Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-04-2021
Ran by Martin G (06-04-2021 12:39:33)
Running from C:\Users\Martin G\Downloads
Windows 10 Home Version 20H2 19042.867 (X64) (2020-09-23 18:11:43)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1215771508-622911918-1038150175-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1215771508-622911918-1038150175-503 - Limited - Disabled)
Guest (S-1-5-21-1215771508-622911918-1038150175-501 - Limited - Disabled)
Martin G (S-1-5-21-1215771508-622911918-1038150175-1002 - Administrator - Enabled) => C:\Users\Martin G
WDAGUtilityAccount (S-1-5-21-1215771508-622911918-1038150175-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.7.0.400 - Adobe Systems Incorporated)
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_8_1) (Version: 8.1 - Adobe Systems Incorporated)
Adobe Premiere Pro 2020 (HKLM-x32\...\PPRO_14_0_1) (Version: 14.0.1 - Adobe Systems Incorporated)
Backup and Sync from Google (HKLM\...\{3CBE1074-3A4F-4BA6-95E3-7A660B54FE33}) (Version: 3.55.3625.9414 - Google, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Beauty Box (HKLM\...\Beauty Box AE) (Version: 3.0.6 - Digital Anarchy, Inc.)
Blitz 1.13.145 (HKU\S-1-5-21-1215771508-622911918-1038150175-1002\...\153f8ce0-b97a-575b-ba12-4ff8b1481894) (Version: 1.13.145 - Blitz, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Call of Duty Black Ops Cold War (HKLM-x32\...\Call of Duty Black Ops Cold War) (Version: - Blizzard Entertainment)
Call of Duty Modern Warfare (HKLM-x32\...\Call of Duty Modern Warfare) (Version: - Blizzard Entertainment)
Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.12.10.2 - Canon Inc.)
Canon Utilities EOS Network Setting Tool (HKLM-x32\...\EOS Network Setting Tool) (Version: 1.0.10.4 - Canon Inc.)
Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.20.0 - Canon Inc.)
Canon Utilities EOS Utility 3 (HKLM-x32\...\EOS Utility 3) (Version: 3.12.10.7 - Canon Inc.)
Canon Utilities EOS Web Service Registration Tool (HKLM-x32\...\EOS Web Service Registration Tool) (Version: 1.9.10.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.76 - Piriform)
Core Temp 1.16 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.16 - ALCPU)
CPUID CPU-Z 1.94 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.94 - CPUID, Inc.)
CPUID HWMonitor 1.43 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.43 - CPUID, Inc.)
Discord (HKU\S-1-5-21-1215771508-622911918-1038150175-1002\...\Discord) (Version: 0.0.309 - Discord Inc.)
Documentation Manager (HKLM\...\{5A87092D-1128-4C00-9495-4312AEA73AEF}) (Version: 21.120.2.1 - Intel Corporation) Hidden
ExitLag version 4 (HKLM-x32\...\{B3117F72-F22D-4DA7-B554-B3F4EDBB408F}_is1) (Version: 4 - ExitLag)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.114 - Google LLC)
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
HP Software Framework (HKLM-x32\...\{71E18A14-1BDB-4B58-A67F-1BCDA12462FD}) (Version: 7.1.15.1 - HP)
HWiNFO64 Version 6.42 (HKLM\...\HWiNFO64_is1) (Version: 6.42 - Martin Malik - REALiX)
Intel Driver && Support Assistant (HKLM-x32\...\{E051A413-9853-4901-AF60-176ED50E7329}) (Version: 20.10.42.5 - Intel) Hidden
Intel Processor Diagnostic Tool 64bit (HKLM\...\{6E05E656-6ED8-49DE-AA9C-C4677F7086C5}) (Version: 4.1.5 - Intel Corporation)
Intel XTU SDK (HKLM-x32\...\{43A58350-CB99-4F4E-9BB6-F058D7B27985}) (Version: 1.0.17 - HP Inc.) Hidden
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Computing Improvement Program (HKLM\...\{0798FE0D-0E50-488A-B0DC-07E65B2758AE}) (Version: 2.4.05982 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.8.3.1003 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000110-0210-1029-84C8-B8D95FA3C8C3}) (Version: 21.110.0.3 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{6f610581-f2d3-4d65-9c20-3627d30f5572}) (Version: 20.10.42.5 - Intel)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{4B3C56AB-963E-4F48-9747-05297683DB3B}) (Version: 16.8.3.1003 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{a6cf16a4-9aef-469b-98af-71b15f60a233}) (Version: 21.120.2.1 - Intel Corporation) Hidden
Jarvee (HKLM-x32\...\{9D1EA30B-26FB-4FD9-BE37-0927E7E6F315}) (Version: 14.1.7 - Jarvee) Hidden
Jarvee (HKLM-x32\...\Jarvee 14.1.7) (Version: 14.1.7 - Jarvee)
League of Legends (HKU\S-1-5-21-1215771508-622911918-1038150175-1002\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Little Nightmares II (HKLM-x32\...\Little Nightmares II_is1) (Version: - )
Logitech Capture (HKLM\...\Capture) (Version: 1.0.553 - Logitech)
Luminar 4 (HKLM\...\{A6F0B6DE-D1DD-4C1C-9D49-C66592461EEC}) (Version: 4.0.0.4810 - Skylum) Hidden
Luminar 4 (HKLM\...\Luminar 4 4.0.0.4810) (Version: 4.0.0.4810 - Skylum)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1215771508-622911918-1038150175-1002\...\OneDriveSetup.exe) (Version: 21.030.0211.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSI Afterburner 4.6.2 (HKLM-x32\...\Afterburner) (Version: 4.6.2 - MSI Co., LTD)
MSI Kombustor 4.1.11.0 (64-bit) (HKLM\...\{F3D3CC6B-9AD7-4F43-8C69-40D5902FDC5C}}_is1) (Version: - MSI / Geeks3D)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Need for Speed: Payback (HKLM-x32\...\Need for Speed: Payback_is1) (Version: - )
Niceboy ORYX K600 Mechanical Keyboard v1.6.5 (HKLM-x32\...\{2C0A8508-5710-4207-8ED8-57518B198878}_is1) (Version: - )
NVIDIA FrameView SDK 1.1.4923.29548709 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29548709 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.21.0.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.21.0.36 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 461.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.92 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Outlast (HKLM-x32\...\GOGPACKOUTLAST_is1) (Version: 2.0.0.3 - GOG.com)
qBittorrent 4.2.5 (HKLM-x32\...\qBittorrent) (Version: 4.2.5 - The qBittorrent project)
Quick CPU x64 (HKLM\...\{B5A7CA0D-7B9C-4954-9C62-A2C8CECE90A6}) (Version: 3.3.2.0 - CoderBag)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8940.1 - Realtek Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21287 - Realtek Semiconduct Corp.)
RogueKiller version 14.8.6.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 14.8.6.0 - Adlice Software)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Skype verze 8.59 (HKLM-x32\...\Skype_is1) (Version: 8.59 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs OBS 0.15.1 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.15.1 - General Workings, Inc.)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.7.6 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\{8B0F211E-5846-4FB2-B0B9-4EB31546FDF9}}_is1) (Version: - TechPowerUp)
Unigine Superposition Benchmark 1.1 (HKLM\...\Superposition_is1) (Version: 1.1 - UNIGINE)
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Visage (HKLM-x32\...\Visage_is1) (Version: - )
VIVEPORT DirectX 9.0 (HKLM-x32\...\{4b01ac5b-340e-4644-828b-0882c8255a4e}) (Version: 1.2.0.3 - HTC Corp.) Hidden
VIVEPORT DirectX 9.0 (x86/x64) (HKLM-x32\...\{9D42F21E-7CFA-4C87-99FD-C81CFFCB12E5}) (Version: 1.2.0.3 - HTC Corp.) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Voxengo Marvel GEQ (HKLM\...\Voxengo Marvel GEQ_is1) (Version: 1.10 - Voxengo)
WhatsApp (HKU\S-1-5-21-1215771508-622911918-1038150175-1002\...\WhatsApp) (Version: 2.2110.12 - WhatsApp)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Worms W.M.D (HKLM-x32\...\Worms W.M.D_is1) (Version: - )
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-04-03] (Microsoft Corporation)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_1.6.8.0_x64__v10z8vjag6ke6 [2021-02-06] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.0.39.0_x64__v10z8vjag6ke6 [2021-02-11] (HP Inc.)
HyperX NGENUITY -> C:\Program Files\WindowsApps\33C30B79.HyperXNGenuity_5.1.64.0_x64__0a78dr3hq0pvt [2021-02-11] (HyperX Gaming) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-06-03] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-06-03] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-04-04] (NVIDIA Corp.)
Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_1.0.40392.0_x64__8wekyb3d8bbwe [2021-02-21] (Microsoft Corporation)
Synaptics TouchPad -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynHPConsumerDApp_19005.35054.0.0_x64__807d65c4rvak2 [2020-10-31] (Synaptics Incorporated)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1215771508-622911918-1038150175-1002_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1215771508-622911918-1038150175-1002_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1215771508-622911918-1038150175-1002_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1215771508-622911918-1038150175-1002_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1215771508-622911918-1038150175-1002_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1215771508-622911918-1038150175-1002_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1215771508-622911918-1038150175-1002_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key -> Intel)
CustomCLSID: HKU\S-1-5-21-1215771508-622911918-1038150175-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-03-12] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-07-15] () [File not signed] [File is in use]
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-03-12] (Google LLC -> Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-03-05] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-07-15] () [File not signed] [File is in use]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-03-12] (Google LLC -> Google)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvhmi.inf_amd64_9f074a9de859939d\nvshext.dll [2021-03-13] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-03-05] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2019-10-26 13:04 - 2019-10-26 13:04 - 000232960 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2019-10-26 13:03 - 2019-10-26 13:03 - 000057344 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2019-10-26 13:04 - 2019-10-26 13:04 - 000650240 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2019-10-26 13:03 - 2019-10-26 13:03 - 000074240 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2019-10-26 13:03 - 2019-10-26 13:03 - 000369664 _____ () [File not signed] C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2019-07-15 10:20 - 2019-07-15 10:20 - 000126976 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\WINDOWS\Temp:$DATA [16]
AlternateDataStreams: C:\Users\Martin G\Data aplikací:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Martin G\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-09-15 09:31 - 2020-10-19 12:51 - 000001090 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %INTEL_DEV_REDIST%redist\intel64\compiler;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1215771508-622911918-1038150175-1002\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 1.0.0.1 - 1.1.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
Ethernet: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: AdobeUpdateService => 2
MSCONFIG\Services: AGMService => 2
MSCONFIG\Services: AGSService => 2
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: TeamViewer => 2
HKLM\...\StartupApproved\StartupFolder: => "AnyDesk.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "OnScreen Control"
HKLM\...\StartupApproved\Run32: => "Intel Driver & Support Assistant"
HKU\S-1-5-21-1215771508-622911918-1038150175-1002\...\StartupApproved\StartupFolder: => "Jarvee.lnk"
HKU\S-1-5-21-1215771508-622911918-1038150175-1002\...\StartupApproved\StartupFolder: => "EOS Utility.lnk"
HKU\S-1-5-21-1215771508-622911918-1038150175-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1215771508-622911918-1038150175-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1215771508-622911918-1038150175-1002\...\StartupApproved\Run: => "ViveportDesktop"
HKU\S-1-5-21-1215771508-622911918-1038150175-1002\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1215771508-622911918-1038150175-1002\...\StartupApproved\Run: => "LDNews"
HKU\S-1-5-21-1215771508-622911918-1038150175-1002\...\StartupApproved\Run: => "PlariumPlay"
HKU\S-1-5-21-1215771508-622911918-1038150175-1002\...\StartupApproved\Run: => "Battle.net"
HKU\S-1-5-21-1215771508-622911918-1038150175-1002\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-1215771508-622911918-1038150175-1002\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-1215771508-622911918-1038150175-1002\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-1215771508-622911918-1038150175-1002\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-1215771508-622911918-1038150175-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1215771508-622911918-1038150175-1002\...\StartupApproved\Run: => "Advanced SystemCare Ultimate"
HKU\S-1-5-21-1215771508-622911918-1038150175-1002\...\StartupApproved\Run: => "reWASD Tray Agent"
HKU\S-1-5-21-1215771508-622911918-1038150175-1002\...\StartupApproved\Run: => "com.blitz.app"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{147A3A7A-677D-4B89-882D-CDF061871907}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B0B0D82C-89F6-4286-B347-4E25066134B8}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{48F9E02D-7FFE-4643-9CF7-62C8B12FFB48}] => (Allow) D:\Program files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{6E49FD3E-9582-428D-AE78-E903C8BD24C0}] => (Allow) D:\Program files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [UDP Query User{4AA8BDAA-7B28-4BC1-84F4-AC19C43600C1}C:\program files\dnplayerext2\ldboxheadless.exe] => (Allow) C:\program files\dnplayerext2\ldboxheadless.exe (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation)
FirewallRules: [TCP Query User{C8E41B06-CF1F-4886-9EC2-39FA935B9FB1}C:\program files\dnplayerext2\ldboxheadless.exe] => (Allow) C:\program files\dnplayerext2\ldboxheadless.exe (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation)
FirewallRules: [{DEC6E1DB-11FC-45B7-B606-406156A28A0B}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CDC8C9DC-0243-4C14-8E14-BDD013175ACF}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{84B1B65E-895E-4A25-A827-F42FD2CED952}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D7E51133-9F9F-4EA9-900D-DDDFB2371221}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{336648C7-275B-47D5-AE49-7261FD8183F8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CA112139-5E75-4931-8D72-C37D4076CC80}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8C9D5E74-8DE3-47AF-8B42-A22DE50A5CFE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B01B6E18-2774-4B6F-B5F0-09FD9433388D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{30025A49-545C-4771-A94D-6568B6F6080D}] => (Allow) D:\Program files\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{6795FBCB-E66C-47E3-B08D-C42316281719}] => (Allow) D:\Program files\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{AE7F2A6F-6E87-4C2B-9D45-0A98ADBCD543}] => (Allow) D:\Program files\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{385B05DB-DCCF-4CF1-AFD0-A63AEA2818AA}] => (Allow) D:\Program files\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{D4D4DA28-1047-4400-8E0B-3D95899021A8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AA1106D9-9899-4213-8353-4CC3911F503E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0553BC72-0E58-46FC-8289-46053AA2D77F}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B0507B2D-C804-45EE-AF19-8EBC7CDA7BF2}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B7FF16C0-DD7D-41CA-9DB6-9E851C8584F2}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{74E891C8-AA41-4774-B7E4-01202127EF30}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5073A86A-91AC-4A81-9833-037BB4F55479}] => (Allow) C:\Users\Martin G\AppData\Roaming\Jarvee\Jarvee.exe (ADNAN ČOKIĆ vl. SMAG SERVICES agencija, Živinice -> Jarvee)
FirewallRules: [{B07542C5-E035-42CB-A0B9-826A04404798}] => (Allow) C:\Users\Martin G\AppData\Roaming\Jarvee\Jarvee.exe (ADNAN ČOKIĆ vl. SMAG SERVICES agencija, Živinice -> Jarvee)
FirewallRules: [{68B2F978-C174-4A03-B5D7-56A9D028682C}] => (Allow) C:\Users\Martin G\AppData\Roaming\Jarvee\Jarvee.exe (ADNAN ČOKIĆ vl. SMAG SERVICES agencija, Živinice -> Jarvee)
FirewallRules: [{B054670D-2E31-4EAB-A5E0-B6163F65281C}] => (Allow) C:\Users\Martin G\AppData\Roaming\Jarvee\Jarvee.exe (ADNAN ČOKIĆ vl. SMAG SERVICES agencija, Živinice -> Jarvee)
FirewallRules: [TCP Query User{9AC508B4-C42A-4C1B-8B03-45F853EA1DEE}C:\program files\adobe\adobe premiere pro 2020\adobe premiere pro.exe] => (Block) C:\program files\adobe\adobe premiere pro 2020\adobe premiere pro.exe (Adobe Inc. -> Adobe)
FirewallRules: [UDP Query User{86127CFB-AE9F-43D5-8D7A-F5B0484A8A9A}C:\program files\adobe\adobe premiere pro 2020\adobe premiere pro.exe] => (Block) C:\program files\adobe\adobe premiere pro 2020\adobe premiere pro.exe (Adobe Inc. -> Adobe)
FirewallRules: [{1FF49F3A-86B8-4B81-B5B9-4184CA9B32A5}] => (Allow) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe (Canon Inc. -> CANON INC.)
FirewallRules: [{B1524EBD-DD2B-46C9-B581-DB2D5DDA2EA6}] => (Allow) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe (Canon Inc. -> CANON INC.)
FirewallRules: [{0F13566C-EF76-4243-9B75-7363EC6043F7}] => (Block) C:\Program Files\Skylum\Luminar 4\Luminar 4.exe (Skylum Software USA, Inc. -> )
FirewallRules: [{7EE7D4C0-9B4A-447B-A45F-EF2DB4385C51}] => (Block) C:\Program Files\Skylum\Luminar 4\Luminar 4.exe (Skylum Software USA, Inc. -> )
FirewallRules: [{F79888FD-B24A-47CC-A7AC-EC0D8A2AF1EC}] => (Allow) C:\Users\Martin G\AppData\Roaming\Jarvee\Jarvee.exe (ADNAN ČOKIĆ vl. SMAG SERVICES agencija, Živinice -> Jarvee)
FirewallRules: [{97F8086E-ED82-4ABB-8B3F-300ECF684213}] => (Allow) c:\program files (x86)\exitlag\exitlag.exe (SKOWSAND SERVICOS DE PROVEDORES E INTERNET LTDA -> )
FirewallRules: [{36C6195A-7A2D-4BD4-A0B1-65BAC8A5A066}] => (Allow) c:\program files (x86)\exitlag\exitlag.exe (SKOWSAND SERVICOS DE PROVEDORES E INTERNET LTDA -> )
FirewallRules: [TCP Query User{C88D4875-1201-4F6F-87EF-2CC56E6AE0D9}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [UDP Query User{618ABF56-C26B-4C3B-B122-7938A6052D7D}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe (Activision Publishing Inc -> Activision)
FirewallRules: [{D46FF621-90A2-4FBB-9016-11B32992D76C}] => (Allow) C:\Program Files\Unigine\Superposition Benchmark\bin\launcher.exe (UNIGINE LLC -> UNIGINE)
FirewallRules: [{D9999442-343B-43FE-80A7-899D6BD962A6}] => (Allow) C:\Program Files\Unigine\Superposition Benchmark\bin\launcher.exe (UNIGINE LLC -> UNIGINE)
FirewallRules: [{A895C221-B5AD-4D9C-A2AD-A7A14B58C2E8}] => (Allow) C:\Program Files\Unigine\Superposition Benchmark\bin\superposition.exe (UNIGINE LLC -> UNIGINE)
FirewallRules: [{9A6CF990-97B6-4E12-9B8A-29E4C7E5A8F9}] => (Allow) C:\Program Files\Unigine\Superposition Benchmark\bin\superposition.exe (UNIGINE LLC -> UNIGINE)
FirewallRules: [TCP Query User{F098A56B-E782-43A0-A461-AEC66C0F7AF6}C:\program files (x86)\call of duty black ops cold war\blackopscoldwar.exe] => (Allow) C:\program files (x86)\call of duty black ops cold war\blackopscoldwar.exe (Activision Publishing Inc -> Activision Publishing, Inc.)
FirewallRules: [UDP Query User{5C665657-083E-47BA-9E56-EE0E7A3533C7}C:\program files (x86)\call of duty black ops cold war\blackopscoldwar.exe] => (Allow) C:\program files (x86)\call of duty black ops cold war\blackopscoldwar.exe (Activision Publishing Inc -> Activision Publishing, Inc.)
FirewallRules: [TCP Query User{7675DAD5-E3C1-4179-82E7-FA556D18C67A}C:\program files\streamlabs obs\streamlabs obs.exe] => (Allow) C:\program files\streamlabs obs\streamlabs obs.exe (Streamlabs (General Workings, Inc.) -> General Workings, Inc.)
FirewallRules: [UDP Query User{D76F657A-5E19-4BDE-A945-18CF822948A6}C:\program files\streamlabs obs\streamlabs obs.exe] => (Allow) C:\program files\streamlabs obs\streamlabs obs.exe (Streamlabs (General Workings, Inc.) -> General Workings, Inc.)
FirewallRules: [{49F307E8-FDF9-4899-9FE9-B86F4FB9545A}] => (Allow) C:\Program Files\Streamlabs OBS\Streamlabs OBS.exe (Streamlabs (General Workings, Inc.) -> General Workings, Inc.)
FirewallRules: [TCP Query User{15D65C3E-D066-401E-88A5-A0A58A6529BF}C:\gog games\outlast\binaries\win64\olgame.exe] => (Block) C:\gog games\outlast\binaries\win64\olgame.exe (Red Barrels Inc.) [File not signed]
FirewallRules: [UDP Query User{65EF5CF8-C143-4BB6-B4B2-4879C297A38C}C:\gog games\outlast\binaries\win64\olgame.exe] => (Block) C:\gog games\outlast\binaries\win64\olgame.exe (Red Barrels Inc.) [File not signed]
FirewallRules: [TCP Query User{442B228D-6548-4A47-9ACE-1A436EDF603A}C:\users\martin g\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\martin g\appdata\local\programs\blitz\blitz.exe (Swift Media Entertainment, Inc. -> Blitz, Inc.)
FirewallRules: [UDP Query User{52A5995C-2CB4-4BDD-AFF5-5DFDFE87B8E4}C:\users\martin g\appdata\local\programs\blitz\blitz.exe] => (Allow) C:\users\martin g\appdata\local\programs\blitz\blitz.exe (Swift Media Entertainment, Inc. -> Blitz, Inc.)
FirewallRules: [{B4A7FEE8-3FB3-4232-8866-79E2733906D4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{34C27D13-761F-4FEF-981E-26591A41732B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0E4B7357-899D-47D0-8C95-84223D932FE9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{93E5D400-F420-4A9E-B332-EF2DDF470B14}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5219C1FA-D45F-4DEA-A198-4527E2139CF0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
==================== Restore Points =========================
25-03-2021 17:20:47 Naplánovaný kontrolní bod
29-03-2021 22:39:06 Removed Thrustmaster FFB Driver
04-04-2021 15:28:17 Installed reWASD driver V2.94
05-04-2021 17:45:12 AdwCleaner_BeforeCleaning_05/04/2021_17:45:11
05-04-2021 20:20:49 AdwCleaner_BeforeCleaning_05/04/2021_20:20:47
==================== Faulty Device Manager Devices ============
Name: Intel(R) Wireless-AC 9560 160MHz
Description: Intel(R) Wireless-AC 9560 160MHz
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: Netwtw08
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (04/06/2021 10:20:23 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/05/2021 04:46:08 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: PřI volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (04/05/2021 04:46:08 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (04/05/2021 04:46:08 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: PřI volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (04/05/2021 04:46:08 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (04/05/2021 10:48:27 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/04/2021 11:16:46 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (04/04/2021 03:33:27 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: PřI volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
System errors:
=============
Error: (04/05/2021 08:21:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (04/05/2021 08:21:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba RogueKiller RTP byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (04/05/2021 08:21:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP Analytics service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (04/05/2021 08:21:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (04/05/2021 08:21:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (04/05/2021 08:21:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Intel(R) Dynamic Platform and Thermal Framework service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.
Error: (04/05/2021 08:21:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba RstMwService byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (04/05/2021 08:21:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel Bluetooth Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Windows Defender:
================
Date: 2021-04-05 12:34:58
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
Název: App:MiniTool_Partition_Wizard_BundleInstaller
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_D:\SSD\SSD\Záloha PC\Stažené\pw11-free.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Uživatel
Uživatel: DESKTOP-GLRDF0L\Martin G
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.335.243.0, AS: 1.335.243.0, NIS: 1.335.243.0
Verze modulu: AM: 1.1.18000.5, NIS: 1.1.18000.5
Date: 2021-04-05 12:34:58
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
Název: PUA:Win32/Presenoker
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\Martin G\AppData\Roaming\Fusion_ld\Fusion.dll
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Uživatel
Uživatel: DESKTOP-GLRDF0L\Martin G
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.335.243.0, AS: 1.335.243.0, NIS: 1.335.243.0
Verze modulu: AM: 1.1.18000.5, NIS: 1.1.18000.5
Date: 2021-04-04 14:19:43
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
Název: Trojan:Win32/AgentTesla!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Martin G\AppData\Local\Temp\Rar$DRb828.10270\Hack.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-GLRDF0L\Martin G
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.335.176.0, AS: 1.335.176.0, NIS: 1.335.176.0
Verze modulu: AM: 1.1.18000.5, NIS: 1.1.18000.5
Date: 2021-04-04 13:39:09
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
Název: Trojan:Win32/Tiggre!rfn
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Martin G\AppData\Local\Temp\Rar$DRb6344.15231\oxygen.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-GLRDF0L\Martin G
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.335.176.0, AS: 1.335.176.0, NIS: 1.335.176.0
Verze modulu: AM: 1.1.18000.5, NIS: 1.1.18000.5
Date: 2021-04-04 11:46:20
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
Název: Trojan:Win32/Tiggre!rfn
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Martin G\Desktop\cheat\YUCheat.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-GLRDF0L\Martin G
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.335.176.0, AS: 1.335.176.0, NIS: 1.335.176.0
Verze modulu: AM: 1.1.18000.5, NIS: 1.1.18000.5
Date: 2021-04-04 14:54:02
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu přI pokusu o obnovení položky z karantény.
Další informace:
Název: Trojan:Win32/Tiggre!rfn
Závažnost: Vážné
Kategorie: Trojský kůň
Uživatel: DESKTOP-GLRDF0L\Martin G
Kód chyby: 0x80508014
Popis chyby: Položku v karanténě nelze obnovit.
Verze bezpečnostních informací: AV: 1.335.176.0, AS: 1.335.176.0
Verze modulu: 1.1.18000.5
Date: 2021-04-01 12:41:43
Description:
Modul programu Antivirová ochrana v programu Microsoft Defender byl ukončen v důsledku neočekávané chyby.
Typ chyby: Chyba
Kód výjimky: 0xc0000005
Zdroj:
CodeIntegrity:
===============
Date: 2021-04-04 11:36:40
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\dnplayerext2\LdBoxDDRC.rc because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-04-04 11:36:38
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\dnplayerext2\tstMicroRC.gc because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2021-04-04 11:36:35
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\dnplayerext2\LdVMMRC.rc because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: AMI F.15 11/02/2020
Motherboard: HP 846A
Processor: Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz
Percentage of memory in use: 47%
Total physical RAM: 16260.92 MB
Available physical RAM: 8600.76 MB
Total Virtual: 24196.92 MB
Available Virtual: 15183.14 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:464.57 GB) (Free:100.56 GB) NTFS
Drive d: (Nový svazek) (Fixed) (Total:931.5 GB) (Free:642.67 GB) NTFS
\\?\Volume{3baee5f3-6c5f-40e2-8c4f-b9b0f671388d}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.43 GB) NTFS
\\?\Volume{a0dbe2d5-e201-424b-8b79-dcba1cfb99e5}\ () (Fixed) (Total:0.63 GB) (Free:0.07 GB) NTFS
\\?\Volume{0e252405-fae7-4e56-b1c0-131d64e79a3e}\ () (Fixed) (Total:0.09 GB) (Free:0.03 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================