\discord
2023-12-07 16:04 - 2023-08-25 19:34 - 000002231 _____ C:\Users\danha\Desktop\Discord.lnk
2023-12-07 16:04 - 2023-08-25 19:34 - 000000000 ____D C:\Users\danha\AppData\Local\Discord
2023-12-07 16:01 - 2023-08-24 17:12 - 000000000 ____D C:\ProgramData\NVIDIA
2023-12-07 15:43 - 2022-05-07 06:22 - 000000000 ____D C:\Windows\INF
2023-12-07 14:19 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\AppReadiness
2023-12-07 07:11 - 2023-09-04 23:36 - 000000000 ____D C:\Program Files\Microsoft Office
2023-12-07 07:11 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-12-07 07:03 - 2023-08-24 17:15 - 000000000 ____D C:\Users\danha\AppData\Local\Packages
2023-12-07 07:03 - 2023-08-24 17:06 - 000000000 ____D C:\ProgramData\Packages
2023-12-07 07:03 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-12-06 21:01 - 2023-08-24 17:39 - 000003844 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{3006C261-15EA-498F-97CA-C4886A2E3A2B}
2023-12-06 21:01 - 2023-08-24 17:39 - 000003720 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{F0E87F3C-5E8F-496C-9262-B32CF193462E}
2023-12-06 16:06 - 2023-08-25 13:18 - 000000000 ____D C:\Users\danha\AppData\Roaming\EasyAntiCheat
2023-12-06 06:29 - 2023-08-24 17:14 - 001629566 _____ C:\Windows\system32\PerfStringBackup.INI
2023-12-06 06:22 - 2023-08-24 17:04 - 000901328 _____ () C:\Windows\system32\wpbbin.exe
2023-12-06 06:22 - 2023-08-24 17:04 - 000845256 _____ C:\Windows\system32\AsusUpdateCheck.exe
2023-12-06 06:22 - 2023-08-24 17:04 - 000012288 ___SH C:\DumpStack.log.tmp
2023-12-06 06:22 - 2023-08-24 17:04 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-12-06 06:21 - 2022-05-07 06:17 - 000524288 _____ C:\Windows\system32\config\BBI
2023-12-06 01:02 - 2023-08-24 17:13 - 000000000 ____D C:\Users\danha
2023-12-05 18:45 - 2023-08-24 17:17 - 000000000 ____D C:\Users\danha\AppData\Local\NVIDIA
2023-12-05 06:43 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2023-12-05 06:27 - 2023-08-24 17:04 - 000332520 _____ C:\Windows\system32\FNTCACHE.DAT
2023-12-05 06:27 - 2022-05-07 11:14 - 000000000 ____D C:\Windows\InboxApps
2023-12-05 06:27 - 2022-05-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-12-05 06:27 - 2022-05-07 06:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-12-05 06:27 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\UUS
2023-12-05 06:27 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-12-05 06:27 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\Dism
2023-12-05 06:27 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemResources
2023-12-05 06:27 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-12-05 06:27 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\oobe
2023-12-05 06:27 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\HealthAttestationClient
2023-12-05 06:27 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\Dism
2023-12-05 06:27 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\appraiser
2023-12-05 06:27 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ShellExperiences
2023-12-05 06:27 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ShellComponents
2023-12-05 06:27 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-12-05 06:27 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\bcastdvr
2023-12-05 06:27 - 2022-05-07 06:17 - 000000000 ____D C:\Windows\servicing
2023-12-05 06:04 - 2022-05-07 06:17 - 000000000 ____D C:\Windows\CbsTemp
2023-12-05 05:22 - 2023-08-24 17:04 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-12-05 05:22 - 2023-08-24 17:04 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-12-04 20:02 - 2023-10-23 19:50 - 000000000 ____D C:\Users\danha\Desktop\bazos
2023-12-03 10:34 - 2023-10-07 08:29 - 000000000 ____D C:\Windows\Minidump
2023-12-02 17:25 - 2023-09-11 11:39 - 000000000 ____D C:\Users\danha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2023-12-02 14:28 - 2022-05-07 06:24 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-12-02 14:26 - 2023-11-02 08:03 - 000000000 ____D C:\Program Files\Bitdefender
2023-12-02 14:26 - 2023-08-24 18:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-12-02 14:25 - 2023-11-02 08:03 - 000000000 ____D C:\ProgramData\Bitdefender
2023-12-02 14:25 - 2022-05-07 06:17 - 000065536 _____ C:\Windows\system32\config\ELAM
2023-12-02 14:12 - 2023-09-11 08:50 - 000000000 ____D C:\Users\danha\AppData\Local\PokerStars.CZ
2023-12-01 16:58 - 2023-08-27 16:38 - 000000000 ___HD C:\Windows\msdownld.tmp
2023-12-01 16:58 - 2023-08-27 16:38 - 000000000 ____D C:\Windows\SysWOW64\directx
2023-12-01 09:27 - 2023-08-24 17:32 - 000000000 ____D C:\ProgramData\Package Cache
2023-12-01 08:11 - 2023-08-24 18:01 - 000000000 ____D C:\Users\danha\AppData\Local\CrashDumps
2023-12-01 01:38 - 2023-08-24 18:31 - 000000000 ____D C:\Users\danha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2023-12-01 01:02 - 2023-08-24 17:39 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-12-01 01:02 - 2023-08-24 17:39 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-11-30 14:30 - 2023-08-24 18:24 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2023-11-30 10:07 - 2023-10-31 22:02 - 000958496 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2023-11-30 10:04 - 2023-08-24 17:47 - 006745776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2023-11-30 10:04 - 2023-08-24 17:12 - 007869664 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2023-11-27 16:14 - 2023-11-02 11:19 - 000000000 ____D C:\Users\danha\AppData\Roaming\AIMP
2023-11-23 19:20 - 2023-09-18 14:19 - 000000000 ____D C:\Program Files\Hand2Note4
2023-11-23 11:56 - 2023-08-24 18:06 - 000000000 ____D C:\Users\danha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-11-23 11:56 - 2023-08-24 18:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-11-23 11:56 - 2023-08-24 18:06 - 000000000 ____D C:\Program Files\WinRAR
2023-11-21 13:32 - 2023-08-24 17:17 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1398007894-2651273048-4200034700-1001
2023-11-21 13:32 - 2023-08-24 17:17 - 000003364 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1398007894-2651273048-4200034700-1001
2023-11-21 13:32 - 2023-08-24 17:17 - 000002381 _____ C:\Users\danha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-11-20 16:35 - 2023-08-24 18:24 - 000000000 ____D C:\Users\danha\AppData\Roaming\Mozilla
2023-11-17 18:06 - 2023-10-26 22:25 - 000000000 ____D C:\Users\danha\Desktop\mp3
2023-11-16 22:12 - 2023-08-24 18:19 - 000000000 ____D C:\Users\danha\AppData\Local\Steam
2023-11-15 19:50 - 2023-08-24 17:24 - 000000000 ____D C:\Windows\system32\MRT
2023-11-15 19:49 - 2023-08-24 17:24 - 182871392 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-11-15 16:57 - 2023-08-24 17:06 - 003212800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-11-15 12:16 - 2023-09-02 20:20 - 000000000 ____D C:\Users\danha\Desktop\obrazky
2023-11-14 17:36 - 2023-08-24 17:51 - 000001447 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2023-11-14 17:36 - 2023-08-24 17:50 - 000004308 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-14 17:36 - 2023-08-24 17:50 - 000003976 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-14 17:36 - 2023-08-24 17:50 - 000003940 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-14 17:36 - 2023-08-24 17:50 - 000003894 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-14 17:36 - 2023-08-24 17:50 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-14 17:36 - 2023-08-24 17:50 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-14 17:36 - 2023-08-24 17:50 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-14 17:36 - 2023-08-24 17:50 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-14 17:36 - 2023-08-24 17:50 - 000003654 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-14 17:36 - 2023-08-24 17:50 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2023-11-14 17:36 - 2023-08-24 17:12 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2023-11-14 17:36 - 2023-08-24 17:12 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2023-11-12 19:42 - 2023-08-24 18:19 - 000000000 ____D C:\Users\danha\AppData\Local\UnrealEngine
2023-11-10 03:02 - 2023-08-24 21:05 - 000001018 _____ C:\Users\Public\Desktop\PotPlayer 64 bit.lnk
2023-11-10 01:30 - 2023-08-24 17:23 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-11-09 21:27 - 2023-10-15 16:36 - 000000000 ____D C:\Users\danha\Desktop\pokerstars nastaveni clienta
==================== Files in the root of some directories ========
2023-11-23 12:13 - 2023-11-23 12:13 - 000000218 _____ () C:\Users\danha\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2023
Ran by danha (administrator) on CISLOCZ (ASUS System Product Name) (07-12-2023 17:50:30)
Running from C:\Users\danha\Desktop\logtest program\FRST64.exe
Loaded Profiles: danha
Platform: Microsoft Windows 11 Pro Version 23H2 22631.2792 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.30700.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\119.0.2151.97\msedgewebview2.exe <7>
(explorer.exe ->) (A FOUR TECH CO., LTD. -> ) C:\Program Files (x86)\Bloody7\Bloody7\Bloody7.exe
(explorer.exe ->) (Creative Technology Ltd -> Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Command\Creative.SBCommand.exe
(explorer.exe ->) (The qBittorrent Project) [File not signed] C:\Program Files\qBittorrent\qbittorrent.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.352\GoogleCrashHandler64.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.01.12\AsusFanControlService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.02.12\atkexComSvc.exe
(services.exe ->) (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\PresentMon\Service\PresentMonService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd) C:\Windows\SysWOW64\CtxSvc32.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_31dab972145ae5a9\Display.NvContainer\NVDisplay.Container.exe <2>
(svchost.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2311.1001.7.0_x64__8wekyb3d8bbwe\XboxGameBarWidgets.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2311.1001.7.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.30700.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [195576 2023-11-14] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [Creative.SBCommand] => C:\Program Files (x86)\Creative\Sound Blaster Command\Creative.SBCommand.exe [207984 2022-11-08] (Creative Technology Ltd -> Creative Technology Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [748624 2023-10-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\Run: [MicrosoftEdgeAutoLaunch_739984D67ED48D532AB489E0D9A494F2] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3896768 2023-11-29] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody7\Bloody7\Bloody7.exe [20998160 2022-11-29] (A FOUR TECH CO., LTD. -> )
HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\Run: [Creative.SBCommand.exe] => C:\Program Files (x86)\Creative\Sound Blaster Command\Creative.SBCommand.exe [207984 2022-11-08] (Creative Technology Ltd -> Creative Technology Ltd)
HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\MountPoints2: {9922213d-8a37-11ee-a06c-f8d6f4591554} - "F:\setup.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\119.0.6045.200\Installer\chrmstp.exe [2023-12-01] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {45F258B7-8877-433F-B7BA-AACC4B29C986} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2159944 2021-10-18] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {DBF09162-E610-4629-8706-9F8479458DE9} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [1471104 2021-10-22] (ASUSTeK Computer Inc. -> )
Task: {D0558203-06BA-42C1-8E7B-D8566AF1713D} - System32\Tasks\GoogleUpdateTaskMachineCore{F0E87F3C-5E8F-496C-9262-B32CF193462E} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-08-24] (Google LLC -> Google LLC)
Task: {58438B8C-E72B-441E-8E00-C7DFA19A5377} - System32\Tasks\GoogleUpdateTaskMachineUA{3006C261-15EA-498F-97CA-C4886A2E3A2B} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-08-24] (Google LLC -> Google LLC)
Task: {FFB3FFE9-15DD-48ED-87CC-8DE7037F6829} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28175336 2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {3D2C275A-3AB0-49CF-8E50-4911313FF01E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28175336 2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {CC741DF0-150A-458B-92A7-458EA3663BED} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306624 2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {CEA9E664-D508-4F3C-85D0-B1EB128DF5CB} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306624 2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {EC98FB80-54D1-40A6-BCE9-9A0967E3B75D} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [169144 2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {56DBF762-3431-46FA-B751-A6366746BEA4} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache => {07369A67-07A6-4608-ABEA-379491CB7C46} C:\Windows\System32\UpdatePolicy.dll [137176 2023-12-05] (Microsoft Windows -> Microsoft Corporation)
Task: {ECC598D5-83CC-4B9F-B40B-47389F32AA66} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [674208 2023-12-01] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {F64E29E5-E2E3-47AA-B11E-E2AAC106578A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [35232 2023-12-01] (Mozilla Corporation -> Mozilla Foundation)
Task: {35D0A71C-09B7-4961-ABA9-CEC21840A18E} - System32\Tasks\nhAsusStrixSvc32Run => "C:\Program Files\ASUSTeKcomputer.Inc\nhAsusStrix\UserInterface\nhAsusStrixSvc32.exe" $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7) (No File)
Task: {948182B9-C6B8-4DB2-9FB1-F915FF8E6223} - System32\Tasks\nhAsusStrixSvc64Run => "C:\Program Files\ASUSTeKcomputer.Inc\nhAsusStrix\UserInterface\x64\nhAsusStrixSvc64.exe" $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7) (No File)
Task: {9B58774F-EE08-4914-B387-22ADABE37878} - System32\Tasks\nhAsusStrixUILauncherRun => "C:\Program Files\ASUSTeKcomputer.Inc\nhAsusStrix\UserInterface\nhAsusStrixUILauncher.exe" $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7) (No File)
Task: {684431C9-1A8D-4E4F-A148-6B5B8EC69CCB} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {54E932C9-E9FB-488D-BB45-2714797D2BD6} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0BB99382-0978-4AB7-88A1-725490C462C9} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9E3A4652-0944-4AD5-A0F2-159389CC4DAB} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7CD92E15-107B-4D05-8779-F7446E432F45} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C447E570-D54D-4DB1-8272-EF0BFF84852B} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B5D7A0BB-5974-4795-80E1-197983EC073B} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3E75AB75-D914-44DF-8EC0-20F37746FC14} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {99EAABE2-C725-4FCB-BD2E-62BC1D62118D} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.15.1
Tcpip\..\Interfaces\{dfae9c32-e378-44ba-8e0b-6907294b931e}: [DhcpNameServer] 192.168.15.1
Edge:
=======
Edge Profile: C:\Users\danha\AppData\Local\Microsoft\Edge\User Data\Default [2023-12-04]
Edge Session Restore: Default -> is enabled.
Edge Extension: (Dokumenty Google offline) - C:\Users\danha\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-30]
Edge Extension: (Edge relevant text changes) - C:\Users\danha\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-17]
Edge HKLM-x32\...\Edge\Extension: [nkapkmklnmidbbgjaipbgpcnbomnaakc]
FireFox:
========
FF DefaultProfile: y7i35wwu.default
FF ProfilePath: C:\Users\danha\AppData\Roaming\Mozilla\Firefox\Profiles\y7i35wwu.default [2023-11-20]
FF ProfilePath: C:\Users\danha\AppData\Roaming\Mozilla\Firefox\Profiles\sylg3kto.default-release [2023-12-06]
FF Session Restore: Mozilla\Firefox\Profiles\sylg3kto.default-release -> is enabled.
FF Plugin: @java.com/DTPlugin,version=11.391.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-10-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.391.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-10-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2023-12-07]
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\danha\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-12-07]
CHR HomePage: Profile 1 -> hxxp://www.google.com/
CHR Session Restore: Profile 1 -> is enabled.
CHR Extension: (Překladač Google) - C:\Users\danha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-08-24]
CHR Extension: (BetterTTV) - C:\Users\danha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2023-11-18]
CHR Extension: (7TV) - C:\Users\danha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ammjkodgmmoknidbanneddgankgfejfh [2023-08-24]
CHR Extension: (Avira Password Manager) - C:\Users\danha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2023-11-03]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\danha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-11-29]
CHR Extension: (FrankerFaceZ) - C:\Users\danha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2023-08-24]
CHR Extension: (Return YouTube Dislike) - C:\Users\danha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gebbhagfogifgggkldgodflihgfeippi [2023-12-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\danha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-17]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\danha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-11-28]
CHR Extension: (Void Theme - Black and Minimal) - C:\Users\danha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kioklelcojgbjoljlilalgdcppkiioge [2023-08-24]
CHR Extension: (Shazam: Hledejte názvy skladeb v prohlížeči) - C:\Users\danha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mmioliijnhnoblpgimnlajmefafdfilb [2023-10-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\danha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-08-24]
CHR Extension: (Hlídač Shopů) - C:\Users\danha\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\plmlonggbfebcjelncogcnclagkmkikk [2023-11-15]
CHR Profile: C:\Users\danha\AppData\Local\Google\Chrome\User Data\System Profile [2023-08-24]
CHR HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [oombnmpbbhbakfpfgdflaajkhicgfaam]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AORUS LCD Panel Service; C:\Program Files\GIGABYTE\Control Center\Lib\GBT_VGA\Service\MonitorService-exec.exe [371304 2023-06-21] (GIGA-BYTE TECHNOLOGY CO., LTD. -> CloudBees, Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.02.12\atkexComSvc.exe [457544 2021-10-01] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusCertService; C:\Program Files (x86)\ASUS\AsusCertService\AsusCertService.exe [313008 2021-02-02] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.01.12\AsusFanControlService.exe [2203464 2021-10-13] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S2 AsusUpdateCheck; C:\Windows\System32\AsusUpdateCheck.exe [845256 2023-12-06] (ASUSTeK Computer Inc. -> )
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15772456 2023-11-25] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13233744 2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
S3 CloudBackupRestoreSvc; C:\Windows\System32\CloudRestoreLauncher.dll [1376256 2023-12-05] (Microsoft Windows -> Microsoft Corporation)
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [458240 2020-03-12] (Creative Technology Ltd) [File not signed]
R2 CtxSvc32; C:\Windows\sysWow64\CtxSvc32.exe [167416 2022-12-20] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [955816 2023-09-26] (EasyAntiCheat Oy -> Epic Games, Inc.)
R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [2537928 2023-11-14] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3850920 2023-11-14] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3850920 2023-11-14] (ESET, spol. s r.o. -> ESET)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-05-01] (Epic Games Inc. -> Epic Games, Inc.)
S3 GameInputSvc; C:\Windows\System32\GameInputSvc.exe [71288 2023-12-05] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_31dab972145ae5a9\Display.NvContainer\NVDisplay.Container.exe [1275424 2023-11-30] (NVIDIA Corporation -> NVIDIA Corporation)
R2 PresentMonService; C:\Program Files\Intel\PresentMon\Service\PresentMonService.exe [1097264 2023-10-12] (Intel Corporation -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534592 2023-12-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\NisSrv.exe [3116904 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe [133584 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AmdTools64; C:\Windows\System32\drivers\AmdTools64.sys [63392 2020-06-16] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [34384 2021-06-01] (ASUSTeK Computer Inc. -> )
R1 Asusgio3; C:\Windows\system32\drivers\AsIO3.sys [43160 2021-07-25] (ASUSTeK Computer Inc. -> )
S3 ASUSSC150; C:\Windows\system32\DRIVERS\ASUSSC150.sys [3805696 2016-12-07] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTeK)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [532480 2023-05-05] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [184320 2023-05-05] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
R3 CtxHda; C:\Windows\system32\drivers\CtxHda.sys [1227280 2022-12-20] (Creative Technology Ltd -> Creative Technology Ltd)
R3 CtxHdb; C:\Windows\system32\DRIVERS\Ctxhdb.sys [64056 2022-12-20] (Creative Technology Ltd -> Creative Technology Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [215616 2023-11-14] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [120032 2023-11-14] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [16336 2023-11-14] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [254344 2023-11-14] (ESET, spol. s r.o. -> ESET)
S4 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [55528 2023-11-14] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [81824 2023-11-14] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [124168 2023-11-14] (ESET, spol. s r.o. -> ESET)
R3 IOMap; C:\Windows\system32\drivers\IOMap64.sys [34064 2021-10-13] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
S3 MTKBTFilterx64; C:\Windows\System32\drivers\mtkbtfilterx.sys [361472 2022-11-16] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 mtkwlex; C:\Windows\System32\drivers\mtkwl6ex.sys [1617920 2022-11-20] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2023-08-15] (Nvidia Corporation -> NVIDIA Corporation)
R3 rt25cx21; C:\Windows\System32\DriverStore\FileRepository\rt25cx21x64sta.inf_amd64_dd00ea3bb081bca5\rt25cx21x64.sys [752600 2023-08-20] (Realtek Semiconductor Corp. -> Realtek)
S3 rtcx21; C:\Windows\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
S4 UCPD; C:\Windows\System32\drivers\UCPD.sys [33792 2023-12-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [55856 2023-10-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [572712 2023-10-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105872 2023-10-05] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz152; \??\C:\Windows\temp\cpuz152\cpuz152_x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-12-07 17:50 - 2023-12-07 17:50 - 000000000 ____D C:\FRST
2023-12-07 17:48 - 2023-12-07 17:50 - 000000000 ____D C:\Users\danha\Desktop\logtest program
2023-12-07 13:12 - 2023-12-07 13:12 - 000019028 _____ C:\Users\danha\Downloads\[SkT]Special_Ops_Lioness_S01E06_-_Lež_je_pravdou_(CZ)[1080p][WEBRip][HEVC]_=_CSFD_69%.torrent
2023-12-07 13:12 - 2023-12-07 13:12 - 000011150 _____ C:\Users\danha\Downloads\[SkT]Special_Ops_Lioness_S01E07_-_Ať_boj_skončí_(CZ)[1080p][WEBRip][HEVC]_=_CSFD_69%.torrent
2023-12-07 13:11 - 2023-12-07 13:11 - 000019566 _____ C:\Users\danha\Downloads\[SkT]Special_Ops_Lioness_S01E03_-_Rána_pěstí_(CZ)[1080p][WEBRip][HEVC]_=_CSFD_70%.torrent
2023-12-07 13:11 - 2023-12-07 13:11 - 000019461 _____ C:\Users\danha\Downloads\[SkT]Special_Ops_Lioness_S01E02_-_Výprask_(CZ)[1080p][WEBRip][HEVC]_=_CSFD_68%.torrent
2023-12-07 13:11 - 2023-12-07 13:11 - 000018570 _____ C:\Users\danha\Downloads\[SkT]Special_Ops_Lioness_S01E04_-_Volba_neúspěchu_(CZ)[1080p][WEBRip][HEVC]_=_CSFD_69%.torrent
2023-12-07 13:11 - 2023-12-07 13:11 - 000017986 _____ C:\Users\danha\Downloads\[SkT]Special_Ops_Lioness_S01E05_-_Pravda_je_ta_nejchytřejší_lež_(CZ)[1080p][WEBRip][HEVC]_=_CSFD_69%.torrent
2023-12-07 13:10 - 2023-12-07 13:10 - 000019010 _____ C:\Users\danha\Downloads\[SkT]Special_Ops_Lioness_S01E01_-_Obětní_vojáci__(CZ)[1080p][WEBRip][HEVC]_=_CSFD_68%.torrent
2023-12-07 13:05 - 2023-12-07 13:05 - 000125633 _____ C:\Users\danha\Downloads\[SkT]_Rod___Kin_S01_(CZ_EN)[WEB-DL][1080p]_=_CSFD_71%.torrent
2023-12-07 13:04 - 2023-12-07 13:04 - 000020065 _____ C:\Users\danha\Downloads\[SkT]Myška_Pattie__Na_vlnách_dobrodružství___Pattie_et_la_colère_de_Poséidon_(2022)(CZ_SK)[WebRip][1080p]_=_CSFD_70%.torrent
2023-12-07 07:11 - 2023-12-07 07:11 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2023-12-06 17:14 - 2023-12-07 10:35 - 000000225 _____ C:\Users\danha\Desktop\krevetky a pavi ocka.txt
2023-12-06 06:29 - 2023-12-06 06:29 - 000691102 _____ C:\Windows\system32\perfh005.dat
2023-12-06 06:29 - 2023-12-06 06:29 - 000143008 _____ C:\Windows\system32\perfc005.dat
2023-12-05 18:44 - 2023-12-05 18:45 - 000000000 ____D C:\Windows\LastGood.Tmp
2023-12-05 18:43 - 2023-11-30 10:11 - 001246288 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2023-12-05 18:43 - 2023-11-30 10:11 - 001246288 _____ C:\Windows\SysWOW64\vulkan-1.dll
2023-12-05 18:43 - 2023-11-30 10:11 - 000850512 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2023-12-05 18:43 - 2023-11-30 10:11 - 000850512 _____ C:\Windows\system32\vulkaninfo.exe
2023-12-05 18:43 - 2023-11-30 10:11 - 000731216 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-12-05 18:43 - 2023-11-30 10:11 - 000731216 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2023-12-05 18:43 - 2023-11-30 10:10 - 001487472 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2023-12-05 18:43 - 2023-11-30 10:10 - 001423960 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2023-12-05 18:43 - 2023-11-30 10:10 - 001423960 _____ C:\Windows\system32\vulkan-1.dll
2023-12-05 18:43 - 2023-11-30 10:10 - 001226760 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2023-12-05 18:43 - 2023-11-30 10:07 - 001541152 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2023-12-05 18:43 - 2023-11-30 10:07 - 001198192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2023-12-05 18:43 - 2023-11-30 10:07 - 000670240 _____ (NVIDIA Corporation) C:\Windows\system32\nvofapi64.dll
2023-12-05 18:43 - 2023-11-30 10:07 - 000505376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvofapi.dll
2023-12-05 18:43 - 2023-11-30 10:06 - 002170992 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2023-12-05 18:43 - 2023-11-30 10:06 - 001624712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2023-12-05 18:43 - 2023-11-30 10:06 - 000996976 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2023-12-05 18:43 - 2023-11-30 10:06 - 000810096 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2023-12-05 18:43 - 2023-11-30 10:06 - 000774280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2023-12-05 18:43 - 2023-11-30 10:05 - 015095840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2023-12-05 18:43 - 2023-11-30 10:05 - 012375584 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2023-12-05 18:43 - 2023-11-30 10:05 - 006461960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2023-12-05 18:43 - 2023-11-30 10:05 - 005862408 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll
2023-12-05 18:43 - 2023-11-30 10:05 - 005860472 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2023-12-05 18:43 - 2023-11-30 10:05 - 003619848 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2023-12-05 18:43 - 2023-11-30 10:05 - 000459912 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2023-12-05 18:42 - 2023-11-30 10:05 - 000853640 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2023-12-05 18:42 - 2023-11-30 00:05 - 000113947 _____ C:\Windows\system32\nvinfo.pb
2023-12-05 06:01 - 2023-12-05 06:02 - 000000000 ___HD C:\$WinREAgent
2023-12-04 20:41 - 2023-12-04 20:41 - 000099231 _____ C:\Users\danha\Downloads\[SkT]Sound_of_Freedom_(2023)_WEBRip_1080p_=_CSFD_77%.torrent
2023-12-04 14:14 - 2023-12-04 14:14 - 000000000 ____D C:\Users\danha\Desktop\balik prazdny
2023-12-04 12:32 - 2023-12-04 12:32 - 000020085 _____ C:\Users\danha\Downloads\[SkT]Tlapková_patrola_ve_velkofilmu___Paw_Patrol__The_Mighty_Movie_(2023)(CZ)[1080p]_=_CSFD_61%.torrent
2023-12-03 17:58 - 2023-12-03 18:12 - 000000000 ____D C:\Users\danha\Desktop\nod32
2023-12-03 10:55 - 2023-12-03 10:55 - 000043294 _____ C:\Users\danha\Downloads\[SkT]Modrooký_samuraj___Blue_Eye_Samurai_S01_(CZ)[WebRip][1080p]_=_CSFD_50%.torrent
2023-12-02 14:33 - 2023-12-02 14:33 - 000084948 _____ C:\ProgramData\agent.uninstall.1701523986.bdinstall.v2.bin
2023-12-02 14:28 - 2023-12-02 14:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2023-12-02 14:28 - 2023-12-02 14:28 - 000000000 ____D C:\ProgramData\ESET
2023-12-02 14:28 - 2023-12-02 14:28 - 000000000 ____D C:\Program Files\ESET
2023-12-02 14:25 - 2023-12-02 14:25 - 000459948 _____ C:\ProgramData\cl.uninstall.1701523510.bdinstall.v2.bin
2023-12-01 16:59 - 2023-12-01 16:59 - 000000000 ____D C:\Users\danha\AppData\Roaming\DOGE
2023-12-01 16:59 - 2023-12-01 16:59 - 000000000 ____D C:\Users\danha\AppData\Local\THE_PLANE_EFFECT
2023-12-01 16:57 - 2023-12-02 14:26 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-12-01 16:56 - 2023-12-01 16:56 - 000000597 _____ C:\Users\Public\Desktop\The Plane Effect.lnk
2023-12-01 10:30 - 2023-12-02 15:56 - 000000053 _____ C:\Users\danha\Desktop\jox erdomed.txt
2023-11-30 10:06 - 2023-12-02 14:25 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2023-11-30 08:17 - 2023-11-30 08:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2023-11-30 08:17 - 2023-11-30 08:17 - 000000000 ____D C:\Program Files\qBittorrent
2023-11-25 17:07 - 2023-11-25 17:07 - 000000000 ____D C:\Users\danha\AppData\Local\BattlEye
2023-11-25 16:55 - 2023-11-25 16:55 - 000091384 _____ C:\ProgramData\agent.update.1700927730.bdinstall.v2.bin
2023-11-25 12:54 - 2023-11-25 12:54 - 000000000 ____D C:\Users\danha\AppData\Local\nhAsusStrix1.1.22
2023-11-25 12:27 - 2023-11-26 11:34 - 000000000 ____D C:\Users\danha\Desktop\zvukovka
2023-11-25 11:26 - 2023-11-25 11:26 - 000000000 ____D C:\Users\danha\.insomniac
2023-11-25 11:20 - 2023-11-25 11:27 - 000000000 ____D C:\Users\danha\Documents\Ratchet & Clank - Rift Apart
2023-11-25 11:20 - 2023-11-25 11:20 - 000000000 ____D C:\Users\danha\AppData\Roaming\Insomniac Games
2023-11-24 19:53 - 2023-11-25 11:27 - 000000000 ____D C:\Users\danha\AppData\Roaming\FLT
2023-11-24 19:53 - 2023-11-24 19:53 - 000000000 ____D C:\Users\danha\AppData\Local\AdInfinitum
2023-11-23 14:15 - 2023-11-23 14:15 - 000000222 _____ C:\Users\danha\Desktop\Northgard.url
2023-11-23 14:12 - 2023-11-23 14:12 - 000000746 _____ C:\Users\Public\Desktop\Trine 5.lnk
2023-11-23 14:12 - 2023-11-23 14:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trine 5 [GOG.com]
2023-11-23 14:11 - 2023-11-23 14:11 - 000000000 ____D C:\ProgramData\GOG.com
2023-11-23 12:36 - 2023-11-23 12:36 - 000000000 ____D C:\Users\danha\Documents\My Games
2023-11-23 12:36 - 2023-11-23 12:36 - 000000000 ____D C:\Users\danha\AppData\Roaming\Goldberg SteamEmu Saves
2023-11-23 12:20 - 2023-12-05 15:18 - 000000083 _____ C:\Users\danha\Desktop\zubar.txt
2023-11-23 12:13 - 2023-11-23 12:13 - 000000218 _____ C:\Users\danha\AppData\Local\recently-used.xbel
2023-11-23 11:57 - 2023-11-23 11:57 - 000000000 ____D C:\Users\danha\AppData\Local\gtk-3.0
2023-11-20 16:35 - 2023-12-01 18:35 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-11-20 16:35 - 2023-11-20 16:35 - 000002048 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox — anonymní prohlížení.lnk
2023-11-20 16:35 - 2023-11-20 16:35 - 000000993 _____ C:\Users\Public\Desktop\Firefox.lnk
2023-11-20 16:35 - 2023-11-20 16:35 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2023-11-20 16:35 - 2023-11-20 16:35 - 000000000 ____D C:\Users\danha\AppData\Local\Mozilla
2023-11-18 13:32 - 2023-11-18 13:35 - 000000000 ____D C:\Users\danha\Desktop\klavesnice
2023-11-16 22:13 - 2023-11-16 22:13 - 000000000 ____D C:\Users\danha\AppData\LocalLow\Jumpship
2023-11-16 19:46 - 2023-11-16 19:46 - 000000000 ____D C:\Users\danha\Desktop\poker
2023-11-15 21:42 - 2023-11-15 21:45 - 000000000 ____D C:\Users\danha\Desktop\Letaky
2023-11-14 12:04 - 2023-11-14 12:04 - 000254344 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2023-11-14 12:04 - 2023-11-14 12:04 - 000215616 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2023-11-14 12:04 - 2023-11-14 12:04 - 000124168 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2023-11-14 12:04 - 2023-11-14 12:04 - 000120032 _____ (ESET) C:\Windows\system32\Drivers\edevmon.sys
2023-11-14 12:04 - 2023-11-14 12:04 - 000081824 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys
2023-11-14 12:04 - 2023-11-14 12:04 - 000055528 _____ (ESET) C:\Windows\system32\Drivers\ekbdflt.sys
2023-11-13 15:18 - 2023-11-25 16:09 - 000000000 ____D C:\Users\danha\AppData\Local\nhAsusStrix1.1.23
2023-11-13 15:17 - 2023-11-13 15:17 - 000003278 _____ C:\Windows\system32\Tasks\nhAsusStrixUILauncherRun
2023-11-13 15:17 - 2023-11-13 15:17 - 000003266 _____ C:\Windows\system32\Tasks\nhAsusStrixSvc64Run
2023-11-13 15:17 - 2023-11-13 15:17 - 000003258 _____ C:\Windows\system32\Tasks\nhAsusStrixSvc32Run
2023-11-13 15:17 - 2023-11-13 15:17 - 000000000 ____D C:\Program Files\ASUSTeKcomputer.Inc
2023-11-12 19:42 - 2023-11-12 19:42 - 000000000 ____D C:\Users\danha\AppData\Local\MG3
2023-11-12 03:16 - 2023-11-12 03:16 - 000000223 _____ C:\Users\danha\Desktop\Seen.url
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-12-07 17:48 - 2023-08-24 18:18 - 000000000 ____D C:\Program Files (x86)\Steam
2023-12-07 17:39 - 2023-08-24 17:15 - 000000000 ____D C:\Users\danha\AppData\Local\D3DSCache
2023-12-07 17:39 - 2023-08-24 17:04 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-12-07 17:39 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-12-07 17:38 - 2023-08-24 21:02 - 000000000 ____D C:\Users\danha\AppData\Roaming\qBittorrent
2023-12-07 17:11 - 2023-08-24 18:24 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-12-07 17:06 - 2023-08-24 17:39 - 000000000 ____D C:\Program Files (x86)\Google
2023-12-07 17:06 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemTemp
2023-12-07 16:55 - 2023-08-25 19:34 - 000000000 ____D C:\Users\danha\AppData\Roaming\discord
2023-12-07 16:04 - 2023-08-25 19:34 - 000002231 _____ C:\Users\danha\Desktop\Discord.lnk
2023-12-07 16:04 - 2023-08-25 19:34 - 000000000 ____D C:\Users\danha\AppData\Local\Discord
2023-12-07 16:01 - 2023-08-24 17:12 - 000000000 ____D C:\ProgramData\NVIDIA
2023-12-07 15:43 - 2022-05-07 06:22 - 000000000 ____D C:\Windows\INF
2023-12-07 14:19 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\AppReadiness
2023-12-07 07:11 - 2023-09-04 23:36 - 000000000 ____D C:\Program Files\Microsoft Office
2023-12-07 07:11 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-12-07 07:03 - 2023-08-24 17:15 - 000000000 ____D C:\Users\danha\AppData\Local\Packages
2023-12-07 07:03 - 2023-08-24 17:06 - 000000000 ____D C:\ProgramData\Packages
2023-12-07 07:03 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-12-06 21:01 - 2023-08-24 17:39 - 000003844 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{3006C261-15EA-498F-97CA-C4886A2E3A2B}
2023-12-06 21:01 - 2023-08-24 17:39 - 000003720 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{F0E87F3C-5E8F-496C-9262-B32CF193462E}
2023-12-06 16:06 - 2023-08-25 13:18 - 000000000 ____D C:\Users\danha\AppData\Roaming\EasyAntiCheat
2023-12-06 06:29 - 2023-08-24 17:14 - 001629566 _____ C:\Windows\system32\PerfStringBackup.INI
2023-12-06 06:22 - 2023-08-24 17:04 - 000901328 _____ () C:\Windows\system32\wpbbin.exe
2023-12-06 06:22 - 2023-08-24 17:04 - 000845256 _____ C:\Windows\system32\AsusUpdateCheck.exe
2023-12-06 06:22 - 2023-08-24 17:04 - 000012288 ___SH C:\DumpStack.log.tmp
2023-12-06 06:22 - 2023-08-24 17:04 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-12-06 06:21 - 2022-05-07 06:17 - 000524288 _____ C:\Windows\system32\config\BBI
2023-12-06 01:02 - 2023-08-24 17:13 - 000000000 ____D C:\Users\danha
2023-12-05 18:45 - 2023-08-24 17:17 - 000000000 ____D C:\Users\danha\AppData\Local\NVIDIA
2023-12-05 06:43 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2023-12-05 06:27 - 2023-08-24 17:04 - 000332520 _____ C:\Windows\system32\FNTCACHE.DAT
2023-12-05 06:27 - 2022-05-07 11:14 - 000000000 ____D C:\Windows\InboxApps
2023-12-05 06:27 - 2022-05-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-12-05 06:27 - 2022-05-07 06:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-12-05 06:27 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\UUS
2023-12-05 06:27 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-12-05 06:27 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\Dism
2023-12-05 06:27 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemResources
2023-12-05 06:27 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-12-05 06:27 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\oobe
2023-12-05 06:27 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\HealthAttestationClient
2023-12-05 06:27 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\Dism
2023-12-05 06:27 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\appraiser
2023-12-05 06:27 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ShellExperiences
2023-12-05 06:27 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ShellComponents
2023-12-05 06:27 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-12-05 06:27 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\bcastdvr
2023-12-05 06:27 - 2022-05-07 06:17 - 000000000 ____D C:\Windows\servicing
2023-12-05 06:04 - 2022-05-07 06:17 - 000000000 ____D C:\Windows\CbsTemp
2023-12-05 05:22 - 2023-08-24 17:04 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-12-05 05:22 - 2023-08-24 17:04 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-12-04 20:02 - 2023-10-23 19:50 - 000000000 ____D C:\Users\danha\Desktop\bazos
2023-12-03 10:34 - 2023-10-07 08:29 - 000000000 ____D C:\Windows\Minidump
2023-12-02 17:25 - 2023-09-11 11:39 - 000000000 ____D C:\Users\danha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2023-12-02 14:28 - 2022-05-07 06:24 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-12-02 14:26 - 2023-11-02 08:03 - 000000000 ____D C:\Program Files\Bitdefender
2023-12-02 14:26 - 2023-08-24 18:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-12-02 14:25 - 2023-11-02 08:03 - 000000000 ____D C:\ProgramData\Bitdefender
2023-12-02 14:25 - 2022-05-07 06:17 - 000065536 _____ C:\Windows\system32\config\ELAM
2023-12-02 14:12 - 2023-09-11 08:50 - 000000000 ____D C:\Users\danha\AppData\Local\PokerStars.CZ
2023-12-01 16:58 - 2023-08-27 16:38 - 000000000 ___HD C:\Windows\msdownld.tmp
2023-12-01 16:58 - 2023-08-27 16:38 - 000000000 ____D C:\Windows\SysWOW64\directx
2023-12-01 09:27 - 2023-08-24 17:32 - 000000000 ____D C:\ProgramData\Package Cache
2023-12-01 08:11 - 2023-08-24 18:01 - 000000000 ____D C:\Users\danha\AppData\Local\CrashDumps
2023-12-01 01:38 - 2023-08-24 18:31 - 000000000 ____D C:\Users\danha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2023-12-01 01:02 - 2023-08-24 17:39 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-12-01 01:02 - 2023-08-24 17:39 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-11-30 14:30 - 2023-08-24 18:24 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2023-11-30 10:07 - 2023-10-31 22:02 - 000958496 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2023-11-30 10:04 - 2023-08-24 17:47 - 006745776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2023-11-30 10:04 - 2023-08-24 17:12 - 007869664 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2023-11-27 16:14 - 2023-11-02 11:19 - 000000000 ____D C:\Users\danha\AppData\Roaming\AIMP
2023-11-23 19:20 - 2023-09-18 14:19 - 000000000 ____D C:\Program Files\Hand2Note4
2023-11-23 11:56 - 2023-08-24 18:06 - 000000000 ____D C:\Users\danha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-11-23 11:56 - 2023-08-24 18:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2023-11-23 11:56 - 2023-08-24 18:06 - 000000000 ____D C:\Program Files\WinRAR
2023-11-21 13:32 - 2023-08-24 17:17 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1398007894-2651273048-4200034700-1001
2023-11-21 13:32 - 2023-08-24 17:17 - 000003364 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1398007894-2651273048-4200034700-1001
2023-11-21 13:32 - 2023-08-24 17:17 - 000002381 _____ C:\Users\danha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-11-20 16:35 - 2023-08-24 18:24 - 000000000 ____D C:\Users\danha\AppData\Roaming\Mozilla
2023-11-17 18:06 - 2023-10-26 22:25 - 000000000 ____D C:\Users\danha\Desktop\mp3
2023-11-16 22:12 - 2023-08-24 18:19 - 000000000 ____D C:\Users\danha\AppData\Local\Steam
2023-11-15 19:50 - 2023-08-24 17:24 - 000000000 ____D C:\Windows\system32\MRT
2023-11-15 19:49 - 2023-08-24 17:24 - 182871392 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-11-15 16:57 - 2023-08-24 17:06 - 003212800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-11-15 12:16 - 2023-09-02 20:20 - 000000000 ____D C:\Users\danha\Desktop\obrazky
2023-11-14 17:36 - 2023-08-24 17:51 - 000001447 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2023-11-14 17:36 - 2023-08-24 17:50 - 000004308 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-14 17:36 - 2023-08-24 17:50 - 000003976 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-14 17:36 - 2023-08-24 17:50 - 000003940 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-14 17:36 - 2023-08-24 17:50 - 000003894 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-14 17:36 - 2023-08-24 17:50 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-14 17:36 - 2023-08-24 17:50 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-14 17:36 - 2023-08-24 17:50 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-14 17:36 - 2023-08-24 17:50 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-14 17:36 - 2023-08-24 17:50 - 000003654 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-11-14 17:36 - 2023-08-24 17:50 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2023-11-14 17:36 - 2023-08-24 17:12 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2023-11-14 17:36 - 2023-08-24 17:12 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2023-11-12 19:42 - 2023-08-24 18:19 - 000000000 ____D C:\Users\danha\AppData\Local\UnrealEngine
2023-11-10 03:02 - 2023-08-24 21:05 - 000001018 _____ C:\Users\Public\Desktop\PotPlayer 64 bit.lnk
2023-11-10 01:30 - 2023-08-24 17:23 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-11-09 21:27 - 2023-10-15 16:36 - 000000000 ____D C:\Users\danha\Desktop\pokerstars nastaveni clienta
==================== Files in the root of some directories ========
2023-11-23 12:13 - 2023-11-23 12:13 - 000000218 _____ () C:\Users\danha\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
kontrola logu prosim obcas se zasekava pc
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118322
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: kontrola logu prosim obcas se zasekava pc
Zdravím!
Dal jste 2x log FRST, Addition chybí. Prosím o něj, je v souboru additon.txt. Děkuji.
Dal jste 2x log FRST, Addition chybí. Prosím o něj, je v souboru additon.txt. Děkuji.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: kontrola logu prosim obcas se zasekava pc
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-12-2023
Ran by danha (07-12-2023 17:51:01)
Running from C:\Users\danha\Desktop\logtest program
Microsoft Windows 11 Pro Version 23H2 22631.2792 (X64) (2023-08-24 16:05:55)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1398007894-2651273048-4200034700-500 - Administrator - Disabled)
danha (S-1-5-21-1398007894-2651273048-4200034700-1001 - Administrator - Enabled) => C:\Users\danha
DefaultAccount (S-1-5-21-1398007894-2651273048-4200034700-503 - Limited - Disabled)
Guest (S-1-5-21-1398007894-2651273048-4200034700-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1398007894-2651273048-4200034700-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {26E0861C-6FB9-CEF9-E4F0-531986211ACE}
FW: ESET Firewall (Enabled) {1EDB0739-25D6-CFA1-CFAF-FA2C78F25DB5}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 23.01 (x64) (HKLM\...\7-Zip) (Version: 23.01 - Igor Pavlov)
AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 3.01.10 - ASUSTeK Computer Inc.)
Bloody7 (HKLM-x32\...\Bloody3) (Version: 22.11.0004 - Bloody)
Citra (HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\{59bc67d2-5a0e-4773-a1d3-88a177e2feed}) (Version: 1.0.0 - Citra Team)
CPUID HWMonitor 1.51 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.51 - CPUID, Inc.)
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.45 - Creative Technology Limited)
CrystalDiskInfo 9.1.1 (HKLM\...\CrystalDiskInfo_is1) (Version: 9.1.1 - Crystal Dew World)
CrystalDiskMark 8.0.4c (HKLM\...\CrystalDiskMark8_is1) (Version: 8.0.4c - Crystal Dew World)
Discord (HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\Discord) (Version: 1.0.9016 - Discord Inc.)
Disk Google (HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\711b8361c4ce9458dab581e2398472e9) (Version: 1.0 - Google\Chrome)
Disk Google (HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\bed8d1fc9166cc4cb35857a695bfd097) (Version: 1.0 - Google\Chrome)
Dokumenty (HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\90bbfe368d207ae70caa9c20fb49b5c5) (Version: 1.0 - Google\Chrome)
Dokumenty (HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\ca8d4a748936be8450cd3b23ef6f4e0a) (Version: 1.0 - Google\Chrome)
Dolby Digital Live Pack version 4.02.00 (HKLM-x32\...\DDLMaster_is1) (Version: 4.02.00 - Creative Technology Ltd.)
DTS Connect Pack version 2.02.00 (HKLM-x32\...\DTSMaster_is1) (Version: 2.02.00 - Creative Technology Ltd.)
Epic Games Launcher (HKLM-x32\...\{AEB35C6C-B6D4-4AA0-8452-DE699737B5F6}) (Version: 1.3.82.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{35905844-0610-427D-86A0-2103FABE3D4D}) (Version: 2.0.42.0 - Epic Games, Inc.)
ESET Security (HKLM\...\{B5798854-224A-40DB-A3B7-BECF8F838238}) (Version: 17.0.15.0 - ESET, spol. s r.o.)
GBT_MB_Update (HKLM\...\GBT_MB_Update) (Version: 23.09.15.01 - GIGABYTE)
GBT_RGB_Sync_Control 23.09.19.01 (HKLM\...\GBT_RGB_Sync_Control) (Version: 23.09.19.01 - GIGABYTE)
GBT_VGA 23.09.27.01 (HKLM\...\GBT_VGA) (Version: 23.09.27.01 - GIGABYTE)
GIGABYTE Control Center 23.09.28.01 (HKLM\...\GIGABYTE Control Center) (Version: 23.09.28.01 - GIGABYTE)
Gmail (HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\f7d0c75cca42459715f1992f955aacc4) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\fa37f3236b1c042168241eae63529e36) (Version: 1.0 - Google\Chrome)
GMenu (HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\4ac46a8d-c0d4-56ee-87f3-9abd4ce22e7f) (Version: 3.5.14 - AOC)
Google Chrome (HKLM\...\{AF6B5562-CA1D-3412-BCA6-BA5CD1E73EAF}) (Version: 119.0.6045.200 - Google LLC)
Hand2Note4 (HKLM\...\{7ABEFDCB-DDF1-4B2A-BA90-6C3C84B44CCE}) (Version: 4.0.0.127 - Hand2Note)
Host OpenAL (HKLM-x32\...\Host OpenAL) (Version: 2.03 - Creative Technology Limited)
HWiNFO64 Version 7.60 (HKLM\...\HWiNFO64_is1) (Version: 7.60 - Martin Malik, REALiX s.r.o.)
Intel(R) PresentMon (HKLM\...\{0ED66D61-2064-4338-B5DE-3BBFC32E40AD}) (Version: 0.6.0.0 - Intel(R) Corporation)
Java 8 Update 391 (64-bit) (HKLM\...\{71324AE4-039E-4CA4-87B4-2F64180391F0}) (Version: 8.0.3910.13 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft .NET Host - 7.0.5 (x64) (HKLM\...\{CE8DF750-A582-4D59-A610-478A752481B1}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET Host - 7.0.5 (x86) (HKLM-x32\...\{2F933E6C-13D1-4886-99EB-05ED0C42885B}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 7.0.5 (x64) (HKLM\...\{B6F2958F-0F6F-4CCD-867F-80EC5C333B79}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 7.0.5 (x86) (HKLM-x32\...\{E3B06B8A-7FA4-4421-8A96-8503B2669F50}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 7.0.5 (x64) (HKLM\...\{793FCD19-00AC-4804-B569-782DF3B24A39}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 7.0.5 (x86) (HKLM-x32\...\{23D1DA1E-5CBC-4990-BB53-5974E8D0AB3A}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.17029.20068 - Microsoft Corporation)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.17029.20068 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\{C0100F28-7066-3085-A999-1B6A227E4AC5}) (Version: 119.0.2151.97 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 119.0.2151.97 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\OneDriveSetup.exe) (Version: 23.226.1031.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.5 (x64) (HKLM\...\{109506AF-BF9E-43E1-87F3-3141B9C3F6BA}) (Version: 56.23.58485 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.5 (x64) (HKLM-x32\...\{c7984cd8-d837-4988-a30d-8da7822bc716}) (Version: 7.0.5.32327 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 7.0.5 (x86) (HKLM-x32\...\{10B89C4E-2660-4746-AD74-18C3BD27D929}) (Version: 56.23.58485 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.5 (x86) (HKLM-x32\...\{25d3cc26-2a8e-4175-be20-a3a0c7b08676}) (Version: 7.0.5.32327 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 120.0.1 (x64 cs)) (Version: 120.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 119.0.1 - Mozilla)
Mozilla Thunderbird (x64 cs) (HKLM\...\Mozilla Thunderbird 115.5.1 (x64 cs)) (Version: 115.5.1 - Mozilla)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 546.29 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 546.29 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17029.20000 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17029.20068 - Microsoft Corporation) Hidden
PokerStars.cz (HKLM-x32\...\PokerStars.cz) (Version: - PokerStars.cz)
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 231109 - Kakao Corp.)
Prezentace (HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\15de277c8466e3e946d34723ef88da60) (Version: 1.0 - Google\Chrome)
Prezentace (HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\2cb47850f6af3054f8680cc9dfceb268) (Version: 1.0 - Google\Chrome)
qBittorrent (HKLM-x32\...\qBittorrent) (Version: 4.6.2 - The qBittorrent project)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 11.15.0715.2023 - Realtek)
Sound Blaster AE-Series Driver (HKLM-x32\...\AESeries_is1) (Version: 1.0.01.06 - Creative Technology Ltd.)
Sound Blaster Command version 3.5.09.00 (HKLM-x32\...\Sound Blaster Command_is1) (Version: 3.5.09.00 - Creative Technology Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Super Mario 3D World... (HKLM-x32\...\Super Mario 3D World..._is1) (Version: - )
Super Mario Odyssey (HKLM-x32\...\Super Mario Odyssey_is1) (Version: - )
Tabulky (HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\2e7312ac49d10c4809f4d1e3339af2b0) (Version: 1.0 - Google\Chrome)
Tabulky (HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\f7d3f49d343a79477465f9e66642ad02) (Version: 1.0 - Google\Chrome)
The Plane Effect (HKLM-x32\...\The Plane Effect_is1) (Version: - )
Trine 5 (HKLM-x32\...\1804557033_is1) (Version: 1.0 - GOG.com)
WinRAR 6.24 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.24.0 - win.rar GmbH)
Wise Auto Shutdown (HKLM-x32\...\Wise Auto Shutdown_is1) (Version: 2.0.5 - Lespeed Technology Co., Ltd)
YouTube (HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\39233f2a843f220a7d6560eb9a247bff) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\dae31a7a25c6e052a60175d47ba40cbd) (Version: 1.0 - Google\Chrome)
Packages:
=========
Beautiful Norway -> C:\Program Files\WindowsApps\Microsoft.BeautifulNorway_1.0.0.0_neutral__8wekyb3d8bbwe [2023-09-01] (Microsoft Corporation)
Color Explosion -> C:\Program Files\WindowsApps\Microsoft.ColorExplosion_1.0.0.0_neutral__8wekyb3d8bbwe [2023-09-01] (Microsoft Corporation)
Community Showcase Natural Landscapes 2 -> C:\Program Files\WindowsApps\Microsoft.CommunityShowcaseNaturalLandscapes2_1.0.0.0_neutral__8wekyb3d8bbwe [2023-09-01] (Microsoft Corporation)
Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.700.323.0_x64__8wekyb3d8bbwe [2023-11-24] (Microsoft Corporation)
ESET Context Menu -> C:\Program Files\ESET\ESET Security [2023-12-06] (Sparse Package)
Forest for the Trees -> C:\Program Files\WindowsApps\Microsoft.ForestfortheTrees_1.0.0.0_neutral__8wekyb3d8bbwe [2023-09-01] (Microsoft Corporation)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.21.0_neutral__8xx8rvfyw5nnt [2023-12-05] (Instagram)
Islands in the Sun -> C:\Program Files\WindowsApps\Microsoft.IslandsintheSun_1.0.0.0_neutral__8wekyb3d8bbwe [2023-09-01] (Microsoft Corporation)
Lakeside Vistas -> C:\Program Files\WindowsApps\Microsoft.LakesideVistas_1.0.0.0_neutral__8wekyb3d8bbwe [2023-09-01] (Microsoft Corporation)
Lightning Strikes -> C:\Program Files\WindowsApps\Microsoft.LightningStrikes_1.0.0.0_neutral__8wekyb3d8bbwe [2023-09-01] (Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS -> C:\Windows\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2023-12-05] (Microsoft Corporation)
Mountain Dwellings -> C:\Program Files\WindowsApps\Microsoft.MountainDwellings_1.0.0.0_neutral__8wekyb3d8bbwe [2023-09-01] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-11-14] (NVIDIA Corp.)
Outlook for Windows -> C:\Program Files\WindowsApps\Microsoft.OutlookForWindows_1.2023.1101.300_x64__8wekyb3d8bbwe [2023-11-17] (Microsoft Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.18.11020.0_x64__8wekyb3d8bbwe [2023-11-10] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0 [2023-11-27] (Spotify AB) [Startup Task]
Swimming Holes -> C:\Program Files\WindowsApps\Microsoft.SwimmingHoles_1.0.0.0_neutral__8wekyb3d8bbwe [2023-09-01] (Microsoft Corporation)
The Northern Lights -> C:\Program Files\WindowsApps\Microsoft.TheNorthernLights_1.0.0.0_neutral__8wekyb3d8bbwe [2023-09-01] (Microsoft Corporation)
Waterfall Tour -> C:\Program Files\WindowsApps\Microsoft.WaterfallTour_1.1.0.0_neutral__8wekyb3d8bbwe [2023-09-01] (Microsoft Corporation)
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2023-12-05] (Microsoft Corporation)
WinRAR -> C:\Program Files\WinRAR [2023-11-23] (win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1398007894-2651273048-4200034700-1001_Classes\CLSID\{a0dc2696-5fe3-49f6-b3f8-8c3418978135}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll => No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => D:\Soft\AIMP\System\aimp_menu64.dll [2023-11-02] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-11-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-11-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => D:\Soft\AIMP\System\aimp_menu64.dll [2023-11-02] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_31dab972145ae5a9\nvshext.dll [2023-11-30] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-11-14] (ESET, spol. s r.o. -> ESET)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\danha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Disk Google.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\danha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Dokumenty.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\danha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Gmail.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\danha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Prezentace.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\danha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Tabulky.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\danha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\danha\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) =============
2023-08-24 18:09 - 2021-10-13 13:47 - 000147456 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2023-08-24 18:10 - 2021-10-22 10:10 - 000888320 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2023-08-24 18:10 - 2021-10-22 10:09 - 000999424 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2023-08-24 18:10 - 2021-10-22 10:11 - 000992768 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2023-08-24 18:10 - 2021-10-22 10:12 - 000956416 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2023-08-24 18:10 - 2021-10-13 13:56 - 001065472 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\FanInfofromProtocol.dll
2023-08-25 10:42 - 2017-04-17 03:43 - 003852800 _____ () [File not signed] C:\Program Files (x86)\Bloody7\Bloody7\Data\Mouse\Forms\Internet_Advertisement\Internet_Advertisement_DLL.dll
2023-08-24 18:09 - 2021-10-13 13:47 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsAcpi.dll
2023-08-24 18:09 - 2021-10-13 13:47 - 000676864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\asacpiEx.dll
2023-08-24 18:09 - 2021-10-13 13:47 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsMultiLang.dll
2023-08-24 18:10 - 2021-10-13 13:56 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\AsMultiLang.dll
2023-08-24 17:32 - 2020-08-24 06:52 - 000158208 _____ (Creative Lab Pte Ltd.) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\ClplLEDController.dll
2023-08-24 17:32 - 2020-03-05 04:08 - 000565248 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\CTAudEp.dll
2023-08-24 17:32 - 2020-07-21 07:49 - 002087424 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\CTCDC.dll
2023-08-24 17:32 - 2020-08-24 06:52 - 001830912 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\CTDrvLedMgr.dll
2023-08-24 17:32 - 2021-07-21 00:26 - 000124416 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\CTHID.dll
2023-08-24 17:32 - 2021-07-21 00:26 - 000587776 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\CTHIDRpA.dll
2023-08-24 17:32 - 2018-10-23 00:25 - 000098304 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\CTIntrfu.dll
2023-08-24 17:32 - 2018-08-16 02:33 - 001878528 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\MalLgcy.dll
2023-08-24 17:32 - 2022-05-05 05:27 - 000141312 _____ (Creative Technology Ltd.) [File not signed] [File is in use] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\Creative.Platform.PropStore.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [7580]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre-1.8\bin\ssv.dll [2023-10-04] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-1.8\bin\jp2ssv.dll [2023-10-04] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2022-05-07 06:24 - 2022-05-07 06:22 - 000000824 ____N C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\dotnet\;C:\Program Files\Intel\PresentMon\PresentMonApplication\
HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\danha\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.15.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_739984D67ED48D532AB489E0D9A494F2"
HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{E55C077B-32A6-479E-AE00-DEE53BB4AD83}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9286C627-D99A-4C02-90F7-EAD704E8616D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0F4A979D-AA18-40C1-BF74-3448A9043C4E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3573BA08-E1D8-42EC-9A94-6E8E36E070F4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{DCE3F06E-F517-4C12-A7A1-EC32E0F34526}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1C6D2A28-6B8E-4979-A63C-D8387E7B9F0A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{839A510B-F206-4B24-9C5E-D972C1782374}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve Corp. -> )
FirewallRules: [{25C22600-DF29-4137-B2FA-639DD24F31BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve Corp. -> )
FirewallRules: [{6C495A8F-5593-429E-A086-B4B9DC7E3562}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grip\Grip.exe (CAGED ELEMENT INC. -> )
FirewallRules: [{D1D24F8E-3ED8-49F4-8B49-F7BD7F417FDB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grip\Grip.exe (CAGED ELEMENT INC. -> )
FirewallRules: [{ABAEEA6A-78B3-4156-8A83-52268B729B3C}] => (Allow) C:\Program Files\GIGABYTE\Control Center\GCC.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{47774254-8F3B-4EDD-8328-CFF023D1BDA8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{158592B0-E3AF-4359-9C5A-F30E20BD5F64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{9068B8B0-0276-49CC-AF9E-0D880144655C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Escape Underground\game.exe (The NW.js Community) [File not signed]
FirewallRules: [{0E702091-F30C-4B51-92AF-9BDA05488C2F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Escape Underground\game.exe (The NW.js Community) [File not signed]
FirewallRules: [{A8DC6163-FBA9-42A5-808B-F259B13C53A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jet Kave Adventure\JetKaveAdventure.exe () [File not signed]
FirewallRules: [{27237613-69EC-4B26-87C0-CCACD0C76C53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jet Kave Adventure\JetKaveAdventure.exe () [File not signed]
FirewallRules: [{08B2AADE-6E99-4680-AAED-5C5047EEBB80}] => (Allow) C:\Program Files\GIGABYTE\Control Center\GCC.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{47B5C4A5-774F-4576-B936-CAFC056A6E13}] => (Allow) C:\Program Files\GIGABYTE\Control Center\GCC.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{DC49B7A0-E73C-45ED-8DBA-7D5FD3017739}] => (Allow) C:\Program Files\GIGABYTE\Control Center\GCC.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{4D2BA02D-61A3-4782-98FD-337BED29839A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Finals Playtest\Discovery.exe (Embark Studios AB -> )
FirewallRules: [{8DDCFADF-ACCF-42E3-AB0C-2612633655F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Finals Playtest\Discovery.exe (Embark Studios AB -> )
FirewallRules: [{8094CB3C-B72B-4154-A467-2AD92B587623}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Seen\MG3.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{B9BEDEB7-946C-4C49-846B-98B9F50FC389}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Seen\MG3.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{50CA4423-F5B7-4FE6-92A2-F0D6D47C52A5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{63150D7B-EC3B-4D57-B422-ABE816AC594C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4F8C683F-79DB-4AFB-9CB1-FF7FF3CEB715}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F705C299-5DEF-46E1-8CEF-B3427BDFA716}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8992B10E-8086-44E5-8712-D7BB42368BFD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{15204606-F27E-48CE-89F3-5D5FC69095CA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{133D313B-8839-4F42-A5F4-09BD5DBD748E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Northgard\Northgard.exe () [File not signed]
FirewallRules: [{2F991506-3849-4F97-A1BB-D07E4183E5A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Northgard\Northgard.exe () [File not signed]
FirewallRules: [{B85A8994-95D3-4DDC-9A7B-B3CD4F6823A4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E6B36661-00FF-4E75-AFAD-13E1530F0952}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DF1592BB-565F-4F9A-89E5-B25C4E24DE7F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A5DC0CB9-935C-4747-A852-338DD33A9D6D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8AAC6E30-8E71-456C-B3C0-E6C8C78AE084}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{01B386D9-AF1C-4E30-9874-D96FB0402131}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C04F003E-93C8-4DA6-A427-A3DD11F4B9E1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{34ED2787-CEBC-4B2B-8706-A96420D37A1C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{72CC9ACC-9505-429A-B839-310D635F5B98}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A18B2655-DCDB-44EE-9F9D-871A6C89DB93}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DB91A952-962E-413D-955D-195EECD36DEB}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{F483CEFF-9F87-4EF4-90E9-854E6A03F407}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{9ECDBC0A-5B2E-48DB-93A0-CF3818B85471}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{0C5EF517-A84A-42BD-BED5-D458A011AC53}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\119.0.2151.97\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AAB7A4BA-1DDE-4D82-8E8D-DBC22D43C453}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23306.3309.2530.1346_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EFB84A4D-3A87-44F4-BBB6-DE7A19B60CEB}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23306.3309.2530.1346_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
01-12-2023 09:26:50 ASUS STRIX SOUNDCARD SERIES AUDIO DEVICE
05-12-2023 06:00:55 Windows Update
==================== Faulty Device Manager Devices ============
Name: NVIDIA High Definition Audio
Description: NVIDIA High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: NVHDA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: NVIDIA Virtual Audio Device (Wave Extensible) (WDM)
Description: NVIDIA Virtual Audio Device (Wave Extensible) (WDM)
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: nvvad_WaveExtensible
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: MediaTek Bluetooth Adapter
Description: MediaTek Bluetooth Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Mediatek Inc.
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (12/07/2023 05:20:06 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: wmiprvse.exe, verze: 10.0.22621.1, časové razítko: 0x3b1bcc5b
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x80131623
Posun chyby: 0x00007ffb0f07200f
ID chybujícího procesu: 0x0x14d8
Čas spuštění chybující aplikace: 0x0x1da29293d0b89d1
Cesta k chybující aplikaci: C:\Windows\system32\wbem\wmiprvse.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: aa0fec1e-b1ea-4906-b944-a7a7377bbd71
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/07/2023 05:20:05 PM) (Source: .NET Runtime) (EventID: 1025) (User: )
Description: Application: wmiprvse.exe
Framework Version: v4.0.30319
Description: The application requested process termination through System.Environment.FailFast(string message).
Message: Byla vyvolána neočekávaná výjimka od poskytovatele:
System.IO.FileLoadException:
File name: 'Microsoft.AppV.AppvClientComConsumer, Version=10.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'
at Microsoft.AppV.AppvPublishingServerWMI.AppvPublishingServer.EnumeratePublishingServers()
Stack:
at System.Environment.FailFast(System.String)
at WmiNative.WbemProvider.WmiNative.IWbemServices.CreateInstanceEnumAsync(System.String, Int32, WmiNative.IWbemContext, WmiNative.IWbemObjectSink)
Error: (12/07/2023 05:20:05 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002
Error: (12/07/2023 05:20:05 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002
Error: (12/07/2023 05:20:05 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003
Error: (12/05/2023 06:28:12 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 7144, identifikátor PID ProfSvc: 2400.
Error: (12/05/2023 06:28:12 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 7144, identifikátor PID ProfSvc: 2400.
Error: (12/03/2023 10:24:59 AM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: wmiprvse.exe, verze: 10.0.22621.1, časové razítko: 0x3b1bcc5b
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x80131623
Posun chyby: 0x00007ffbfdb8200f
ID chybujícího procesu: 0x0x5fc
Čas spuštění chybující aplikace: 0x0x1da25ca95c1ce4d
Cesta k chybující aplikaci: C:\Windows\system32\wbem\wmiprvse.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 1389b18d-6e95-4d67-999e-cbb6de620a82
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (12/06/2023 06:06:37 AM) (Source: DCOM) (EventID: 10010) (User: CISLOCZ)
Description: Server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/05/2023 06:45:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (12/05/2023 06:45:00 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba NVIDIA LocalSystem Container byla ukončena s následující chybou:
Obecný spustitelný příkaz vrátil výsledek označující selhání.
Error: (12/05/2023 11:54:03 AM) (Source: DCOM) (EventID: 10010) (User: CISLOCZ)
Description: Server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/05/2023 11:48:24 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (11:07:38, 05.12.2023) bylo neočekávané.
Error: (12/05/2023 06:29:58 AM) (Source: DCOM) (EventID: 10010) (User: CISLOCZ)
Description: Server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/04/2023 06:55:29 PM) (Source: DCOM) (EventID: 10010) (User: CISLOCZ)
Description: Server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/04/2023 07:19:22 AM) (Source: DCOM) (EventID: 10010) (User: CISLOCZ)
Description: Server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
================
Date: 2023-10-19 14:37:42
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {DF9E58BB-633B-484E-A185-C48DD9653E06}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Úplné prohledávání
Uživatel: cislocz\danha
Date: 2023-10-19 14:28:12
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {61B9313B-8955-420F-8341-D31566127054}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]
Date: 2023-12-02 14:26:08
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.401.1546.0
Předchozí verze bezpečnostních informací: 1.399.1714.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.23100.2009
Předchozí verze modulu: 1.1.23090.2007
Kód chyby: 0x80004004
Popis chyby: Operace přerušena
Date: 2023-12-02 14:26:08
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.401.1546.0
Předchozí verze bezpečnostních informací: 1.399.1714.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.23100.2009
Předchozí verze modulu: 1.1.23090.2007
Kód chyby: 0x80004004
Popis chyby: Operace přerušena
Date: 2023-12-02 14:26:08
Description:
Program Antivirová ochrana v programu Microsoft Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.23100.2009
Předchozí verze modulu: 1.1.23090.2007
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80004004
Popis chyby: Operace přerušena
Date: 2023-12-02 14:26:07
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.399.1714.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23090.2007
Kód chyby: 0x80072efe
Popis chyby: Spojení se serverem bylo nenormálně ukončeno.
Date: 2023-12-02 14:26:07
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.399.1714.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23090.2007
Kód chyby: 0x80072efe
Popis chyby: Spojení se serverem bylo nenormálně ukončeno.
CodeIntegrity:
===============
Date: 2023-12-07 17:20:06
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 3202 06/15/2023
Motherboard: ASUSTeK COMPUTER INC. TUF GAMING B550-PLUS WIFI II
Processor: AMD Ryzen 5 5600 6-Core Processor
Percentage of memory in use: 26%
Total physical RAM: 32674.57 MB
Available physical RAM: 23978.01 MB
Total Virtual: 34722.57 MB
Available Virtual: 23142.96 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.74 GB) (Free:465.89 GB) (Model: Samsung SSD 980 PRO 1TB) NTFS
Drive d: () (Fixed) (Total:465.76 GB) (Free:234.57 GB) (Model: Samsung SSD 980 500GB) NTFS
Drive e: () (Fixed) (Total:223.57 GB) (Free:10.98 GB) (Model: CT240BX200SSD1) NTFS
\\?\Volume{941e9bc3-cdf8-4e1a-9214-2b79a7b015a5}\ () (Fixed) (Total:0.66 GB) (Free:0.08 GB) NTFS
\\?\Volume{19677de0-7412-4740-b8a9-65ad2d81ec92}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: 1E87112C)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 58F7D0A2)
Partition: GPT.
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: E2614BDC)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Ran by danha (07-12-2023 17:51:01)
Running from C:\Users\danha\Desktop\logtest program
Microsoft Windows 11 Pro Version 23H2 22631.2792 (X64) (2023-08-24 16:05:55)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1398007894-2651273048-4200034700-500 - Administrator - Disabled)
danha (S-1-5-21-1398007894-2651273048-4200034700-1001 - Administrator - Enabled) => C:\Users\danha
DefaultAccount (S-1-5-21-1398007894-2651273048-4200034700-503 - Limited - Disabled)
Guest (S-1-5-21-1398007894-2651273048-4200034700-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1398007894-2651273048-4200034700-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {26E0861C-6FB9-CEF9-E4F0-531986211ACE}
FW: ESET Firewall (Enabled) {1EDB0739-25D6-CFA1-CFAF-FA2C78F25DB5}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 23.01 (x64) (HKLM\...\7-Zip) (Version: 23.01 - Igor Pavlov)
AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 3.01.10 - ASUSTeK Computer Inc.)
Bloody7 (HKLM-x32\...\Bloody3) (Version: 22.11.0004 - Bloody)
Citra (HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\{59bc67d2-5a0e-4773-a1d3-88a177e2feed}) (Version: 1.0.0 - Citra Team)
CPUID HWMonitor 1.51 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.51 - CPUID, Inc.)
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.45 - Creative Technology Limited)
CrystalDiskInfo 9.1.1 (HKLM\...\CrystalDiskInfo_is1) (Version: 9.1.1 - Crystal Dew World)
CrystalDiskMark 8.0.4c (HKLM\...\CrystalDiskMark8_is1) (Version: 8.0.4c - Crystal Dew World)
Discord (HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\Discord) (Version: 1.0.9016 - Discord Inc.)
Disk Google (HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\711b8361c4ce9458dab581e2398472e9) (Version: 1.0 - Google\Chrome)
Disk Google (HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\bed8d1fc9166cc4cb35857a695bfd097) (Version: 1.0 - Google\Chrome)
Dokumenty (HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\90bbfe368d207ae70caa9c20fb49b5c5) (Version: 1.0 - Google\Chrome)
Dokumenty (HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\ca8d4a748936be8450cd3b23ef6f4e0a) (Version: 1.0 - Google\Chrome)
Dolby Digital Live Pack version 4.02.00 (HKLM-x32\...\DDLMaster_is1) (Version: 4.02.00 - Creative Technology Ltd.)
DTS Connect Pack version 2.02.00 (HKLM-x32\...\DTSMaster_is1) (Version: 2.02.00 - Creative Technology Ltd.)
Epic Games Launcher (HKLM-x32\...\{AEB35C6C-B6D4-4AA0-8452-DE699737B5F6}) (Version: 1.3.82.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{35905844-0610-427D-86A0-2103FABE3D4D}) (Version: 2.0.42.0 - Epic Games, Inc.)
ESET Security (HKLM\...\{B5798854-224A-40DB-A3B7-BECF8F838238}) (Version: 17.0.15.0 - ESET, spol. s r.o.)
GBT_MB_Update (HKLM\...\GBT_MB_Update) (Version: 23.09.15.01 - GIGABYTE)
GBT_RGB_Sync_Control 23.09.19.01 (HKLM\...\GBT_RGB_Sync_Control) (Version: 23.09.19.01 - GIGABYTE)
GBT_VGA 23.09.27.01 (HKLM\...\GBT_VGA) (Version: 23.09.27.01 - GIGABYTE)
GIGABYTE Control Center 23.09.28.01 (HKLM\...\GIGABYTE Control Center) (Version: 23.09.28.01 - GIGABYTE)
Gmail (HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\f7d0c75cca42459715f1992f955aacc4) (Version: 1.0 - Google\Chrome)
Gmail (HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\fa37f3236b1c042168241eae63529e36) (Version: 1.0 - Google\Chrome)
GMenu (HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\4ac46a8d-c0d4-56ee-87f3-9abd4ce22e7f) (Version: 3.5.14 - AOC)
Google Chrome (HKLM\...\{AF6B5562-CA1D-3412-BCA6-BA5CD1E73EAF}) (Version: 119.0.6045.200 - Google LLC)
Hand2Note4 (HKLM\...\{7ABEFDCB-DDF1-4B2A-BA90-6C3C84B44CCE}) (Version: 4.0.0.127 - Hand2Note)
Host OpenAL (HKLM-x32\...\Host OpenAL) (Version: 2.03 - Creative Technology Limited)
HWiNFO64 Version 7.60 (HKLM\...\HWiNFO64_is1) (Version: 7.60 - Martin Malik, REALiX s.r.o.)
Intel(R) PresentMon (HKLM\...\{0ED66D61-2064-4338-B5DE-3BBFC32E40AD}) (Version: 0.6.0.0 - Intel(R) Corporation)
Java 8 Update 391 (64-bit) (HKLM\...\{71324AE4-039E-4CA4-87B4-2F64180391F0}) (Version: 8.0.3910.13 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft .NET Host - 7.0.5 (x64) (HKLM\...\{CE8DF750-A582-4D59-A610-478A752481B1}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET Host - 7.0.5 (x86) (HKLM-x32\...\{2F933E6C-13D1-4886-99EB-05ED0C42885B}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 7.0.5 (x64) (HKLM\...\{B6F2958F-0F6F-4CCD-867F-80EC5C333B79}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 7.0.5 (x86) (HKLM-x32\...\{E3B06B8A-7FA4-4421-8A96-8503B2669F50}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 7.0.5 (x64) (HKLM\...\{793FCD19-00AC-4804-B569-782DF3B24A39}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 7.0.5 (x86) (HKLM-x32\...\{23D1DA1E-5CBC-4990-BB53-5974E8D0AB3A}) (Version: 56.23.58437 - Microsoft Corporation) Hidden
Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.17029.20068 - Microsoft Corporation)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.17029.20068 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\{C0100F28-7066-3085-A999-1B6A227E4AC5}) (Version: 119.0.2151.97 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 119.0.2151.97 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\OneDriveSetup.exe) (Version: 23.226.1031.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.5 (x64) (HKLM\...\{109506AF-BF9E-43E1-87F3-3141B9C3F6BA}) (Version: 56.23.58485 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.5 (x64) (HKLM-x32\...\{c7984cd8-d837-4988-a30d-8da7822bc716}) (Version: 7.0.5.32327 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 7.0.5 (x86) (HKLM-x32\...\{10B89C4E-2660-4746-AD74-18C3BD27D929}) (Version: 56.23.58485 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.5 (x86) (HKLM-x32\...\{25d3cc26-2a8e-4175-be20-a3a0c7b08676}) (Version: 7.0.5.32327 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 120.0.1 (x64 cs)) (Version: 120.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 119.0.1 - Mozilla)
Mozilla Thunderbird (x64 cs) (HKLM\...\Mozilla Thunderbird 115.5.1 (x64 cs)) (Version: 115.5.1 - Mozilla)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 546.29 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 546.29 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17029.20000 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17029.20068 - Microsoft Corporation) Hidden
PokerStars.cz (HKLM-x32\...\PokerStars.cz) (Version: - PokerStars.cz)
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 231109 - Kakao Corp.)
Prezentace (HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\15de277c8466e3e946d34723ef88da60) (Version: 1.0 - Google\Chrome)
Prezentace (HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\2cb47850f6af3054f8680cc9dfceb268) (Version: 1.0 - Google\Chrome)
qBittorrent (HKLM-x32\...\qBittorrent) (Version: 4.6.2 - The qBittorrent project)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 11.15.0715.2023 - Realtek)
Sound Blaster AE-Series Driver (HKLM-x32\...\AESeries_is1) (Version: 1.0.01.06 - Creative Technology Ltd.)
Sound Blaster Command version 3.5.09.00 (HKLM-x32\...\Sound Blaster Command_is1) (Version: 3.5.09.00 - Creative Technology Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Super Mario 3D World... (HKLM-x32\...\Super Mario 3D World..._is1) (Version: - )
Super Mario Odyssey (HKLM-x32\...\Super Mario Odyssey_is1) (Version: - )
Tabulky (HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\2e7312ac49d10c4809f4d1e3339af2b0) (Version: 1.0 - Google\Chrome)
Tabulky (HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\f7d3f49d343a79477465f9e66642ad02) (Version: 1.0 - Google\Chrome)
The Plane Effect (HKLM-x32\...\The Plane Effect_is1) (Version: - )
Trine 5 (HKLM-x32\...\1804557033_is1) (Version: 1.0 - GOG.com)
WinRAR 6.24 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.24.0 - win.rar GmbH)
Wise Auto Shutdown (HKLM-x32\...\Wise Auto Shutdown_is1) (Version: 2.0.5 - Lespeed Technology Co., Ltd)
YouTube (HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\39233f2a843f220a7d6560eb9a247bff) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\dae31a7a25c6e052a60175d47ba40cbd) (Version: 1.0 - Google\Chrome)
Packages:
=========
Beautiful Norway -> C:\Program Files\WindowsApps\Microsoft.BeautifulNorway_1.0.0.0_neutral__8wekyb3d8bbwe [2023-09-01] (Microsoft Corporation)
Color Explosion -> C:\Program Files\WindowsApps\Microsoft.ColorExplosion_1.0.0.0_neutral__8wekyb3d8bbwe [2023-09-01] (Microsoft Corporation)
Community Showcase Natural Landscapes 2 -> C:\Program Files\WindowsApps\Microsoft.CommunityShowcaseNaturalLandscapes2_1.0.0.0_neutral__8wekyb3d8bbwe [2023-09-01] (Microsoft Corporation)
Dev Home -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.700.323.0_x64__8wekyb3d8bbwe [2023-11-24] (Microsoft Corporation)
ESET Context Menu -> C:\Program Files\ESET\ESET Security [2023-12-06] (Sparse Package)
Forest for the Trees -> C:\Program Files\WindowsApps\Microsoft.ForestfortheTrees_1.0.0.0_neutral__8wekyb3d8bbwe [2023-09-01] (Microsoft Corporation)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.21.0_neutral__8xx8rvfyw5nnt [2023-12-05] (Instagram)
Islands in the Sun -> C:\Program Files\WindowsApps\Microsoft.IslandsintheSun_1.0.0.0_neutral__8wekyb3d8bbwe [2023-09-01] (Microsoft Corporation)
Lakeside Vistas -> C:\Program Files\WindowsApps\Microsoft.LakesideVistas_1.0.0.0_neutral__8wekyb3d8bbwe [2023-09-01] (Microsoft Corporation)
Lightning Strikes -> C:\Program Files\WindowsApps\Microsoft.LightningStrikes_1.0.0.0_neutral__8wekyb3d8bbwe [2023-09-01] (Microsoft Corporation)
Microsoft.WindowsAppRuntime.CBS -> C:\Windows\SystemApps\Microsoft.WindowsAppRuntime.CBS_8wekyb3d8bbwe [2023-12-05] (Microsoft Corporation)
Mountain Dwellings -> C:\Program Files\WindowsApps\Microsoft.MountainDwellings_1.0.0.0_neutral__8wekyb3d8bbwe [2023-09-01] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-11-14] (NVIDIA Corp.)
Outlook for Windows -> C:\Program Files\WindowsApps\Microsoft.OutlookForWindows_1.2023.1101.300_x64__8wekyb3d8bbwe [2023-11-17] (Microsoft Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.18.11020.0_x64__8wekyb3d8bbwe [2023-11-10] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0 [2023-11-27] (Spotify AB) [Startup Task]
Swimming Holes -> C:\Program Files\WindowsApps\Microsoft.SwimmingHoles_1.0.0.0_neutral__8wekyb3d8bbwe [2023-09-01] (Microsoft Corporation)
The Northern Lights -> C:\Program Files\WindowsApps\Microsoft.TheNorthernLights_1.0.0.0_neutral__8wekyb3d8bbwe [2023-09-01] (Microsoft Corporation)
Waterfall Tour -> C:\Program Files\WindowsApps\Microsoft.WaterfallTour_1.1.0.0_neutral__8wekyb3d8bbwe [2023-09-01] (Microsoft Corporation)
Windows Feature Experience Pack -> C:\Windows\SystemApps\MicrosoftWindows.Client.FileExp_cw5n1h2txyewy [2023-12-05] (Microsoft Corporation)
WinRAR -> C:\Program Files\WinRAR [2023-11-23] (win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1398007894-2651273048-4200034700-1001_Classes\CLSID\{a0dc2696-5fe3-49f6-b3f8-8c3418978135}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll => No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => D:\Soft\AIMP\System\aimp_menu64.dll [2023-11-02] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-11-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-11-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => D:\Soft\AIMP\System\aimp_menu64.dll [2023-11-02] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_31dab972145ae5a9\nvshext.dll [2023-11-30] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-06-20] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-11-14] (ESET, spol. s r.o. -> ESET)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\danha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Disk Google.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\danha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Dokumenty.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\danha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Gmail.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\danha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Prezentace.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\danha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Tabulky.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\danha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\danha\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) =============
2023-08-24 18:09 - 2021-10-13 13:47 - 000147456 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2023-08-24 18:10 - 2021-10-22 10:10 - 000888320 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2023-08-24 18:10 - 2021-10-22 10:09 - 000999424 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2023-08-24 18:10 - 2021-10-22 10:11 - 000992768 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2023-08-24 18:10 - 2021-10-22 10:12 - 000956416 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2023-08-24 18:10 - 2021-10-13 13:56 - 001065472 _____ () [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\FanInfofromProtocol.dll
2023-08-25 10:42 - 2017-04-17 03:43 - 003852800 _____ () [File not signed] C:\Program Files (x86)\Bloody7\Bloody7\Data\Mouse\Forms\Internet_Advertisement\Internet_Advertisement_DLL.dll
2023-08-24 18:09 - 2021-10-13 13:47 - 000108544 _____ (ASUS) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsAcpi.dll
2023-08-24 18:09 - 2021-10-13 13:47 - 000676864 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\asacpiEx.dll
2023-08-24 18:09 - 2021-10-13 13:47 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\AsMultiLang.dll
2023-08-24 18:10 - 2021-10-13 13:56 - 000221184 _____ (ASUSTeK Computer Inc.) [File not signed] C:\Program Files (x86)\ASUS\AI Suite III\DIP4\AsMultiLang.dll
2023-08-24 17:32 - 2020-08-24 06:52 - 000158208 _____ (Creative Lab Pte Ltd.) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\ClplLEDController.dll
2023-08-24 17:32 - 2020-03-05 04:08 - 000565248 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\CTAudEp.dll
2023-08-24 17:32 - 2020-07-21 07:49 - 002087424 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\CTCDC.dll
2023-08-24 17:32 - 2020-08-24 06:52 - 001830912 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\CTDrvLedMgr.dll
2023-08-24 17:32 - 2021-07-21 00:26 - 000124416 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\CTHID.dll
2023-08-24 17:32 - 2021-07-21 00:26 - 000587776 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\CTHIDRpA.dll
2023-08-24 17:32 - 2018-10-23 00:25 - 000098304 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\CTIntrfu.dll
2023-08-24 17:32 - 2018-08-16 02:33 - 001878528 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\MalLgcy.dll
2023-08-24 17:32 - 2022-05-05 05:27 - 000141312 _____ (Creative Technology Ltd.) [File not signed] [File is in use] C:\Program Files (x86)\Creative\Sound Blaster Command\Platform\Creative.Platform.PropStore.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [7580]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre-1.8\bin\ssv.dll [2023-10-04] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-1.8\bin\jp2ssv.dll [2023-10-04] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2022-05-07 06:24 - 2022-05-07 06:22 - 000000824 ____N C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\dotnet\;C:\Program Files\Intel\PresentMon\PresentMonApplication\
HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\danha\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.15.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_739984D67ED48D532AB489E0D9A494F2"
HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{E55C077B-32A6-479E-AE00-DEE53BB4AD83}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9286C627-D99A-4C02-90F7-EAD704E8616D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0F4A979D-AA18-40C1-BF74-3448A9043C4E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3573BA08-E1D8-42EC-9A94-6E8E36E070F4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{DCE3F06E-F517-4C12-A7A1-EC32E0F34526}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1C6D2A28-6B8E-4979-A63C-D8387E7B9F0A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{839A510B-F206-4B24-9C5E-D972C1782374}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve Corp. -> )
FirewallRules: [{25C22600-DF29-4137-B2FA-639DD24F31BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve Corp. -> )
FirewallRules: [{6C495A8F-5593-429E-A086-B4B9DC7E3562}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grip\Grip.exe (CAGED ELEMENT INC. -> )
FirewallRules: [{D1D24F8E-3ED8-49F4-8B49-F7BD7F417FDB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grip\Grip.exe (CAGED ELEMENT INC. -> )
FirewallRules: [{ABAEEA6A-78B3-4156-8A83-52268B729B3C}] => (Allow) C:\Program Files\GIGABYTE\Control Center\GCC.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{47774254-8F3B-4EDD-8328-CFF023D1BDA8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{158592B0-E3AF-4359-9C5A-F30E20BD5F64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{9068B8B0-0276-49CC-AF9E-0D880144655C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Escape Underground\game.exe (The NW.js Community) [File not signed]
FirewallRules: [{0E702091-F30C-4B51-92AF-9BDA05488C2F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Escape Underground\game.exe (The NW.js Community) [File not signed]
FirewallRules: [{A8DC6163-FBA9-42A5-808B-F259B13C53A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jet Kave Adventure\JetKaveAdventure.exe () [File not signed]
FirewallRules: [{27237613-69EC-4B26-87C0-CCACD0C76C53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jet Kave Adventure\JetKaveAdventure.exe () [File not signed]
FirewallRules: [{08B2AADE-6E99-4680-AAED-5C5047EEBB80}] => (Allow) C:\Program Files\GIGABYTE\Control Center\GCC.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{47B5C4A5-774F-4576-B936-CAFC056A6E13}] => (Allow) C:\Program Files\GIGABYTE\Control Center\GCC.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{DC49B7A0-E73C-45ED-8DBA-7D5FD3017739}] => (Allow) C:\Program Files\GIGABYTE\Control Center\GCC.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{4D2BA02D-61A3-4782-98FD-337BED29839A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Finals Playtest\Discovery.exe (Embark Studios AB -> )
FirewallRules: [{8DDCFADF-ACCF-42E3-AB0C-2612633655F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Finals Playtest\Discovery.exe (Embark Studios AB -> )
FirewallRules: [{8094CB3C-B72B-4154-A467-2AD92B587623}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Seen\MG3.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{B9BEDEB7-946C-4C49-846B-98B9F50FC389}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Seen\MG3.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{50CA4423-F5B7-4FE6-92A2-F0D6D47C52A5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{63150D7B-EC3B-4D57-B422-ABE816AC594C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4F8C683F-79DB-4AFB-9CB1-FF7FF3CEB715}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F705C299-5DEF-46E1-8CEF-B3427BDFA716}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8992B10E-8086-44E5-8712-D7BB42368BFD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{15204606-F27E-48CE-89F3-5D5FC69095CA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{133D313B-8839-4F42-A5F4-09BD5DBD748E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Northgard\Northgard.exe () [File not signed]
FirewallRules: [{2F991506-3849-4F97-A1BB-D07E4183E5A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Northgard\Northgard.exe () [File not signed]
FirewallRules: [{B85A8994-95D3-4DDC-9A7B-B3CD4F6823A4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E6B36661-00FF-4E75-AFAD-13E1530F0952}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DF1592BB-565F-4F9A-89E5-B25C4E24DE7F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A5DC0CB9-935C-4747-A852-338DD33A9D6D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8AAC6E30-8E71-456C-B3C0-E6C8C78AE084}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{01B386D9-AF1C-4E30-9874-D96FB0402131}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C04F003E-93C8-4DA6-A427-A3DD11F4B9E1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{34ED2787-CEBC-4B2B-8706-A96420D37A1C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{72CC9ACC-9505-429A-B839-310D635F5B98}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A18B2655-DCDB-44EE-9F9D-871A6C89DB93}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.225.1011.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DB91A952-962E-413D-955D-195EECD36DEB}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{F483CEFF-9F87-4EF4-90E9-854E6A03F407}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{9ECDBC0A-5B2E-48DB-93A0-CF3818B85471}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{0C5EF517-A84A-42BD-BED5-D458A011AC53}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\119.0.2151.97\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AAB7A4BA-1DDE-4D82-8E8D-DBC22D43C453}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23306.3309.2530.1346_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EFB84A4D-3A87-44F4-BBB6-DE7A19B60CEB}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23306.3309.2530.1346_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
01-12-2023 09:26:50 ASUS STRIX SOUNDCARD SERIES AUDIO DEVICE
05-12-2023 06:00:55 Windows Update
==================== Faulty Device Manager Devices ============
Name: NVIDIA High Definition Audio
Description: NVIDIA High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: NVHDA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: NVIDIA Virtual Audio Device (Wave Extensible) (WDM)
Description: NVIDIA Virtual Audio Device (Wave Extensible) (WDM)
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: nvvad_WaveExtensible
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: MediaTek Bluetooth Adapter
Description: MediaTek Bluetooth Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Mediatek Inc.
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (12/07/2023 05:20:06 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: wmiprvse.exe, verze: 10.0.22621.1, časové razítko: 0x3b1bcc5b
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x80131623
Posun chyby: 0x00007ffb0f07200f
ID chybujícího procesu: 0x0x14d8
Čas spuštění chybující aplikace: 0x0x1da29293d0b89d1
Cesta k chybující aplikaci: C:\Windows\system32\wbem\wmiprvse.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: aa0fec1e-b1ea-4906-b944-a7a7377bbd71
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/07/2023 05:20:05 PM) (Source: .NET Runtime) (EventID: 1025) (User: )
Description: Application: wmiprvse.exe
Framework Version: v4.0.30319
Description: The application requested process termination through System.Environment.FailFast(string message).
Message: Byla vyvolána neočekávaná výjimka od poskytovatele:
System.IO.FileLoadException:
File name: 'Microsoft.AppV.AppvClientComConsumer, Version=10.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'
at Microsoft.AppV.AppvPublishingServerWMI.AppvPublishingServer.EnumeratePublishingServers()
Stack:
at System.Environment.FailFast(System.String)
at WmiNative.WbemProvider.WmiNative.IWbemServices.CreateInstanceEnumAsync(System.String, Int32, WmiNative.IWbemContext, WmiNative.IWbemObjectSink)
Error: (12/07/2023 05:20:05 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002
Error: (12/07/2023 05:20:05 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002
Error: (12/07/2023 05:20:05 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003
Error: (12/05/2023 06:28:12 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 7144, identifikátor PID ProfSvc: 2400.
Error: (12/05/2023 06:28:12 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 7144, identifikátor PID ProfSvc: 2400.
Error: (12/03/2023 10:24:59 AM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: wmiprvse.exe, verze: 10.0.22621.1, časové razítko: 0x3b1bcc5b
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x80131623
Posun chyby: 0x00007ffbfdb8200f
ID chybujícího procesu: 0x0x5fc
Čas spuštění chybující aplikace: 0x0x1da25ca95c1ce4d
Cesta k chybující aplikaci: C:\Windows\system32\wbem\wmiprvse.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 1389b18d-6e95-4d67-999e-cbb6de620a82
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (12/06/2023 06:06:37 AM) (Source: DCOM) (EventID: 10010) (User: CISLOCZ)
Description: Server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/05/2023 06:45:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (12/05/2023 06:45:00 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba NVIDIA LocalSystem Container byla ukončena s následující chybou:
Obecný spustitelný příkaz vrátil výsledek označující selhání.
Error: (12/05/2023 11:54:03 AM) (Source: DCOM) (EventID: 10010) (User: CISLOCZ)
Description: Server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/05/2023 11:48:24 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (11:07:38, 05.12.2023) bylo neočekávané.
Error: (12/05/2023 06:29:58 AM) (Source: DCOM) (EventID: 10010) (User: CISLOCZ)
Description: Server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/04/2023 06:55:29 PM) (Source: DCOM) (EventID: 10010) (User: CISLOCZ)
Description: Server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/04/2023 07:19:22 AM) (Source: DCOM) (EventID: 10010) (User: CISLOCZ)
Description: Server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
================
Date: 2023-10-19 14:37:42
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {DF9E58BB-633B-484E-A185-C48DD9653E06}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Úplné prohledávání
Uživatel: cislocz\danha
Date: 2023-10-19 14:28:12
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {61B9313B-8955-420F-8341-D31566127054}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]
Date: 2023-12-02 14:26:08
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.401.1546.0
Předchozí verze bezpečnostních informací: 1.399.1714.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.23100.2009
Předchozí verze modulu: 1.1.23090.2007
Kód chyby: 0x80004004
Popis chyby: Operace přerušena
Date: 2023-12-02 14:26:08
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.401.1546.0
Předchozí verze bezpečnostních informací: 1.399.1714.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.23100.2009
Předchozí verze modulu: 1.1.23090.2007
Kód chyby: 0x80004004
Popis chyby: Operace přerušena
Date: 2023-12-02 14:26:08
Description:
Program Antivirová ochrana v programu Microsoft Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.23100.2009
Předchozí verze modulu: 1.1.23090.2007
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80004004
Popis chyby: Operace přerušena
Date: 2023-12-02 14:26:07
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.399.1714.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23090.2007
Kód chyby: 0x80072efe
Popis chyby: Spojení se serverem bylo nenormálně ukončeno.
Date: 2023-12-02 14:26:07
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.399.1714.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23090.2007
Kód chyby: 0x80072efe
Popis chyby: Spojení se serverem bylo nenormálně ukončeno.
CodeIntegrity:
===============
Date: 2023-12-07 17:20:06
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 3202 06/15/2023
Motherboard: ASUSTeK COMPUTER INC. TUF GAMING B550-PLUS WIFI II
Processor: AMD Ryzen 5 5600 6-Core Processor
Percentage of memory in use: 26%
Total physical RAM: 32674.57 MB
Available physical RAM: 23978.01 MB
Total Virtual: 34722.57 MB
Available Virtual: 23142.96 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.74 GB) (Free:465.89 GB) (Model: Samsung SSD 980 PRO 1TB) NTFS
Drive d: () (Fixed) (Total:465.76 GB) (Free:234.57 GB) (Model: Samsung SSD 980 500GB) NTFS
Drive e: () (Fixed) (Total:223.57 GB) (Free:10.98 GB) (Model: CT240BX200SSD1) NTFS
\\?\Volume{941e9bc3-cdf8-4e1a-9214-2b79a7b015a5}\ () (Fixed) (Total:0.66 GB) (Free:0.08 GB) NTFS
\\?\Volume{19677de0-7412-4740-b8a9-65ad2d81ec92}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: 1E87112C)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 58F7D0A2)
Partition: GPT.
==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: E2614BDC)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 118322
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: kontrola logu prosim obcas se zasekava pc
Jj., OK. Otevřte poznámkový blok a zkopírujte do něj:
Uložte C:\Users\danha\Desktop\logtest program jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:¨
CustomCLSID: HKU\S-1-5-21-1398007894-2651273048-4200034700-1001_Classes\CLSID\{a0dc2696-5fe3-49f6-b3f8-8c3418978135}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll => No File
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [7580]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
FirewallRules: [{47774254-8F3B-4EDD-8328-CFF023D1BDA8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{158592B0-E3AF-4359-9C5A-F30E20BD5F64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\MountPoints2: {9922213d-8a37-11ee-a06c-f8d6f4591554} - "F:\setup.exe"
Task: {D0558203-06BA-42C1-8E7B-D8566AF1713D} - System32\Tasks\GoogleUpdateTaskMachineCore{F0E87F3C-5E8F-496C-9262-B32CF193462E} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-08-24] (Google LLC -> Google LLC)
Task: {58438B8C-E72B-441E-8E00-C7DFA19A5377} - System32\Tasks\GoogleUpdateTaskMachineUA{3006C261-15EA-498F-97CA-C4886A2E3A2B} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-08-24] (Google LLC -> Google LLC)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {35D0A71C-09B7-4961-ABA9-CEC21840A18E} - System32\Tasks\nhAsusStrixSvc32Run => "C:\Program Files\ASUSTeKcomputer.Inc\nhAsusStrix\UserInterface\nhAsusStrixSvc32.exe" $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7) (No File)
Task: {948182B9-C6B8-4DB2-9FB1-F915FF8E6223} - System32\Tasks\nhAsusStrixSvc64Run => "C:\Program Files\ASUSTeKcomputer.Inc\nhAsusStrix\UserInterface\x64\nhAsusStrixSvc64.exe" $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7) (No File)
Task: {9B58774F-EE08-4914-B387-22ADABE37878} - System32\Tasks\nhAsusStrixUILauncherRun => "C:\Program Files\ASUSTeKcomputer.Inc\nhAsusStrix\UserInterface\nhAsusStrixUILauncher.exe" $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7) (No File)
S3 cpuz152; \??\C:\Windows\temp\cpuz152\cpuz152_x64.sys [X]
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{3006C261-15EA-498F-97CA-C4886A2E3A2B}
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{F0E87F3C-5E8F-496C-9262-B32CF193462E}
C:\DumpStack.log.tmp
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [748624 2023-10-04] (Oracle America, Inc. -> Oracle Corporation)
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: kontrola logu prosim obcas se zasekava pc
Fix result of Farbar Recovery Scan Tool (x64) Version: 07-12-2023
Ran by danha (07-12-2023 21:28:54) Run:1
Running from C:\Users\danha\Desktop\logtest program
Loaded Profiles: danha
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:¨
CustomCLSID: HKU\S-1-5-21-1398007894-2651273048-4200034700-1001_Classes\CLSID\{a0dc2696-5fe3-49f6-b3f8-8c3418978135}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll => No File
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [7580]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
FirewallRules: [{47774254-8F3B-4EDD-8328-CFF023D1BDA8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{158592B0-E3AF-4359-9C5A-F30E20BD5F64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\MountPoints2: {9922213d-8a37-11ee-a06c-f8d6f4591554} - "F:\setup.exe"
Task: {D0558203-06BA-42C1-8E7B-D8566AF1713D} - System32\Tasks\GoogleUpdateTaskMachineCore{F0E87F3C-5E8F-496C-9262-B32CF193462E} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-08-24] (Google LLC -> Google LLC)
Task: {58438B8C-E72B-441E-8E00-C7DFA19A5377} - System32\Tasks\GoogleUpdateTaskMachineUA{3006C261-15EA-498F-97CA-C4886A2E3A2B} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-08-24] (Google LLC -> Google LLC)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {35D0A71C-09B7-4961-ABA9-CEC21840A18E} - System32\Tasks\nhAsusStrixSvc32Run => "C:\Program Files\ASUSTeKcomputer.Inc\nhAsusStrix\UserInterface\nhAsusStrixSvc32.exe" $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7) (No File)
Task: {948182B9-C6B8-4DB2-9FB1-F915FF8E6223} - System32\Tasks\nhAsusStrixSvc64Run => "C:\Program Files\ASUSTeKcomputer.Inc\nhAsusStrix\UserInterface\x64\nhAsusStrixSvc64.exe" $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7) (No File)
Task: {9B58774F-EE08-4914-B387-22ADABE37878} - System32\Tasks\nhAsusStrixUILauncherRun => "C:\Program Files\ASUSTeKcomputer.Inc\nhAsusStrix\UserInterface\nhAsusStrixUILauncher.exe" $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7) (No File)
S3 cpuz152; \??\C:\Windows\temp\cpuz152\cpuz152_x64.sys [X]
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{3006C261-15EA-498F-97CA-C4886A2E3A2B}
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{F0E87F3C-5E8F-496C-9262-B32CF193462E}
C:\DumpStack.log.tmp
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [748624 2023-10-04] (Oracle America, Inc. -> Oracle Corporation)
EmptyTemp:
End
*****************
Processes closed successfully.
HKU\S-1-5-21-1398007894-2651273048-4200034700-1001_Classes\CLSID\{a0dc2696-5fe3-49f6-b3f8-8c3418978135} => removed successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{47774254-8F3B-4EDD-8328-CFF023D1BDA8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{158592B0-E3AF-4359-9C5A-F30E20BD5F64}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9922213d-8a37-11ee-a06c-f8d6f4591554} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D0558203-06BA-42C1-8E7B-D8566AF1713D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0558203-06BA-42C1-8E7B-D8566AF1713D}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore{F0E87F3C-5E8F-496C-9262-B32CF193462E} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{F0E87F3C-5E8F-496C-9262-B32CF193462E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{58438B8C-E72B-441E-8E00-C7DFA19A5377}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{58438B8C-E72B-441E-8E00-C7DFA19A5377}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA{3006C261-15EA-498F-97CA-C4886A2E3A2B} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{3006C261-15EA-498F-97CA-C4886A2E3A2B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{35D0A71C-09B7-4961-ABA9-CEC21840A18E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{35D0A71C-09B7-4961-ABA9-CEC21840A18E}" => removed successfully
C:\Windows\System32\Tasks\nhAsusStrixSvc32Run => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\nhAsusStrixSvc32Run" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{948182B9-C6B8-4DB2-9FB1-F915FF8E6223}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{948182B9-C6B8-4DB2-9FB1-F915FF8E6223}" => removed successfully
C:\Windows\System32\Tasks\nhAsusStrixSvc64Run => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\nhAsusStrixSvc64Run" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9B58774F-EE08-4914-B387-22ADABE37878}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9B58774F-EE08-4914-B387-22ADABE37878}" => removed successfully
C:\Windows\System32\Tasks\nhAsusStrixUILauncherRun => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\nhAsusStrixUILauncherRun" => removed successfully
HKLM\System\CurrentControlSet\Services\cpuz152 => removed successfully
cpuz152 => service removed successfully
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{3006C261-15EA-498F-97CA-C4886A2E3A2B}" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{F0E87F3C-5E8F-496C-9262-B32CF193462E}" => not found
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 24307970 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 755831278 B
Windows/system/drivers => 45769747 B
Edge => 0 B
Chrome => 1268466580 B
Firefox => 1103511707 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 332294 B
NetworkService => 386940 B
danha => 122274750 B
RecycleBin => 0 B
EmptyTemp: => 3.1 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 07-12-2023 21:30:10)
C:\DumpStack.log.tmp => Could not move
==== End of Fixlog 21:30:10 ====
Ran by danha (07-12-2023 21:28:54) Run:1
Running from C:\Users\danha\Desktop\logtest program
Loaded Profiles: danha
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:¨
CustomCLSID: HKU\S-1-5-21-1398007894-2651273048-4200034700-1001_Classes\CLSID\{a0dc2696-5fe3-49f6-b3f8-8c3418978135}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll => No File
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [7580]
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
FirewallRules: [{47774254-8F3B-4EDD-8328-CFF023D1BDA8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{158592B0-E3AF-4359-9C5A-F30E20BD5F64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\...\MountPoints2: {9922213d-8a37-11ee-a06c-f8d6f4591554} - "F:\setup.exe"
Task: {D0558203-06BA-42C1-8E7B-D8566AF1713D} - System32\Tasks\GoogleUpdateTaskMachineCore{F0E87F3C-5E8F-496C-9262-B32CF193462E} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-08-24] (Google LLC -> Google LLC)
Task: {58438B8C-E72B-441E-8E00-C7DFA19A5377} - System32\Tasks\GoogleUpdateTaskMachineUA{3006C261-15EA-498F-97CA-C4886A2E3A2B} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-08-24] (Google LLC -> Google LLC)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {35D0A71C-09B7-4961-ABA9-CEC21840A18E} - System32\Tasks\nhAsusStrixSvc32Run => "C:\Program Files\ASUSTeKcomputer.Inc\nhAsusStrix\UserInterface\nhAsusStrixSvc32.exe" $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7) (No File)
Task: {948182B9-C6B8-4DB2-9FB1-F915FF8E6223} - System32\Tasks\nhAsusStrixSvc64Run => "C:\Program Files\ASUSTeKcomputer.Inc\nhAsusStrix\UserInterface\x64\nhAsusStrixSvc64.exe" $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7) (No File)
Task: {9B58774F-EE08-4914-B387-22ADABE37878} - System32\Tasks\nhAsusStrixUILauncherRun => "C:\Program Files\ASUSTeKcomputer.Inc\nhAsusStrix\UserInterface\nhAsusStrixUILauncher.exe" $(Arg0) $(Arg1) $(Arg2) $(Arg3) $(Arg4) $(Arg5) $(Arg6) $(Arg7) (No File)
S3 cpuz152; \??\C:\Windows\temp\cpuz152\cpuz152_x64.sys [X]
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{3006C261-15EA-498F-97CA-C4886A2E3A2B}
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{F0E87F3C-5E8F-496C-9262-B32CF193462E}
C:\DumpStack.log.tmp
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [748624 2023-10-04] (Oracle America, Inc. -> Oracle Corporation)
EmptyTemp:
End
*****************
Processes closed successfully.
HKU\S-1-5-21-1398007894-2651273048-4200034700-1001_Classes\CLSID\{a0dc2696-5fe3-49f6-b3f8-8c3418978135} => removed successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{47774254-8F3B-4EDD-8328-CFF023D1BDA8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{158592B0-E3AF-4359-9C5A-F30E20BD5F64}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKU\S-1-5-21-1398007894-2651273048-4200034700-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9922213d-8a37-11ee-a06c-f8d6f4591554} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D0558203-06BA-42C1-8E7B-D8566AF1713D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0558203-06BA-42C1-8E7B-D8566AF1713D}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore{F0E87F3C-5E8F-496C-9262-B32CF193462E} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{F0E87F3C-5E8F-496C-9262-B32CF193462E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{58438B8C-E72B-441E-8E00-C7DFA19A5377}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{58438B8C-E72B-441E-8E00-C7DFA19A5377}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA{3006C261-15EA-498F-97CA-C4886A2E3A2B} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{3006C261-15EA-498F-97CA-C4886A2E3A2B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{35D0A71C-09B7-4961-ABA9-CEC21840A18E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{35D0A71C-09B7-4961-ABA9-CEC21840A18E}" => removed successfully
C:\Windows\System32\Tasks\nhAsusStrixSvc32Run => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\nhAsusStrixSvc32Run" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{948182B9-C6B8-4DB2-9FB1-F915FF8E6223}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{948182B9-C6B8-4DB2-9FB1-F915FF8E6223}" => removed successfully
C:\Windows\System32\Tasks\nhAsusStrixSvc64Run => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\nhAsusStrixSvc64Run" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9B58774F-EE08-4914-B387-22ADABE37878}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9B58774F-EE08-4914-B387-22ADABE37878}" => removed successfully
C:\Windows\System32\Tasks\nhAsusStrixUILauncherRun => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\nhAsusStrixUILauncherRun" => removed successfully
HKLM\System\CurrentControlSet\Services\cpuz152 => removed successfully
cpuz152 => service removed successfully
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{3006C261-15EA-498F-97CA-C4886A2E3A2B}" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{F0E87F3C-5E8F-496C-9262-B32CF193462E}" => not found
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 24307970 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 755831278 B
Windows/system/drivers => 45769747 B
Edge => 0 B
Chrome => 1268466580 B
Firefox => 1103511707 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 332294 B
NetworkService => 386940 B
danha => 122274750 B
RecycleBin => 0 B
EmptyTemp: => 3.1 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 07-12-2023 21:30:10)
C:\DumpStack.log.tmp => Could not move
==== End of Fixlog 21:30:10 ====
-
Rudy
- Site Admin
- Příspěvky: 118322
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: kontrola logu prosim obcas se zasekava pc
Smazáno. Nastala změna k lepšímu?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: kontrola logu prosim obcas se zasekava pc
zatim bez problemu pockam par dni kdyz do te doby nenapisu muzete to uzavrit
-
Rudy
- Site Admin
- Příspěvky: 118322
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: kontrola logu prosim obcas se zasekava pc
OK, zatím nechám otevřeno. 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Rudy
- Site Admin
- Příspěvky: 118322
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: kontrola logu prosim obcas se zasekava pc
Není zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: kontrola logu prosim obcas se zasekava pc
Vsimnul sem si jedne veci a to ze kdyz dam kontorlu pc nodem32 tak asi cca 60 souboru nemuze zkontrolovat. Tak sem je zkousel najit ve slozce a ikdyz sem dal zobrazit skryte soubory tak sem je stejne neobjevil.
Mam Windows11
Mam Windows11
-
Rudy
- Site Admin
- Příspěvky: 118322
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: kontrola logu prosim obcas se zasekava pc
To je v pořádku. Něškteré (zejména systémové) soubory nelze otevřít, neboť by to způsobilo problém s chodem systému, dále soubory nějak chráněné (např. heslem) a konečně takové, u kterých není pravděpodobné zavirování. Myslím, že je to OK.,
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: kontrola logu prosim obcas se zasekava pc
okej dekuji
Přispějete na provoz fóra?