Dobrý den
po vánocích se mi hned po spuštění pc otevře prohlížeč a chce přesměrovat na nějakou stránku. Po internetu sem hledal co se dalo, ale konzultace a rada od vás mi přijde jako nejlepší varianta.
Děkuji mnohokrát
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{d2183c3d-2e98-4dd7-b2cc-b5cd57c84405}: [DhcpNameServer] 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{e58f97d2-6f4b-420c-8a57-d2e69ac255e3}: [DhcpNameServer] 192.168.1.1
Edge:
======
DownloadDir: C:\Users\Ondřej\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-1043091084-1387024647-1964063134-1001 -> hxxp://google.cz/
Edge DefaultProfile: Default
Edge Profile: C:\Users\Ondřej\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-02]
Edge HomePage: Default -> hxxp://google.cz/
Edge DefaultSearchURL: Default -> hxxps://www.google.cz/search?q={searchTerms}&ie ... utEncoding?}
FireFox:
========
FF DefaultProfile: 1p9y6lbe.default
FF ProfilePath: C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\1p9y6lbe.default [2021-01-01]
FF ProfilePath: C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\ah0lwsrn.default-release [2021-01-02]
FF Plugin: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2020-10-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2020-10-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8477080 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621728 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [351848 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\86.1.6937.199\elevation_service.exe [1136920 2020-11-12] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R2 btwdins; C:\Program Files\ASUS\Bluetooth Software\btwdins.exe [960368 2012-12-30] (Broadcom Corporation -> Broadcom Corporation.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-07] (Disc Soft Ltd -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803952 2020-10-02] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
U3 Intel(R) Online Connect; C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe [25824 2016-10-04] (Intel(R) Online Connect -> Intel Corporation)
S2 Intel(R) Online Connect Helper; C:\Program Files\Intel\Intel(R) Online Connect\iocHelperService.exe [22752 2016-10-04] (Intel(R) Online Connect -> Intel Corporation)
S3 Intel(R) Online Connect Software Asset Manager; C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-09-29] (Intel(R) Software Asset Manager -> Intel Corporation)
R2 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe [173288 2016-10-05] (Intel(R) Online Connect Access -> Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe [496872 2016-10-05] (Intel(R) Online Connect Access -> Intel(R) Corporation)
R2 MSIREGISTER_MR; C:\MSI\MSIRegister\MSIRegisterService.exe [132048 2017-02-21] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2283984 2017-06-21] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [486464 2020-10-01] (geek software GmbH -> geek software GmbH)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5197552 2020-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SteelSeriesUpdateService; C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesUpdateService.exe [32648 2020-12-21] (SteelSeries ApS -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10883824 2017-03-17] (TeamViewer GmbH -> TeamViewer GmbH)
S3 ViGEmBusUpdater; C:\Program Files\Nefarius Software Solutions\ViGEm Bus Driver\ViGEmBusUpdater.exe [888344 2019-12-28] (Nefarius Software Solutions e.U. -> Nefarius Software Solutions e.U.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36792 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208672 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332880 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97360 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2021-01-01] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42424 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176384 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522480 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108928 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R0 AswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84496 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851256 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [469472 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216984 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326064 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 busenum; C:\WINDOWS\System32\drivers\SteelBus64.sys [146944 2018-10-27] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-03-23] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-03-23] (Disc Soft Ltd -> Disc Soft Ltd)
R3 NAL; C:\Windows\system32\Drivers\iqvw64e.sys [50640 2016-09-02] (Intel(R) INTELNPG1 -> Intel Corporation)
S1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrfl.sys [59792 2016-09-13] (Intel(R) Technology Access -> Intel Corporation)
R3 SAlphamHid; C:\WINDOWS\System32\drivers\SAlpham64.sys [39168 2018-10-27] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries Corporation)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [46776 2018-12-21] (SteelSeries ApS -> )
R3 sshid; C:\WINDOWS\system32\DRIVERS\sshid.sys [57440 2020-11-02] (SteelSeries ApS -> SteelSeries ApS)
S3 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [69168 2019-04-04] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-02 10:00 - 2021-01-02 10:00 - 000010519 _____ C:\Users\Ondřej\Desktop\FRST.txt
2021-01-02 10:00 - 2021-01-02 10:00 - 000000000 ____D C:\FRST
2021-01-02 09:59 - 2021-01-02 09:59 - 002286592 _____ (Farbar) C:\Users\Ondřej\Desktop\FRST64.exe
2021-01-01 19:45 - 2021-01-01 19:46 - 000000000 ____D C:\AdwCleaner
2021-01-01 19:16 - 2021-01-01 19:16 - 000220784 _____ (AVAST Software) C:\Users\Ondřej\Downloads\avast_free_antivirus_setup_online.exe
2021-01-01 19:10 - 2021-01-01 19:10 - 001321688 _____ (Google LLC) C:\Users\Ondřej\Downloads\ChromeSetup.exe
2021-01-01 19:06 - 2021-01-01 19:11 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-01 19:06 - 2021-01-01 19:10 - 000000000 ____D C:\Users\Ondřej\AppData\LocalLow\Mozilla
2021-01-01 19:06 - 2021-01-01 19:06 - 000000000 ____D C:\Users\Ondřej\AppData\Roaming\Mozilla
2021-01-01 19:06 - 2021-01-01 19:06 - 000000000 ____D C:\Users\Ondřej\AppData\Local\Mozilla
2021-01-01 19:05 - 2021-01-01 19:05 - 000334032 _____ (Mozilla) C:\Users\Ondřej\Downloads\Firefox Installer.exe
2021-01-01 18:45 - 2021-01-01 18:45 - 006565432 _____ (EnigmaSoft Limited) C:\Users\Ondřej\Downloads\SpyHunter-Installer.exe
2021-01-01 18:44 - 2021-01-01 18:44 - 000000085 _____ C:\WINDOWS\wininit.ini
2021-01-01 18:07 - 2021-01-01 18:07 - 000137097 _____ C:\Users\Ondřej\Desktop\záložky_01.01.21.html
2021-01-01 17:05 - 2021-01-01 17:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\Safer-Networking
2021-01-01 17:05 - 2021-01-01 17:05 - 000000000 ____D C:\Users\Ondřej\AppData\Local\Safer-Networking Ltd
2021-01-01 17:05 - 2021-01-01 17:05 - 000000000 ____D C:\Safer-Networking Ltd
2021-01-01 17:04 - 2021-01-01 18:45 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2021-01-01 17:04 - 2021-01-01 18:44 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2021-01-01 17:04 - 2021-01-01 17:04 - 069300040 _____ (Safer-Networking Ltd. ) C:\Users\Ondřej\Downloads\spybotsd-2.8.68.0.exe
2021-01-01 16:33 - 2021-01-01 16:33 - 000340576 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-01-01 16:33 - 2021-01-01 16:33 - 000216984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-12-23 12:57 - 2021-01-01 20:22 - 000000000 ____D C:\Users\Ondřej\Documents\The Witcher 3
2020-12-23 09:01 - 2020-12-23 09:01 - 000506331 _____ C:\Users\Ondřej\Downloads\2910580472.pdf
2020-12-17 19:49 - 2020-12-17 19:49 - 000000000 ____D C:\Users\Ondřej\Desktop\MOTIVACNI DOPIS A CV
2020-12-16 19:17 - 2020-12-16 19:17 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2020-12-16 19:16 - 2020-12-12 15:29 - 001786584 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-12-16 19:16 - 2020-12-12 15:29 - 001786584 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-12-16 19:16 - 2020-12-12 15:29 - 001454488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-12-16 19:16 - 2020-12-12 15:29 - 001382616 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-12-16 19:16 - 2020-12-12 15:29 - 001382616 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-12-16 19:16 - 2020-12-12 15:29 - 001193880 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-12-16 19:16 - 2020-12-12 15:29 - 001087704 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-12-16 19:16 - 2020-12-12 15:29 - 001087704 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-12-16 19:16 - 2020-12-12 15:29 - 000940760 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-12-16 19:16 - 2020-12-12 15:29 - 000940760 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-12-16 19:16 - 2020-12-12 15:27 - 008261360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-12-16 19:16 - 2020-12-12 15:27 - 002103024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-12-16 19:16 - 2020-12-12 15:27 - 001731824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6446089.dll
2020-12-16 19:16 - 2020-12-12 15:27 - 001589144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-12-16 19:16 - 2020-12-12 15:27 - 001512856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-12-16 19:16 - 2020-12-12 15:27 - 001492376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6446089.dll
2020-12-16 19:16 - 2020-12-12 15:27 - 001164528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-12-16 19:16 - 2020-12-12 15:27 - 000812784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-12-16 19:16 - 2020-12-12 15:27 - 000680856 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-12-16 19:16 - 2020-12-12 15:27 - 000672496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-12-16 19:16 - 2020-12-12 15:27 - 000657816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-12-16 19:16 - 2020-12-12 15:27 - 000559000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-12-16 19:16 - 2020-12-12 15:27 - 000547056 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-12-16 19:16 - 2020-12-12 15:26 - 007391984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-12-16 19:16 - 2020-12-12 15:26 - 004612504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-12-16 19:16 - 2020-12-12 15:26 - 002731928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-12-16 19:16 - 2020-12-12 15:21 - 006070008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-12-11 20:10 - 2020-12-11 20:10 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-12-11 20:10 - 2020-12-11 20:10 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-12-11 20:10 - 2020-12-11 20:10 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-11 20:10 - 2020-12-11 20:10 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-11 20:10 - 2020-12-11 20:10 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-12-11 20:10 - 2020-12-11 20:10 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-11 20:10 - 2020-12-11 20:10 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2020-12-11 20:10 - 2020-12-11 20:10 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-11 20:10 - 2020-12-11 20:10 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-11 20:10 - 2020-12-11 20:10 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-11 20:10 - 2020-12-11 20:10 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-12-11 20:10 - 2020-12-11 20:10 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-12-11 20:10 - 2020-12-11 20:10 - 000010912 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-12-11 20:10 - 2020-12-11 20:10 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2020-12-11 20:10 - 2020-12-11 20:10 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-11 20:09 - 2020-12-11 20:09 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-12-11 20:09 - 2020-12-11 20:09 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-11 20:09 - 2020-12-11 20:09 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2020-12-11 20:09 - 2020-12-11 20:09 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-12-11 20:09 - 2020-12-11 20:09 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2020-12-11 20:09 - 2020-12-11 20:09 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-12-11 20:09 - 2020-12-11 20:09 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-12-11 17:47 - 2020-12-04 04:04 - 000038640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2020-12-06 11:07 - 2020-12-06 11:36 - 523401072 _____ C:\Users\Ondřej\Desktop\Hercule Poirot S04-02 - Smrt v oblacích.avi
2020-12-06 11:07 - 2020-12-06 11:35 - 522289950 _____ C:\Users\Ondřej\Desktop\Hercule Poirot S04-01 Vraždy podle abecedy.avi
2020-12-05 19:48 - 2020-12-06 11:18 - 1671939032 _____ C:\Users\Ondřej\Desktop\Zrodila se hvězda - Zrodila sa hviezda ( A Star Is Born 2018 ) CZ titulky.avi
2020-12-05 16:20 - 2021-01-01 20:22 - 000002606 _____ C:\WINDOWS\system32\Tasks\Ondřej
2020-12-05 16:16 - 2020-12-05 16:16 - 000000222 _____ C:\Users\Ondřej\Desktop\Zaklínač 3 Divoký hon.url
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-02 10:00 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-01-02 09:55 - 2018-07-23 19:38 - 000000000 ____D C:\Program Files\CCleaner
2021-01-02 09:54 - 2017-03-23 09:38 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-01 20:23 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-01 20:23 - 2017-03-23 09:32 - 000000000 ____D C:\Program Files (x86)\Steam
2021-01-01 20:22 - 2020-10-15 16:26 - 000003318 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6a2c6b09264e2
2021-01-01 20:22 - 2020-10-15 08:43 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-01 20:22 - 2020-10-15 08:43 - 000003400 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-01-01 20:22 - 2020-10-15 08:43 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-01 20:22 - 2020-10-15 08:43 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-01-01 20:22 - 2020-10-15 08:43 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-01 20:22 - 2020-10-15 08:43 - 000003176 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-01-01 20:22 - 2020-10-15 08:43 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-01 20:22 - 2020-10-15 08:43 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-01-01 20:22 - 2020-10-15 08:43 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-01 20:22 - 2020-10-15 08:43 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-01 20:22 - 2020-10-15 08:43 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-01 20:22 - 2020-10-15 08:43 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-01 20:22 - 2020-10-15 08:43 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-01 20:22 - 2020-10-15 08:43 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-01 20:22 - 2020-10-15 08:43 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-01 20:22 - 2020-10-15 08:43 - 000002238 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-01-01 20:10 - 2017-03-23 09:40 - 000000000 ____D C:\ProgramData\AVAST Software
2021-01-01 20:02 - 2020-10-15 08:46 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-01 20:02 - 2020-10-15 08:43 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2021-01-01 20:02 - 2019-12-07 15:43 - 000716706 _____ C:\WINDOWS\system32\perfh005.dat
2021-01-01 20:02 - 2019-12-07 15:43 - 000144884 _____ C:\WINDOWS\system32\perfc005.dat
2021-01-01 19:55 - 2020-11-07 21:16 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-01 19:55 - 2020-10-15 08:43 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-01 19:55 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-01-01 19:51 - 2020-08-13 10:22 - 000000000 ____D C:\Program Files\Google
2021-01-01 19:51 - 2017-03-23 09:32 - 000000000 ____D C:\Users\Ondřej\AppData\Local\Google
2021-01-01 19:00 - 2017-03-23 09:30 - 000000000 ____D C:\Program Files (x86)\Google
2021-01-01 18:41 - 2020-10-15 08:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-01 16:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-01 16:33 - 2020-10-24 11:36 - 000176384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-01-01 16:33 - 2020-10-15 08:43 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-01-01 16:33 - 2020-04-20 18:27 - 000522480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-01-01 16:33 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-01-01 16:33 - 2019-01-15 19:18 - 000332880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-01-01 16:33 - 2019-01-05 10:55 - 000247888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-01-01 16:33 - 2019-01-05 10:55 - 000097360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-01-01 16:33 - 2019-01-05 10:55 - 000036792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-01-01 16:33 - 2018-11-09 13:12 - 000042424 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-01-01 16:33 - 2018-06-23 20:17 - 000016832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2021-01-01 16:33 - 2017-11-20 18:58 - 000208672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-01-01 16:33 - 2017-03-23 09:41 - 000851256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-01-01 16:33 - 2017-03-23 09:41 - 000469472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-01-01 16:33 - 2017-03-23 09:41 - 000326064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-01-01 16:33 - 2017-03-23 09:41 - 000108928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-01-01 16:33 - 2017-03-23 09:41 - 000084496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-12-25 10:21 - 2018-05-27 09:55 - 000000000 ____D C:\Users\Ondřej\AppData\Local\D3DSCache
2020-12-25 10:15 - 2020-10-17 08:15 - 000000000 ____D C:\Program Files\Common Files\Adobe
2020-12-25 10:15 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-25 10:15 - 2017-10-22 16:17 - 000000000 ____D C:\Users\Ondřej\AppData\Local\Packages
2020-12-25 10:15 - 2017-07-30 13:09 - 000000000 ____D C:\ProgramData\Adobe
2020-12-25 10:15 - 2017-03-23 16:22 - 000000000 ____D C:\Users\Ondřej\AppData\Roaming\Adobe
2020-12-25 10:14 - 2017-03-23 10:12 - 000000000 ____D C:\Users\Ondřej\AppData\Local\CrashDumps
2020-12-21 15:08 - 2019-04-19 14:25 - 000000000 ____D C:\Users\Ondřej\AppData\Local\Ubisoft Game Launcher
2020-12-21 15:03 - 2019-04-19 14:25 - 000000681 _____ C:\Users\Ondřej\Desktop\Ubisoft Connect.lnk
2020-12-21 15:03 - 2019-04-19 14:25 - 000000000 ____D C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2020-12-21 14:47 - 2020-06-18 12:49 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-21 14:47 - 2020-06-18 12:49 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-12-12 15:21 - 2020-09-06 12:08 - 007114256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-12-12 09:29 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-12 04:59 - 2020-09-06 12:08 - 000060811 _____ C:\WINDOWS\system32\nvinfo.pb
2020-12-12 00:55 - 2020-09-06 12:09 - 009371667 _____ C:\WINDOWS\system32\nvcoproc.bin
2020-12-12 00:55 - 2020-09-06 12:09 - 005622072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2020-12-12 00:55 - 2020-09-06 12:09 - 002636776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2020-12-12 00:55 - 2020-09-06 12:09 - 001760232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2020-12-12 00:55 - 2020-09-06 12:09 - 000992232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2020-12-12 00:55 - 2020-09-06 12:09 - 000121144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2020-12-12 00:55 - 2020-09-06 12:09 - 000083256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2020-12-11 20:39 - 2020-10-15 08:36 - 000462384 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-11 20:38 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-12-11 20:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-11 20:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-11 20:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-12-11 20:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-11 20:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-12-11 20:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-11 20:38 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-11 20:38 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-04 04:04 - 2020-09-06 12:08 - 001682376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2020-12-04 04:04 - 2020-09-06 12:08 - 000135592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
==================== Files in the root of some directories ========
2017-03-23 13:20 - 2017-03-23 13:20 - 000007601 _____ () C:\Users\Ondřej\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by Ondřej (02-01-2021 10:01:36)
Running from C:\Users\Ondřej\Desktop
Windows 10 Pro Version 20H2 19042.685 (X64) (2020-10-15 07:43:18)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1043091084-1387024647-1964063134-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1043091084-1387024647-1964063134-503 - Limited - Disabled)
Guest (S-1-5-21-1043091084-1387024647-1964063134-501 - Limited - Disabled)
Ondřej (S-1-5-21-1043091084-1387024647-1964063134-1001 - Administrator - Enabled) => C:\Users\Ondřej
WDAGUtilityAccount (S-1-5-21-1043091084-1387024647-1964063134-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Spybot - Search and Destroy (Disabled - Out of date) {F77C7796-45C4-531E-0DAE-B4A8229B11C8}
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\...\uTorrent) (Version: 3.5.5.45790 - BitTorrent Inc.)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
7-Zip 19.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov)
Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated)
Aktualizace NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
ASUS Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.5000 - ASUS)
Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 86.1.6937.199 - Autoři prohlížeče Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
Balíček ovladače systému Windows - Broadcom Corporation (bcbtums) Bluetooth (07/14/2015 12.0.1.658) (HKLM\...\BABE4E18F2E0DA329C1139E5584082BBE6F64E5F) (Version: 07/14/2015 12.0.1.658 - Broadcom Corporation)
Blizzard App (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Caps Lock Changer 1.0 (HKLM-x32\...\Caps Lock Changer) (Version: 1.0 - Filebird.com)
CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform)
CPUID CPU-Z 1.91 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.91 - CPUID, Inc.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd)
Dark Souls II Scholar of the First Sin (HKLM-x32\...\Dark Souls II Scholar of the First Sin_is1) (Version: - )
Dark Souls III The Ringed City (HKLM-x32\...\Dark Souls III The Ringed City_is1) (Version: - )
Dauntless (HKLM\...\{03AFDFA7-7A23-41B1-AAC2-3898591127D3}) (Version: 1.00.0000 - Phoenix Labs)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Doom (HKLM-x32\...\{B6A2B3BA-C93E-4AEE-BBCF-BE91DDC84962}_is1) (Version: - id Software)
Epic Games Launcher (HKLM-x32\...\{19BC09B5-F319-4A61-A878-475E7F7054EA}) (Version: 1.1.195.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Far Cry 4 Inc. Valley of the Yetis version 1.0.0 (HKLM-x32\...\Far Cry 4 Inc. Valley of the Yetis_is1) (Version: 1.0.0 - Ubisoft)
Far Cry Primal (HKLM-x32\...\{80BD47AF-CF13-49B2-99BF-7E78FBA26124}_is1) (Version: - Ubisoft)
Google Earth Pro (HKLM\...\{FB8010D4-05F4-420D-8DFC-2F911A6DD100}) (Version: 7.3.3.7786 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Gothic (HKLM-x32\...\1207658682_is1) (Version: 2.1.0.7 - GOG.com)
CHUCHEL (HKLM-x32\...\1825910123_is1) (Version: 1.0.0 - GOG.com)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1004 - Intel Corporation)
Intel(R) Network Connections 21.1.30.0 (HKLM\...\PROSetDX) (Version: 21.1.30.0 - Intel)
Intel(R) Online Connect Software Asset Manager (HKLM-x32\...\{AE956AB9-CD98-4F1E-8B9E-C3C66E290D64}) (Version: 3.4.2072 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
IrfanView 4.54 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.54 - Irfan Skiljan)
Java 8 Update 271 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.66 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft OneDrive (HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\...\OneDriveSetup.exe) (Version: 20.124.0621.0006 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{97238E8A-4919-4A1E-965A-C6C36938F4CE}) (Version: 2.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.14 - MSI)
MSIRegister (HKLM-x32\...\{80B995A4-3A86-4690-98A6-563F1A788835}_is1) (Version: 2.0.0.08 - MSI)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 460.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 460.89 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Oblivion - Horse Armor Pack (HKLM-x32\...\{3ABEBD00-299D-4DCA-967F-B912163AB5EA}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Knights of the Nine (HKLM-x32\...\{14C87AA7-08E6-419F-A165-998EBE5023D7}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Mehrunes Razor (HKLM-x32\...\{EF295F5C-7B57-47AA-8889-6B3E8E214E89}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Orrery (HKLM-x32\...\{EC425CFC-EE78-4A91-AA25-3BFA65B75364}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Spell Tomes (HKLM-x32\...\{16D919E6-F019-4E15-BFBE-4A85EF19DA57}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Thieves Den (HKLM-x32\...\{FFFFFD17-B460-41EB-93F1-C48ABAD63828}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Vile Lair (HKLM-x32\...\{520F4B09-3A51-47A2-82B0-9FF1DC2D20FA}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Wizard's Tower (HKLM-x32\...\{2F2E3D62-8B8C-448F-8900-451325E50948}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
OpenOffice 4.1.4 (HKLM-x32\...\{726F81BD-FECF-412D-917B-F237CD6C8FFE}) (Version: 4.14.9787 - Apache Software Foundation)
Ovládací panel NVIDIA 460.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 460.89 - NVIDIA Corporation) Hidden
PDF24 Creator 9.2.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 9.2.2 - PDF24.org)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8169 - Realtek Semiconductor Corp.)
RiME (HKLM-x32\...\1553712069_is1) (Version: 1.02 - GOG.com)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Skype verze 8.44 (HKLM-x32\...\Skype_is1) (Version: 8.44 - Skype Technologies S.A.)
Smart Watermark 2.0.1.0 (HKLM-x32\...\Smart Watermark 2.0.1.0) (Version: 2.0.1.0 - Vedran Budimir Bajer)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.9.2014.1 - SteelSeries)
SteelSeries Engine 3.18.15 (HKLM\...\SteelSeries Engine 3) (Version: 3.18.15 - SteelSeries ApS)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.75813 - TeamViewer)
The Elder Scrolls V Skyrim Special Edition verze 1.00 (HKLM-x32\...\The Elder Scrolls V Skyrim Special Edition_is1) (Version: 1.00 - )
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 9.0a - Ghisler Software GmbH)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 85.1 - Ubisoft)
Unravel - Version 1.0 (HKLM-x32\...\Unravel_is1) (Version: 1.0 - RePack by VickNet)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
ViGEm Bus Driver (HKLM\...\{4030BA52-E312-462E-B020-CCB5A2AC5497}) (Version: 1.16.116 - Nefarius Software Solutions e.U.)
Visual Watermark version 5.11 (HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\...\{ADD0F13D-4EB0-4324-AF83-24870EC44BF6}_is1) (Version: 5.11 - Portfoler sp. z o. o.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Vypínač na dobrou noc verze 2.0 (HKLM-x32\...\Vypínač na dobrou noc_is1) (Version: - )
Packages:
=========
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_122.1.778.0_x64__v10z8vjag6ke6 [2020-12-21] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-05] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-05] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-24] (Microsoft Studios) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-15] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-01-01] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-01-01] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-01-01] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-12-12] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-01-01] (Avast Software s.r.o. -> AVAST Software)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2017-07-02 08:15 - 2005-07-18 12:43 - 000160256 _____ () [File not signed] C:\Program Files (x86)\MSI\Live Update\unrar.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000030720 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\CODMousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000029696 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\CSGOMousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000030720 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\D3MousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000034304 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\DBUtils.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000030208 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\DOTA2MousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000115200 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\DriverCommunication.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000030720 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\GW2MousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000057344 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\Interop.BSteelLinkLib.dll
2014-10-09 20:43 - 2014-10-09 20:43 - 000011264 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\ISSPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000031744 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\KKMousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000015872 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\Localization.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000159744 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\MLGSenseiPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000189440 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\MousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000030720 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\SRawPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000504832 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineLib.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 009315328 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineWinGui.dll
2014-10-08 16:30 - 2014-10-08 16:30 - 000047616 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesDrivers\x2api.dll
2014-10-08 16:30 - 2014-10-08 16:30 - 001102336 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\System.Data.SQLite.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000011264 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\Utilities.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000030208 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\WoTMousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000020992 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\WoWGoldPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000023040 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\WoWWirelessPlugin.dll
2019-12-23 17:49 - 2019-12-23 17:49 - 002146304 _____ (Holtek Semiconductor Inc.) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine 3\HIDDLL.dll
2019-12-23 17:49 - 2019-12-23 17:49 - 002284032 _____ (Holtek) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine 3\ISPDLL.dll
2014-10-08 16:30 - 2014-10-08 16:30 - 000200704 _____ (ICSharpCode.net) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\ICSharpCode.SharpZipLib.dll
2019-02-21 21:00 - 2019-02-21 21:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2016-10-07 16:05 - 2016-10-07 16:05 - 000347648 _____ (Intel(R) Corporation) [File not signed] C:\Windows\system32\NCS2Setp.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000027136 _____ (Protolog Systems Ltd.) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\D3HeadsetPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000024064 _____ (Protolog Systems Ltd.) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\PluginAbstract.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000125440 _____ (Protolog Systems Ltd.) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\VoicePlugin.dll
2014-10-08 16:30 - 2014-10-08 16:30 - 000653824 _____ (TODO: <Company name>) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesDrivers\BSteelLink.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_271\bin\ssv.dll [2020-10-26] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_271\bin\jp2ssv.dll [2020-10-26] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 08:24 - 2019-01-04 17:01 - 000000830 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\ASUS\Bluetooth Software\;C:\Program Files\ASUS\Bluetooth Software\syswow64;;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ondřej\AppData\Roaming\IrfanView\IrfanView_Wallpaper.png
DNS Servers: 213.46.172.38 - 213.46.172.39
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "Live Update"
HKLM\...\StartupApproved\Run32: => "MSIRegister"
HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\...\StartupApproved\Run: => "CCXProcess"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{95CDEDA4-5C72-43AC-A2B0-66AF76F6B6AE}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{1A462AD2-5CF0-41F8-8BDE-7DA8587D8343}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{824A2B99-126B-4A9E-9B8B-ECB94922F70C}] => (Allow) D:\STEAM\steamapps\common\Jump King\JumpKing.exe () [File not signed]
FirewallRules: [{66D74262-AC14-465A-AAD2-2D3E9510CF58}] => (Allow) D:\STEAM\steamapps\common\Jump King\JumpKing.exe () [File not signed]
FirewallRules: [{62ABB066-6F59-4917-9180-89E5D227AA61}] => (Allow) D:\STEAM\steamapps\common\Horizon Zero Dawn\HorizonZeroDawn.exe () [File not signed]
FirewallRules: [{29969F94-AA8C-4D50-A096-7CD982A0E513}] => (Allow) D:\STEAM\steamapps\common\Horizon Zero Dawn\HorizonZeroDawn.exe () [File not signed]
FirewallRules: [{6A452FCD-AC48-41EA-B1B9-27BB9FC4F6FB}] => (Allow) D:\STEAM\steamapps\common\Outward\Outward.exe () [File not signed]
FirewallRules: [{81007FAB-6121-4AE8-A58E-2D528C9E66C6}] => (Allow) D:\STEAM\steamapps\common\Outward\Outward.exe () [File not signed]
FirewallRules: [UDP Query User{F55C5084-C204-4E6F-B882-D0F3557A62CC}D:\hry\diablo iii\x64\diablo iii64.exe] => (Allow) D:\hry\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{3223C94E-7CB1-4E69-AFF8-CBC8BE072098}D:\hry\diablo iii\x64\diablo iii64.exe] => (Allow) D:\hry\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{9B9B8834-96B3-40F3-8B2E-7AC535AA1532}] => (Allow) D:\STEAM\steamapps\common\Monster Hunter World\MonsterHunterWorld.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
FirewallRules: [{8233AD85-E759-44EC-9BA4-E844155A7945}] => (Allow) D:\STEAM\steamapps\common\Monster Hunter World\MonsterHunterWorld.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
FirewallRules: [{096A46F3-5634-46BA-929F-06A0C97D987A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{21B1DB04-2461-4EA5-9A72-BA6BB5E06DC1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{F460D8A8-E3FA-4F98-969B-BB04B51038C7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5F9CA237-B30F-4D44-B3BB-39EB52C399C0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{C5A2674B-2A56-4355-88BC-BB6607BD46BB}D:\hry\rime\sirengame\binaries\win64\sirengame-win64-shipping.exe] => (Allow) D:\hry\rime\sirengame\binaries\win64\sirengame-win64-shipping.exe (Six Foot, LLC -> )
FirewallRules: [TCP Query User{529F56D0-092E-4FCC-9BB8-BDCB2FD6C8B8}D:\hry\rime\sirengame\binaries\win64\sirengame-win64-shipping.exe] => (Allow) D:\hry\rime\sirengame\binaries\win64\sirengame-win64-shipping.exe (Six Foot, LLC -> )
FirewallRules: [UDP Query User{F5AA10E0-FC3E-494B-8437-39BBB90D34EF}C:\users\ondřej\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ondřej\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{EB2CF4C9-CA33-4118-B9DD-1B91AD77B2AA}C:\users\ondřej\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ondřej\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{7F11C1C7-4F49-4BC6-9EB8-623BBE9E0D05}] => (Allow) LPort=3935
FirewallRules: [{AE95CE85-4EEA-4DA3-8AA5-6CF930F4EFF3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6ABB64F1-28EF-4D26-84F4-5A54E0AAABF3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AD9C8A0A-9979-496D-9180-50F847F2076B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9E63232C-A2BD-427B-8F6D-5CF84B81A33F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7251DEA8-90FA-4DDD-B9C7-D365FCB988E7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{8222997A-4130-4F22-96C4-CE229C3A893A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{4064711F-0F71-4AEA-BC4D-ED92DEAA3076}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{6E19F159-4504-4F5C-92D8-1654E7AB6C4B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{1287CAA5-F283-4107-AEB2-6A476C56C314}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F43898EF-3271-4739-8CC7-78F89BB463E5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{C810C44B-CB5A-4410-BF2D-899E3CE388CE}D:\hry\doom\doomx64.exe] => (Allow) D:\hry\doom\doomx64.exe (id Software) [File not signed]
FirewallRules: [UDP Query User{5684ABC4-3BE5-412D-9902-D6036FEC4CE6}D:\hry\doom\doomx64.exe] => (Allow) D:\hry\doom\doomx64.exe (id Software) [File not signed]
FirewallRules: [TCP Query User{D801AB56-5562-4318-B012-2F88FF610E75}D:\hry\far cry 4 inc. valley of the yetis\bin\farcry4.exe] => (Allow) D:\hry\far cry 4 inc. valley of the yetis\bin\farcry4.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{14D7E9CC-C15D-4728-A2F6-8ADF41F435BE}D:\hry\far cry 4 inc. valley of the yetis\bin\farcry4.exe] => (Allow) D:\hry\far cry 4 inc. valley of the yetis\bin\farcry4.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [TCP Query User{5CCBCEB8-559A-4BCA-8B1A-88D30A32FB90}D:\hry\far cry primal\bin\fcprimal.exe] => (Block) D:\hry\far cry primal\bin\fcprimal.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{FD660E02-A757-483F-8AA3-F801FF8FFE20}D:\hry\far cry primal\bin\fcprimal.exe] => (Block) D:\hry\far cry primal\bin\fcprimal.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{383FC98F-1B1A-4C8C-A8FB-915A24592C26}] => (Allow) D:\STEAM\steamapps\common\theHunterCotW\theHunterCotW_F.exe () [File not signed]
FirewallRules: [{3C4F66AA-354C-46D8-9399-722F040A686A}] => (Allow) D:\STEAM\steamapps\common\theHunterCotW\theHunterCotW_F.exe () [File not signed]
FirewallRules: [{C2E68A09-E1FB-4142-9652-C0BA30A0F3BA}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5EEEF40A-9094-472C-A330-D818D66C57F5}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{C75A5296-FB12-41D2-BB4B-FA59659BFA56}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{7E266DE5-95BD-45B9-B1A1-1F3F280099FC}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{9C00763B-1D5C-48DA-9217-CE79EC1B4554}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{694997E2-C7E3-45C5-ADEC-0E716E0512F4}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{7C674647-4F4F-4720-AC8D-D51365CAB196}C:\program files\java\jre1.8.0_271\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_271\bin\javaw.exe
FirewallRules: [UDP Query User{8B49BE04-8E15-4619-A3ED-C17BB5370D5D}C:\program files\java\jre1.8.0_271\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_271\bin\javaw.exe
FirewallRules: [{3AC0F364-9D7D-4886-9A5F-8DDB4762709B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2F7C72DA-1F5C-40F5-819A-12C42B05671C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4ADC31D8-E633-4708-9DED-D2164E0BB69F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2091E9D8-524F-462D-AEF3-89AC0296DB3E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{198C0C9F-EB6D-4A5E-8CC8-717463C143D0}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{E4015090-9DC7-433E-A842-46056FF6B7D2}] => (Allow) D:\STEAM\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{5778DDB0-3F54-4B74-ACD2-FCF9070EBC16}] => (Allow) D:\STEAM\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{6CAF25C4-5038-428A-96BE-17571C727BF8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E2E4019D-23A3-4F7D-8B44-4CBB65860B75}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A5AE8717-01A5-41C7-A701-490301F37EC6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5D0BB0E3-A24F-4241-8224-8CB19EA041FE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BD3CA6C0-8C06-48AE-AC36-7FDAFB21417C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => No File
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:118.73 GB) (Free:29.06 GB) (24%)
==================== Faulty Device Manager Devices ============
Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Myš Microsoft PS/2
Description: Myš Microsoft PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: ========================
Application errors:
==================
Error: (01/02/2021 09:52:57 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_ca04af081b815d21.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_11b1e5df2ffd8627.manifest.
Error: (01/02/2021 09:52:55 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_ca04af081b815d21.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_11b1e5df2ffd8627.manifest.
Error: (01/01/2021 07:57:03 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_ca04af081b815d21.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_11b1e5df2ffd8627.manifest.
Error: (01/01/2021 07:55:58 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_ca04af081b815d21.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_11b1e5df2ffd8627.manifest.
Error: (01/01/2021 07:55:55 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_ca04af081b815d21.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_11b1e5df2ffd8627.manifest.
Error: (01/01/2021 07:54:58 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_ca04af081b815d21.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_11b1e5df2ffd8627.manifest.
Error: (01/01/2021 07:54:50 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_ca04af081b815d21.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_11b1e5df2ffd8627.manifest.
Error: (01/01/2021 07:51:04 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_ca04af081b815d21.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_11b1e5df2ffd8627.manifest.
System errors:
=============
Error: (01/01/2021 08:23:23 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-ETBFFP7)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/01/2021 07:46:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Intel(R) Online Connect byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (01/01/2021 07:46:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba PDF24 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.
Error: (01/01/2021 07:46:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (01/01/2021 07:46:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MSIREGISTER_MR byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (01/01/2021 07:46:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Bluetooth Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.
Error: (01/01/2021 07:46:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (01/01/2021 07:46:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Intel(R) Online Connect Access byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
CodeIntegrity:
===================================
Date: 2021-01-02 09:59:11.3080000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-02 09:59:11.1910000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-02 09:59:08.3590000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-02 09:59:08.0510000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-02 09:59:08.0230000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-02 09:59:06.8730000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-02 09:59:05.6730000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-02 09:59:05.6180000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1.00 10/26/2016
Motherboard: MSI Z270 PC MATE (MS-7A72)
Processor: Intel(R) Core(TM) i5-7600K CPU @ 3.80GHz
Percentage of memory in use: 53%
Total physical RAM: 8148.79 MB
Available physical RAM: 3802.73 MB
Total Virtual: 13524.79 MB
Available Virtual: 6520.21 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:118.73 GB) (Free:29.06 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.02 GB) (Free:442.53 GB) NTFS
\\?\Volume{972b0071-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{972b0069-0000-0000-0000-10af1d000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 972B0071)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 119.2 GB) (Disk ID: 972B0069)
Partition 1: (Not Active) - (Size=118.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=517 MB) - (Type=27)
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pup up add v prohližeči?
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pup up add v prohližeči?
Zdravím!
Spusťte postupně tyto utility:
1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe , https://www.edisk.cz/stahni/21334/zoek.rar_1.3MB.html/ a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
a
2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
Spusťte postupně tyto utility:
1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe , https://www.edisk.cz/stahni/21334/zoek.rar_1.3MB.html/ a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
a
2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pup up add v prohližeči?
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Ondýej on 02.01.2021 at 12:19:22,85.
Microsoft Windows 10 Pro 10.0.19042 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\ONDEJ~1\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
02.01.2021 12:19:52 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
==== Empty Folders Check ======================
C:\Program Files\Common Files\AV deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\PROGRA~3\ssh deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\LocalLow deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Packages deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\ONDEJ~1\AppData\Roaming\Mozilla\Firefox\Profiles\ah0lwsrn.default-release\prefs.js:
Added to C:\Users\ONDEJ~1\AppData\Roaming\Mozilla\Firefox\Profiles\ah0lwsrn.default-release\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Deleting Files \ Folders ======================
C:\PROGRA~2\Winamp deleted
C:\PROGRA~3\Package Cache deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19d4-19d0-95517.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19d4-19d0-95519.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19d4-19d0-9551b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19d4-19d0-9551d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19d4-19d0-9551f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19d4-19d0-95530.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19d4-19d0-95532.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19d4-19d0-95534.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19d4-19d0-95536.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19d4-19d0-95538.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19d4-19d0-9554a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19d4-19d0-9554c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19d4-19d0-9554e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19d4-19d0-95560.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19d4-19d0-95571.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19d4-19d0-95573.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19d4-19d0-95575.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19d4-19d0-95577.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19d4-19d0-95589.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d24-2bc-d24bc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d24-2bc-d25a9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d24-2bc-d25da.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d24-2bc-d262a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d24-2bc-d266a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d24-2bc-d268c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d24-2bc-d26dc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d24-2bc-d272c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d24-2bc-d275d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d24-2bc-d278e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d24-2bc-d279f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d24-2bc-d27d0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d24-2bc-d27e2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d24-2bc-d2803.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d24-2bc-d28d0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d24-2bc-d2930.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d24-2bc-d299f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d24-2bc-d2a6c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d24-2bc-d2b78.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e14-2aac-96f56.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e14-2aac-96f58.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e14-2aac-96f69.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e14-2aac-96f6b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e14-2aac-96f6d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e14-2aac-96f6f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e14-2aac-96f71.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e14-2aac-96f83.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e14-2aac-96f85.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e14-2aac-96f87.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e14-2aac-96f89.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e14-2aac-96f8b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e14-2aac-96f9c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e14-2aac-96f9e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e14-2aac-96fa0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e14-2aac-96fa2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e14-2aac-96fa4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e14-2aac-96fa6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e14-2aac-96fb8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2710-149c-101d7ae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2710-149c-101d7b0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2710-149c-101d7d1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2710-149c-101d7d3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2710-149c-101d7d5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2710-149c-101d7d7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2710-149c-101d7d9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2710-149c-101d7eb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2710-149c-101d7ed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2710-149c-101d7ef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2710-149c-101d7f1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2710-149c-101d7f3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2710-149c-101d814.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2710-149c-101d816.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2710-149c-101d818.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2710-149c-101d81a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2710-149c-101d81c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2710-149c-101d82e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2710-149c-101d830.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2760-2eb8-97234.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2760-2eb8-97246.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2760-2eb8-97248.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2760-2eb8-9724a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2760-2eb8-9724c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2760-2eb8-9724e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2760-2eb8-97250.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2760-2eb8-97261.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2760-2eb8-97263.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2760-2eb8-97265.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2760-2eb8-97267.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2760-2eb8-97269.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2760-2eb8-9727b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2760-2eb8-9727d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2760-2eb8-9727f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2760-2eb8-97281.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2760-2eb8-97292.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2760-2eb8-97294.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2760-2eb8-972a6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e80-297c-50ea58.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e80-297c-50ea5a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e80-297c-50ea6c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e80-297c-50ea6e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e80-297c-50ea70.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e80-297c-50ea72.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e80-297c-50ea74.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e80-297c-50ea86.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e80-297c-50ea88.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e80-297c-50ea8a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e80-297c-50ea8c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e80-297c-50ea9d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e80-297c-50ea9f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e80-297c-50eaa1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e80-297c-50eaa3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e80-297c-50eaa5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e80-297c-50eab7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e80-297c-50eab9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e80-297c-50eabb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3260-3018-c088e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3260-3018-c0890.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3260-3018-c08a2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3260-3018-c08a4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3260-3018-c08a6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3260-3018-c08a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3260-3018-c08ba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3260-3018-c08cb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3260-3018-c08cd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3260-3018-c08df.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3260-3018-c08e1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3260-3018-c08f3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3260-3018-c0e63.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3260-3018-c0ee2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3260-3018-c0f80.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3260-3018-c0fa2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3260-3018-c1169.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3260-3018-c119a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3260-3018-c11ab.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3398-2a24-11b89c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3398-2a24-11b8ae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3398-2a24-11b8b0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3398-2a24-11b8b2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3398-2a24-11b8b4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3398-2a24-11b8b6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3398-2a24-11b8c8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3398-2a24-11b8ca.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3398-2a24-11b8cc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3398-2a24-11b8ce.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3398-2a24-11b8df.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3398-2a24-11b8e1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3398-2a24-11b8e3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3398-2a24-11b8e5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3398-2a24-11b8e7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3398-2a24-11b8e9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3398-2a24-11b8fb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3398-2a24-11b8fd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3398-2a24-11b8ff.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33c4-35d4-3c141e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33c4-35d4-3c149d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33c4-35d4-3c14ce.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33c4-35d4-3c14ef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33c4-35d4-3c1501.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33c4-35d4-3c1560.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33c4-35d4-3c1572.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33c4-35d4-3c15b3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33c4-35d4-3c15c4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33c4-35d4-3c15e5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33c4-35d4-3c1674.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33c4-35d4-3c1695.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33c4-35d4-3c16e5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33c4-35d4-3c1707.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33c4-35d4-3c1718.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33c4-35d4-3c1749.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33c4-35d4-3c175b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33c4-35d4-3c178c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33c4-35d4-3c179d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-36d0-8-97f53.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-36d0-8-97f55.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-36d0-8-97f57.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-36d0-8-97f69.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-36d0-8-97f6b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-36d0-8-97f6d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-36d0-8-97f6f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-36d0-8-97f71.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-36d0-8-97f83.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-36d0-8-97f85.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-36d0-8-97f87.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-36d0-8-97f89.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-36d0-8-97f8b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-36d0-8-97f9c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-36d0-8-97f9e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-36d0-8-97fa0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-36d0-8-97fa2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-36d0-8-97fa4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-36d0-8-97fb6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39f0-3dc-3117591.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39f0-3dc-3117593.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39f0-3dc-3117595.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39f0-3dc-31175a6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39f0-3dc-31175a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39f0-3dc-31175aa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39f0-3dc-31175ac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39f0-3dc-31175ae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39f0-3dc-31175b0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39f0-3dc-31175c2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39f0-3dc-31175c4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39f0-3dc-31175c6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39f0-3dc-31175c8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39f0-3dc-31175ca.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39f0-3dc-31175dc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39f0-3dc-31175de.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39f0-3dc-31175e0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39f0-3dc-31175e2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39f0-3dc-31175f3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-3640-19698b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-3640-19698d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-3640-19698f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-3640-1969a1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-3640-1969a3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-3640-1969a5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-3640-1969a7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-3640-1969a9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-3640-1969bb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-3640-1969bd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-3640-1969bf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-3640-1969c1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-3640-196a11.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-3640-196a22.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-3640-196a24.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-3640-196a26.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-3640-196a28.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-3640-196a2a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-3640-196a3c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-524-528-2a54c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-524-528-2a54e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-524-528-2a550.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-524-528-2a552.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-524-528-2a554.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-524-528-2a556.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-524-528-2a568.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-524-528-2a56a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-524-528-2a56c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-524-528-2a56e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-524-528-2a570.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-524-528-2a581.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-524-528-2a583.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-524-528-2a585.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-524-528-2a587.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-524-528-2a589.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-524-528-2a59b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-524-528-2a59d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-524-528-2a59f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-80c-1f28-185a6d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-80c-1f28-185a6f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-80c-1f28-185a71.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-80c-1f28-185a83.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-80c-1f28-185a85.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-80c-1f28-185a87.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-80c-1f28-185a89.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-80c-1f28-185a8b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-80c-1f28-185a9c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-80c-1f28-185a9e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-80c-1f28-185aa0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-80c-1f28-185aa2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-80c-1f28-185aa4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-80c-1f28-185aa6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-80c-1f28-185ab8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-80c-1f28-185aba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-80c-1f28-185abc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-80c-1f28-185abe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-80c-1f28-185ac0.tmp deleted
C:\windows\SysNative\Tasks\Avast Secure Browser Heartbeat Task (Hourly) deleted
C:\windows\SysNative\Tasks\Avast Secure Browser Heartbeat Task (Logon) deleted
C:\windows\SysNative\Tasks\AvastUpdateTaskMachineCore deleted
C:\windows\SysNative\Tasks\AvastUpdateTaskMachineUA deleted
"C:\DumpStack.log.tmp" not deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\ONDEJ~1\AppData\Roaming\Mozilla\Firefox\Profiles\ah0lwsrn.default-release
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions ======================
==== Firefox Plugins ======================
==== Chromium Look ======================
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IESR02"
==== Reset Google Chrome ======================
Nothing found to reset
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
==== Empty IE Cache ======================
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
No Flash Cache Found
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=62 folders=328 73427272 bytes)
==== Empty Temp Folders ======================
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\ONDEJ~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\DumpStack.log.tmp" not deleted
==== EOF on 02.01.2021 at 12:38:22,27 ======================
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Enterprise x64
Ran by Ondýej (Administrator) on 02.01.2021 at 12:39:41,60
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.01.2021 at 12:40:32,72
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Tool run by Ondýej on 02.01.2021 at 12:19:22,85.
Microsoft Windows 10 Pro 10.0.19042 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\ONDEJ~1\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
02.01.2021 12:19:52 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
==== Empty Folders Check ======================
C:\Program Files\Common Files\AV deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\PROGRA~3\ssh deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\LocalLow deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Packages deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\ONDEJ~1\AppData\Roaming\Mozilla\Firefox\Profiles\ah0lwsrn.default-release\prefs.js:
Added to C:\Users\ONDEJ~1\AppData\Roaming\Mozilla\Firefox\Profiles\ah0lwsrn.default-release\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Deleting Files \ Folders ======================
C:\PROGRA~2\Winamp deleted
C:\PROGRA~3\Package Cache deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19d4-19d0-95517.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19d4-19d0-95519.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19d4-19d0-9551b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19d4-19d0-9551d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19d4-19d0-9551f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19d4-19d0-95530.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19d4-19d0-95532.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19d4-19d0-95534.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19d4-19d0-95536.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19d4-19d0-95538.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19d4-19d0-9554a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19d4-19d0-9554c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19d4-19d0-9554e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19d4-19d0-95560.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19d4-19d0-95571.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19d4-19d0-95573.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19d4-19d0-95575.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19d4-19d0-95577.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-19d4-19d0-95589.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d24-2bc-d24bc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d24-2bc-d25a9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d24-2bc-d25da.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d24-2bc-d262a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d24-2bc-d266a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d24-2bc-d268c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d24-2bc-d26dc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d24-2bc-d272c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d24-2bc-d275d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d24-2bc-d278e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d24-2bc-d279f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d24-2bc-d27d0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d24-2bc-d27e2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d24-2bc-d2803.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d24-2bc-d28d0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d24-2bc-d2930.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d24-2bc-d299f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d24-2bc-d2a6c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1d24-2bc-d2b78.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e14-2aac-96f56.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e14-2aac-96f58.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e14-2aac-96f69.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e14-2aac-96f6b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e14-2aac-96f6d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e14-2aac-96f6f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e14-2aac-96f71.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e14-2aac-96f83.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e14-2aac-96f85.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e14-2aac-96f87.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e14-2aac-96f89.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e14-2aac-96f8b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e14-2aac-96f9c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e14-2aac-96f9e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e14-2aac-96fa0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e14-2aac-96fa2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e14-2aac-96fa4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e14-2aac-96fa6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1e14-2aac-96fb8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2710-149c-101d7ae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2710-149c-101d7b0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2710-149c-101d7d1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2710-149c-101d7d3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2710-149c-101d7d5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2710-149c-101d7d7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2710-149c-101d7d9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2710-149c-101d7eb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2710-149c-101d7ed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2710-149c-101d7ef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2710-149c-101d7f1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2710-149c-101d7f3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2710-149c-101d814.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2710-149c-101d816.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2710-149c-101d818.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2710-149c-101d81a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2710-149c-101d81c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2710-149c-101d82e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2710-149c-101d830.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2760-2eb8-97234.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2760-2eb8-97246.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2760-2eb8-97248.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2760-2eb8-9724a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2760-2eb8-9724c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2760-2eb8-9724e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2760-2eb8-97250.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2760-2eb8-97261.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2760-2eb8-97263.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2760-2eb8-97265.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2760-2eb8-97267.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2760-2eb8-97269.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2760-2eb8-9727b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2760-2eb8-9727d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2760-2eb8-9727f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2760-2eb8-97281.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2760-2eb8-97292.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2760-2eb8-97294.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2760-2eb8-972a6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e80-297c-50ea58.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e80-297c-50ea5a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e80-297c-50ea6c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e80-297c-50ea6e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e80-297c-50ea70.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e80-297c-50ea72.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e80-297c-50ea74.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e80-297c-50ea86.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e80-297c-50ea88.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e80-297c-50ea8a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e80-297c-50ea8c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e80-297c-50ea9d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e80-297c-50ea9f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e80-297c-50eaa1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e80-297c-50eaa3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e80-297c-50eaa5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e80-297c-50eab7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e80-297c-50eab9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e80-297c-50eabb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3260-3018-c088e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3260-3018-c0890.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3260-3018-c08a2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3260-3018-c08a4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3260-3018-c08a6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3260-3018-c08a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3260-3018-c08ba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3260-3018-c08cb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3260-3018-c08cd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3260-3018-c08df.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3260-3018-c08e1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3260-3018-c08f3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3260-3018-c0e63.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3260-3018-c0ee2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3260-3018-c0f80.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3260-3018-c0fa2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3260-3018-c1169.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3260-3018-c119a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3260-3018-c11ab.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3398-2a24-11b89c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3398-2a24-11b8ae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3398-2a24-11b8b0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3398-2a24-11b8b2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3398-2a24-11b8b4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3398-2a24-11b8b6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3398-2a24-11b8c8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3398-2a24-11b8ca.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3398-2a24-11b8cc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3398-2a24-11b8ce.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3398-2a24-11b8df.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3398-2a24-11b8e1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3398-2a24-11b8e3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3398-2a24-11b8e5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3398-2a24-11b8e7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3398-2a24-11b8e9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3398-2a24-11b8fb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3398-2a24-11b8fd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3398-2a24-11b8ff.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33c4-35d4-3c141e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33c4-35d4-3c149d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33c4-35d4-3c14ce.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33c4-35d4-3c14ef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33c4-35d4-3c1501.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33c4-35d4-3c1560.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33c4-35d4-3c1572.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33c4-35d4-3c15b3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33c4-35d4-3c15c4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33c4-35d4-3c15e5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33c4-35d4-3c1674.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33c4-35d4-3c1695.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33c4-35d4-3c16e5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33c4-35d4-3c1707.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33c4-35d4-3c1718.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33c4-35d4-3c1749.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33c4-35d4-3c175b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33c4-35d4-3c178c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-33c4-35d4-3c179d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-36d0-8-97f53.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-36d0-8-97f55.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-36d0-8-97f57.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-36d0-8-97f69.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-36d0-8-97f6b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-36d0-8-97f6d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-36d0-8-97f6f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-36d0-8-97f71.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-36d0-8-97f83.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-36d0-8-97f85.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-36d0-8-97f87.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-36d0-8-97f89.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-36d0-8-97f8b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-36d0-8-97f9c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-36d0-8-97f9e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-36d0-8-97fa0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-36d0-8-97fa2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-36d0-8-97fa4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-36d0-8-97fb6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39f0-3dc-3117591.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39f0-3dc-3117593.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39f0-3dc-3117595.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39f0-3dc-31175a6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39f0-3dc-31175a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39f0-3dc-31175aa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39f0-3dc-31175ac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39f0-3dc-31175ae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39f0-3dc-31175b0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39f0-3dc-31175c2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39f0-3dc-31175c4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39f0-3dc-31175c6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39f0-3dc-31175c8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39f0-3dc-31175ca.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39f0-3dc-31175dc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39f0-3dc-31175de.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39f0-3dc-31175e0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39f0-3dc-31175e2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-39f0-3dc-31175f3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-3640-19698b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-3640-19698d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-3640-19698f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-3640-1969a1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-3640-1969a3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-3640-1969a5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-3640-1969a7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-3640-1969a9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-3640-1969bb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-3640-1969bd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-3640-1969bf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-3640-1969c1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-3640-196a11.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-3640-196a22.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-3640-196a24.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-3640-196a26.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-3640-196a28.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-3640-196a2a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-3640-196a3c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-524-528-2a54c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-524-528-2a54e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-524-528-2a550.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-524-528-2a552.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-524-528-2a554.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-524-528-2a556.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-524-528-2a568.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-524-528-2a56a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-524-528-2a56c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-524-528-2a56e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-524-528-2a570.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-524-528-2a581.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-524-528-2a583.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-524-528-2a585.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-524-528-2a587.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-524-528-2a589.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-524-528-2a59b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-524-528-2a59d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-524-528-2a59f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-80c-1f28-185a6d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-80c-1f28-185a6f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-80c-1f28-185a71.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-80c-1f28-185a83.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-80c-1f28-185a85.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-80c-1f28-185a87.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-80c-1f28-185a89.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-80c-1f28-185a8b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-80c-1f28-185a9c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-80c-1f28-185a9e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-80c-1f28-185aa0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-80c-1f28-185aa2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-80c-1f28-185aa4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-80c-1f28-185aa6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-80c-1f28-185ab8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-80c-1f28-185aba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-80c-1f28-185abc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-80c-1f28-185abe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-80c-1f28-185ac0.tmp deleted
C:\windows\SysNative\Tasks\Avast Secure Browser Heartbeat Task (Hourly) deleted
C:\windows\SysNative\Tasks\Avast Secure Browser Heartbeat Task (Logon) deleted
C:\windows\SysNative\Tasks\AvastUpdateTaskMachineCore deleted
C:\windows\SysNative\Tasks\AvastUpdateTaskMachineUA deleted
"C:\DumpStack.log.tmp" not deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\ONDEJ~1\AppData\Roaming\Mozilla\Firefox\Profiles\ah0lwsrn.default-release
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions ======================
==== Firefox Plugins ======================
==== Chromium Look ======================
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IESR02"
==== Reset Google Chrome ======================
Nothing found to reset
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
==== Empty IE Cache ======================
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
No Flash Cache Found
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=62 folders=328 73427272 bytes)
==== Empty Temp Folders ======================
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\ONDEJ~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\DumpStack.log.tmp" not deleted
==== EOF on 02.01.2021 at 12:38:22,27 ======================
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Enterprise x64
Ran by Ondýej (Administrator) on 02.01.2021 at 12:39:41,60
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.01.2021 at 12:40:32,72
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pup up add v prohližeči?
OK. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pup up add v prohližeči?
Bohužel. Po spuštění PC se opět automaticky spustí prohlížeč a snaží se mě přesměrovat.
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pup up add v prohližeči?
OK. Dejte kompletní log FRST. Ten, který jste uvedl není celý, chybí začátek.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pup up add v prohližeči?
za tu chybu se omlouvám
udělal jsem nový scan a posílam FRST + addition
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2020
Ran by Ondřej (administrator) on DESKTOP-ETBFFP7 (MSI MS-7A72) (02-01-2021 18:19:20)
Running from C:\Users\Ondřej\Desktop
Loaded Profiles: Ondřej
Platform: Windows 10 Pro Version 20H2 19042.685 (X64) Language: Čeština (Česko)
Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --single-argument %1
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\ASUS\Bluetooth Software\BTTray.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\ASUS\Bluetooth Software\btwdins.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(geek software GmbH -> geek software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe <2>
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) Network Platform Group -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel(R) Online Connect -> Intel Corporation) C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe
(Intel(R) Online Connect Access -> Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe
(Intel(R) Online Connect Access -> Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\MSI\MSIRegister\MSIRegisterService.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(SteelSeries ApS) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117352 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9229280 2017-06-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [15375312 2017-06-21] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [MSIRegister] => C:\MSI\MSIRegister\MSIRegister.exe [1258960 2017-05-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [486464 2020-10-01] (geek software GmbH -> geek software GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3411232 2020-12-21] (Valve -> Valve Corporation)
HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2017-02-07] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [87040 2014-10-09] (SteelSeries ApS) [File not signed]
HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [53646696 2019-04-25] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32712080 2021-01-01] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\...\Run: [Ondřej] => explorer.exe hxxp://kb-ribaki.org <==== ATTENTION
HKLM\...\Print\Monitors\HP be2a Status Monitor: C:\Windows\system32\hpinkstsbe2aLM.dll [468576 2018-06-15] (Hewlett Packard -> HP Inc.)
HKLM\Software\...\AppCompatFlags\Custom\GOTHIC.EXE: [{4ee35559-a19c-451c-a5b3-2eebf79ce4d3}.sdb] -> GOG.com Gothic
HKLM\Software\...\AppCompatFlags\InstalledSDB\{4ee35559-a19c-451c-a5b3-2eebf79ce4d3}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{4ee35559-a19c-451c-a5b3-2eebf79ce4d3}.sdb [2014-04-01]
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\86.1.6937.199\Installer\chrmstp.exe [2020-11-23] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\ASUS\Bluetooth Software\\BtwCP.dll [2012-12-30] (Broadcom Corporation -> Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2018-12-01]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ASUS\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2020-12-23]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS -> SteelSeries ApS)
BootExecute: autocheck autochk * sdnclean64.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01D6A8E5-9760-4A2E-BD87-D154456E3BD2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {0A4CFA9A-84A0-45CC-8273-9793B925E3E4} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {1320B3E9-620A-41DC-B50C-DA33A686B615} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1D493905-CE2F-4D6E-8EE1-BF283EDC08E1} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4621920 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
Task: {3DE46E3E-9DB2-4F2A-BD6C-49ED2C1817C9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-03-23] (Google Inc -> Google Inc.)
Task: {4219F712-0260-4C15-9153-DDB8CC177A3F} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {46CA1A5A-2EF9-4D77-95B1-6B3791A565F4} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7 => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-09-29] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {490790B9-C935-40E2-81C6-2CBED62861FD} - \AvastUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {4A0F16B2-2626-437D-8769-87B7652DDCFF} - System32\Tasks\Ondřej => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v Ondřej /t REG_SZ /d "explorer.exe http://kb-ribaki.org" <==== ATTENTION
Task: {60C98333-38FA-4207-BAD2-B636250778AE} - \Avast Secure Browser Heartbeat Task (Logon) -> No File <==== ATTENTION
Task: {60CE7CDE-1351-4ACA-9FB6-7C388C02A16D} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {68307A40-4630-44EF-810A-47A041791908} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6B7B4183-C378-4EBC-8463-1CC4372793F7} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {6D10A509-D263-4F9D-9593-F0B358A942C7} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {732E3C95-8181-477D-9292-61ADDEE9FF57} - \AvastUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {7D35A1ED-C713-49F6-B2A9-CCFC8693BCA6} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {8124A3FD-9775-4B81-A8A6-D53BFB1F948A} - System32\Tasks\{D201824E-7SP1-4321-8GH5-LA32311B16CA} => C:\Users\Ondřej\AppData\Roaming\Winamp\Precomp\precomp.exe <==== ATTENTION
Task: {8CBE5A6D-DE53-4147-9643-3F2D31DD1320} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {96590DF9-D3C6-47C3-B4B4-2AE3E34EADA3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-03-23] (Google Inc -> Google Inc.)
Task: {9C1CFE87-7368-4190-8976-CEDA4A20975D} - \Avast Secure Browser Heartbeat Task (Hourly) -> No File <==== ATTENTION
Task: {A71D21EF-9E5E-4904-BFD7-9FCDE20759F7} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AF842C91-84E6-420D-BAD7-74BA8E20A67C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-09-18] (Avast Software s.r.o. -> Avast Software)
Task: {B24DF3CB-0138-48E7-A480-4CAAC8C5CC4D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C0751874-E2F4-4538-96B6-82ABA6B69CA5} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {D5CDB498-A82C-4A36-A8F1-F7081E09D3EF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E84CC73D-9796-42E7-877E-C829B0B3E64F} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7-Logon => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-09-29] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {F153FFE2-5BCA-4633-8602-2BD34AB7A7C5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {F481E86A-7AD1-4AED-BF8B-481D25B33419} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Intel PTT EK Recertification.job => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{d2183c3d-2e98-4dd7-b2cc-b5cd57c84405}: [DhcpNameServer] 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{e58f97d2-6f4b-420c-8a57-d2e69ac255e3}: [DhcpNameServer] 192.168.1.1
Edge:
======
DownloadDir: C:\Users\Ondřej\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-1043091084-1387024647-1964063134-1001 -> hxxp://google.cz/
Edge DefaultProfile: Default
Edge Profile: C:\Users\Ondřej\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-02]
Edge HomePage: Default -> hxxp://google.cz/
Edge DefaultSearchURL: Default -> hxxps://www.google.cz/search?q={searchTerms}&ie ... utEncoding?}
FireFox:
========
FF DefaultProfile: 1p9y6lbe.default
FF ProfilePath: C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\1p9y6lbe.default [2021-01-01]
FF ProfilePath: C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\ah0lwsrn.default-release [2021-01-02]
FF Homepage: Mozilla\Firefox\Profiles\ah0lwsrn.default-release -> about:home
FF NewTab: Mozilla\Firefox\Profiles\ah0lwsrn.default-release -> about:newtab
FF Plugin: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2020-10-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2020-10-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8477080 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621728 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [351848 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\86.1.6937.199\elevation_service.exe [1136920 2020-11-12] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R2 btwdins; C:\Program Files\ASUS\Bluetooth Software\btwdins.exe [960368 2012-12-30] (Broadcom Corporation -> Broadcom Corporation.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-07] (Disc Soft Ltd -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803952 2020-10-02] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
U3 Intel(R) Online Connect; C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe [25824 2016-10-04] (Intel(R) Online Connect -> Intel Corporation)
S2 Intel(R) Online Connect Helper; C:\Program Files\Intel\Intel(R) Online Connect\iocHelperService.exe [22752 2016-10-04] (Intel(R) Online Connect -> Intel Corporation)
S3 Intel(R) Online Connect Software Asset Manager; C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-09-29] (Intel(R) Software Asset Manager -> Intel Corporation)
R2 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe [173288 2016-10-05] (Intel(R) Online Connect Access -> Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe [496872 2016-10-05] (Intel(R) Online Connect Access -> Intel(R) Corporation)
R2 MSIREGISTER_MR; C:\MSI\MSIRegister\MSIRegisterService.exe [132048 2017-02-21] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2283984 2017-06-21] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [486464 2020-10-01] (geek software GmbH -> geek software GmbH)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5197552 2020-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SteelSeriesUpdateService; C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesUpdateService.exe [32648 2020-12-21] (SteelSeries ApS -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10883824 2017-03-17] (TeamViewer GmbH -> TeamViewer GmbH)
S3 ViGEmBusUpdater; C:\Program Files\Nefarius Software Solutions\ViGEm Bus Driver\ViGEmBusUpdater.exe [888344 2019-12-28] (Nefarius Software Solutions e.U. -> Nefarius Software Solutions e.U.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36792 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208672 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332880 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97360 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2021-01-01] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42424 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176384 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522480 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108928 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R0 AswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84496 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851256 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [469472 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216984 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326064 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 busenum; C:\WINDOWS\System32\drivers\SteelBus64.sys [146944 2018-10-27] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-03-23] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-03-23] (Disc Soft Ltd -> Disc Soft Ltd)
R3 NAL; C:\Windows\system32\Drivers\iqvw64e.sys [50640 2016-09-02] (Intel(R) INTELNPG1 -> Intel Corporation)
S1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrfl.sys [59792 2016-09-13] (Intel(R) Technology Access -> Intel Corporation)
R3 SAlphamHid; C:\WINDOWS\System32\drivers\SAlpham64.sys [39168 2018-10-27] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries Corporation)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [46776 2018-12-21] (SteelSeries ApS -> )
R3 sshid; C:\WINDOWS\system32\DRIVERS\sshid.sys [57440 2020-11-02] (SteelSeries ApS -> SteelSeries ApS)
S3 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [69168 2019-04-04] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-02 12:40 - 2021-01-02 12:40 - 000000554 _____ C:\Users\Ondřej\Desktop\JRT.txt
2021-01-02 12:30 - 2021-01-02 12:19 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2021-01-02 12:20 - 2021-01-02 12:20 - 001790024 _____ (Malwarebytes) C:\Users\Ondřej\Desktop\JRT.exe
2021-01-02 12:19 - 2021-01-02 12:29 - 000000000 ____D C:\zoek_backup
2021-01-02 10:30 - 2021-01-02 10:30 - 000001921 _____ C:\Users\Ondřej\Desktop\IrfanView 64 Thumbnails.lnk
2021-01-02 10:30 - 2021-01-02 10:30 - 000001047 _____ C:\Users\Ondřej\Desktop\IrfanView 64.lnk
2021-01-02 10:30 - 2021-01-02 10:30 - 000000000 ____D C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2021-01-02 10:30 - 2021-01-02 10:30 - 000000000 ____D C:\Program Files\IrfanView
2021-01-02 10:00 - 2021-01-02 18:19 - 000027342 _____ C:\Users\Ondřej\Desktop\FRST.txt
2021-01-02 10:00 - 2021-01-02 18:19 - 000000000 ____D C:\FRST
2021-01-02 09:59 - 2021-01-02 09:59 - 002286592 _____ (Farbar) C:\Users\Ondřej\Desktop\FRST64.exe
2021-01-01 19:45 - 2021-01-01 19:46 - 000000000 ____D C:\AdwCleaner
2021-01-01 19:06 - 2021-01-01 19:11 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-01 19:06 - 2021-01-01 19:10 - 000000000 ____D C:\Users\Ondřej\AppData\LocalLow\Mozilla
2021-01-01 19:06 - 2021-01-01 19:06 - 000000000 ____D C:\Users\Ondřej\AppData\Roaming\Mozilla
2021-01-01 19:06 - 2021-01-01 19:06 - 000000000 ____D C:\Users\Ondřej\AppData\Local\Mozilla
2021-01-01 18:07 - 2021-01-01 18:07 - 000137097 _____ C:\Users\Ondřej\Desktop\záložky_01.01.21.html
2021-01-01 17:05 - 2021-01-01 17:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\Safer-Networking
2021-01-01 17:05 - 2021-01-01 17:05 - 000000000 ____D C:\Users\Ondřej\AppData\Local\Safer-Networking Ltd
2021-01-01 17:04 - 2021-01-01 18:45 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2021-01-01 17:04 - 2021-01-01 18:44 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2021-01-01 16:33 - 2021-01-01 16:33 - 000340576 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-01-01 16:33 - 2021-01-01 16:33 - 000216984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-12-23 12:57 - 2021-01-02 18:13 - 000000000 ____D C:\Users\Ondřej\Documents\The Witcher 3
2020-12-23 09:01 - 2020-12-23 09:01 - 000506331 _____ C:\Users\Ondřej\Downloads\2910580472.pdf
2020-12-17 19:49 - 2020-12-17 19:49 - 000000000 ____D C:\Users\Ondřej\Desktop\MOTIVACNI DOPIS A CV
2020-12-16 19:17 - 2020-12-16 19:17 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2020-12-16 19:16 - 2020-12-12 15:29 - 001786584 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-12-16 19:16 - 2020-12-12 15:29 - 001786584 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-12-16 19:16 - 2020-12-12 15:29 - 001454488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-12-16 19:16 - 2020-12-12 15:29 - 001382616 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-12-16 19:16 - 2020-12-12 15:29 - 001382616 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-12-16 19:16 - 2020-12-12 15:29 - 001193880 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-12-16 19:16 - 2020-12-12 15:29 - 001087704 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-12-16 19:16 - 2020-12-12 15:29 - 001087704 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-12-16 19:16 - 2020-12-12 15:29 - 000940760 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-12-16 19:16 - 2020-12-12 15:29 - 000940760 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-12-16 19:16 - 2020-12-12 15:27 - 008261360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-12-16 19:16 - 2020-12-12 15:27 - 002103024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-12-16 19:16 - 2020-12-12 15:27 - 001731824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6446089.dll
2020-12-16 19:16 - 2020-12-12 15:27 - 001589144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-12-16 19:16 - 2020-12-12 15:27 - 001512856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-12-16 19:16 - 2020-12-12 15:27 - 001492376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6446089.dll
2020-12-16 19:16 - 2020-12-12 15:27 - 001164528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-12-16 19:16 - 2020-12-12 15:27 - 000812784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-12-16 19:16 - 2020-12-12 15:27 - 000680856 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-12-16 19:16 - 2020-12-12 15:27 - 000672496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-12-16 19:16 - 2020-12-12 15:27 - 000657816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-12-16 19:16 - 2020-12-12 15:27 - 000559000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-12-16 19:16 - 2020-12-12 15:27 - 000547056 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-12-16 19:16 - 2020-12-12 15:26 - 007391984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-12-16 19:16 - 2020-12-12 15:26 - 004612504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-12-16 19:16 - 2020-12-12 15:26 - 002731928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-12-16 19:16 - 2020-12-12 15:21 - 006070008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-12-11 20:10 - 2020-12-11 20:10 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-12-11 20:10 - 2020-12-11 20:10 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-12-11 20:10 - 2020-12-11 20:10 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-11 20:10 - 2020-12-11 20:10 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-11 20:10 - 2020-12-11 20:10 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-12-11 20:10 - 2020-12-11 20:10 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-11 20:10 - 2020-12-11 20:10 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2020-12-11 20:10 - 2020-12-11 20:10 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-11 20:10 - 2020-12-11 20:10 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-11 20:10 - 2020-12-11 20:10 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-11 20:10 - 2020-12-11 20:10 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-12-11 20:10 - 2020-12-11 20:10 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-12-11 20:10 - 2020-12-11 20:10 - 000010912 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-12-11 20:10 - 2020-12-11 20:10 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2020-12-11 20:10 - 2020-12-11 20:10 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-11 20:09 - 2020-12-11 20:09 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-12-11 20:09 - 2020-12-11 20:09 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-11 20:09 - 2020-12-11 20:09 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2020-12-11 20:09 - 2020-12-11 20:09 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-12-11 20:09 - 2020-12-11 20:09 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2020-12-11 20:09 - 2020-12-11 20:09 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-12-11 20:09 - 2020-12-11 20:09 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-12-11 17:47 - 2020-12-04 04:04 - 000038640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2020-12-06 11:07 - 2020-12-06 11:36 - 523401072 _____ C:\Users\Ondřej\Desktop\Hercule Poirot S04-02 - Smrt v oblacích.avi
2020-12-06 11:07 - 2020-12-06 11:35 - 522289950 _____ C:\Users\Ondřej\Desktop\Hercule Poirot S04-01 Vraždy podle abecedy.avi
2020-12-05 19:48 - 2020-12-06 11:18 - 1671939032 _____ C:\Users\Ondřej\Desktop\Zrodila se hvězda - Zrodila sa hviezda ( A Star Is Born 2018 ) CZ titulky.avi
2020-12-05 16:20 - 2021-01-02 18:13 - 000002606 _____ C:\WINDOWS\system32\Tasks\Ondřej
2020-12-05 16:16 - 2020-12-05 16:16 - 000000222 _____ C:\Users\Ondřej\Desktop\Zaklínač 3 Divoký hon.url
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-02 18:18 - 2019-11-29 19:47 - 000000000 ____D C:\Users\Ondřej\Desktop\Opeth - In Cauda Venenum
2021-01-02 18:15 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-02 18:13 - 2020-10-15 16:26 - 000003318 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6a2c6b09264e2
2021-01-02 18:13 - 2020-10-15 08:43 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-02 18:13 - 2020-10-15 08:43 - 000003400 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-01-02 18:13 - 2020-10-15 08:43 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-02 18:13 - 2020-10-15 08:43 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-01-02 18:13 - 2020-10-15 08:43 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-02 18:13 - 2020-10-15 08:43 - 000003176 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-01-02 18:13 - 2020-10-15 08:43 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-02 18:13 - 2020-10-15 08:43 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-01-02 18:13 - 2020-10-15 08:43 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-02 18:13 - 2020-10-15 08:43 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-02 18:13 - 2020-10-15 08:43 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-02 18:13 - 2020-10-15 08:43 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-02 18:13 - 2020-10-15 08:43 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-02 18:13 - 2020-10-15 08:43 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-02 18:13 - 2020-10-15 08:43 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-02 18:13 - 2020-10-15 08:43 - 000002238 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-01-02 18:13 - 2020-10-15 08:43 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2021-01-02 17:10 - 2017-03-23 09:38 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-02 17:10 - 2017-03-23 09:32 - 000000000 ____D C:\Program Files (x86)\Steam
2021-01-02 17:09 - 2020-10-15 08:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-02 17:03 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-02 17:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-02 16:54 - 2020-10-15 08:46 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-02 16:54 - 2019-12-07 15:43 - 000716706 _____ C:\WINDOWS\system32\perfh005.dat
2021-01-02 16:54 - 2019-12-07 15:43 - 000144884 _____ C:\WINDOWS\system32\perfc005.dat
2021-01-02 16:54 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-01-02 16:49 - 2018-07-23 19:38 - 000000000 ____D C:\Program Files\CCleaner
2021-01-02 16:47 - 2020-11-07 21:16 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-02 16:47 - 2020-10-15 08:43 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-02 16:47 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-01-02 16:47 - 2017-03-23 09:40 - 000000000 ____D C:\ProgramData\AVAST Software
2021-01-02 10:30 - 2017-03-23 09:32 - 000000000 ____D C:\Users\Ondřej\AppData\Roaming\IrfanView
2021-01-01 19:51 - 2020-08-13 10:22 - 000000000 ____D C:\Program Files\Google
2021-01-01 19:51 - 2017-03-23 09:32 - 000000000 ____D C:\Users\Ondřej\AppData\Local\Google
2021-01-01 19:00 - 2017-03-23 09:30 - 000000000 ____D C:\Program Files (x86)\Google
2021-01-01 16:33 - 2020-10-24 11:36 - 000176384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-01-01 16:33 - 2020-10-15 08:43 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-01-01 16:33 - 2020-04-20 18:27 - 000522480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-01-01 16:33 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-01-01 16:33 - 2019-01-15 19:18 - 000332880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-01-01 16:33 - 2019-01-05 10:55 - 000247888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-01-01 16:33 - 2019-01-05 10:55 - 000097360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-01-01 16:33 - 2019-01-05 10:55 - 000036792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-01-01 16:33 - 2018-11-09 13:12 - 000042424 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-01-01 16:33 - 2018-06-23 20:17 - 000016832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2021-01-01 16:33 - 2017-11-20 18:58 - 000208672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-01-01 16:33 - 2017-03-23 09:41 - 000851256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-01-01 16:33 - 2017-03-23 09:41 - 000469472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-01-01 16:33 - 2017-03-23 09:41 - 000326064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-01-01 16:33 - 2017-03-23 09:41 - 000108928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-01-01 16:33 - 2017-03-23 09:41 - 000084496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-12-25 10:21 - 2018-05-27 09:55 - 000000000 ____D C:\Users\Ondřej\AppData\Local\D3DSCache
2020-12-25 10:15 - 2020-10-17 08:15 - 000000000 ____D C:\Program Files\Common Files\Adobe
2020-12-25 10:15 - 2017-10-22 16:17 - 000000000 ____D C:\Users\Ondřej\AppData\Local\Packages
2020-12-25 10:15 - 2017-07-30 13:09 - 000000000 ____D C:\ProgramData\Adobe
2020-12-25 10:15 - 2017-03-23 16:22 - 000000000 ____D C:\Users\Ondřej\AppData\Roaming\Adobe
2020-12-25 10:14 - 2017-03-23 10:12 - 000000000 ____D C:\Users\Ondřej\AppData\Local\CrashDumps
2020-12-21 15:08 - 2019-04-19 14:25 - 000000000 ____D C:\Users\Ondřej\AppData\Local\Ubisoft Game Launcher
2020-12-21 15:03 - 2019-04-19 14:25 - 000000681 _____ C:\Users\Ondřej\Desktop\Ubisoft Connect.lnk
2020-12-21 15:03 - 2019-04-19 14:25 - 000000000 ____D C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2020-12-21 14:47 - 2020-06-18 12:49 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-21 14:47 - 2020-06-18 12:49 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-12-12 15:21 - 2020-09-06 12:08 - 007114256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-12-12 09:29 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-12 04:59 - 2020-09-06 12:08 - 000060811 _____ C:\WINDOWS\system32\nvinfo.pb
2020-12-12 00:55 - 2020-09-06 12:09 - 009371667 _____ C:\WINDOWS\system32\nvcoproc.bin
2020-12-12 00:55 - 2020-09-06 12:09 - 005622072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2020-12-12 00:55 - 2020-09-06 12:09 - 002636776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2020-12-12 00:55 - 2020-09-06 12:09 - 001760232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2020-12-12 00:55 - 2020-09-06 12:09 - 000992232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2020-12-12 00:55 - 2020-09-06 12:09 - 000121144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2020-12-12 00:55 - 2020-09-06 12:09 - 000083256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2020-12-11 20:39 - 2020-10-15 08:36 - 000462384 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-11 20:38 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-12-11 20:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-11 20:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-11 20:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-12-11 20:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-11 20:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-12-11 20:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-11 20:38 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-11 20:38 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-04 04:04 - 2020-09-06 12:08 - 001682376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2020-12-04 04:04 - 2020-09-06 12:08 - 000135592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
==================== Files in the root of some directories ========
2017-03-23 13:20 - 2017-03-23 13:20 - 000007601 _____ () C:\Users\Ondřej\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by Ondřej (02-01-2021 18:20:14)
Running from C:\Users\Ondřej\Desktop
Windows 10 Pro Version 20H2 19042.685 (X64) (2020-10-15 07:43:18)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1043091084-1387024647-1964063134-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1043091084-1387024647-1964063134-503 - Limited - Disabled)
Guest (S-1-5-21-1043091084-1387024647-1964063134-501 - Limited - Disabled)
Ondřej (S-1-5-21-1043091084-1387024647-1964063134-1001 - Administrator - Enabled) => C:\Users\Ondřej
WDAGUtilityAccount (S-1-5-21-1043091084-1387024647-1964063134-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Spybot - Search and Destroy (Disabled - Out of date) {F77C7796-45C4-531E-0DAE-B4A8229B11C8}
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\...\uTorrent) (Version: 3.5.5.45790 - BitTorrent Inc.)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
7-Zip 19.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov)
Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated)
Aktualizace NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
ASUS Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.5000 - ASUS)
Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 86.1.6937.199 - Autoři prohlížeče Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
Balíček ovladače systému Windows - Broadcom Corporation (bcbtums) Bluetooth (07/14/2015 12.0.1.658) (HKLM\...\BABE4E18F2E0DA329C1139E5584082BBE6F64E5F) (Version: 07/14/2015 12.0.1.658 - Broadcom Corporation)
Blizzard App (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Caps Lock Changer 1.0 (HKLM-x32\...\Caps Lock Changer) (Version: 1.0 - Filebird.com)
CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform)
CPUID CPU-Z 1.91 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.91 - CPUID, Inc.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd)
Dark Souls II Scholar of the First Sin (HKLM-x32\...\Dark Souls II Scholar of the First Sin_is1) (Version: - )
Dark Souls III The Ringed City (HKLM-x32\...\Dark Souls III The Ringed City_is1) (Version: - )
Dauntless (HKLM\...\{03AFDFA7-7A23-41B1-AAC2-3898591127D3}) (Version: 1.00.0000 - Phoenix Labs)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Doom (HKLM-x32\...\{B6A2B3BA-C93E-4AEE-BBCF-BE91DDC84962}_is1) (Version: - id Software)
Epic Games Launcher (HKLM-x32\...\{19BC09B5-F319-4A61-A878-475E7F7054EA}) (Version: 1.1.195.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Far Cry 4 Inc. Valley of the Yetis version 1.0.0 (HKLM-x32\...\Far Cry 4 Inc. Valley of the Yetis_is1) (Version: 1.0.0 - Ubisoft)
Far Cry Primal (HKLM-x32\...\{80BD47AF-CF13-49B2-99BF-7E78FBA26124}_is1) (Version: - Ubisoft)
Google Earth Pro (HKLM\...\{FB8010D4-05F4-420D-8DFC-2F911A6DD100}) (Version: 7.3.3.7786 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Gothic (HKLM-x32\...\1207658682_is1) (Version: 2.1.0.7 - GOG.com)
CHUCHEL (HKLM-x32\...\1825910123_is1) (Version: 1.0.0 - GOG.com)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1004 - Intel Corporation)
Intel(R) Network Connections 21.1.30.0 (HKLM\...\PROSetDX) (Version: 21.1.30.0 - Intel)
Intel(R) Online Connect Software Asset Manager (HKLM-x32\...\{AE956AB9-CD98-4F1E-8B9E-C3C66E290D64}) (Version: 3.4.2072 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
IrfanView 4.56 (64-bit) (HKLM\...\IrfanView64) (Version: 4.56 - Irfan Skiljan)
Java 8 Update 271 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.66 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft OneDrive (HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\...\OneDriveSetup.exe) (Version: 20.124.0621.0006 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{97238E8A-4919-4A1E-965A-C6C36938F4CE}) (Version: 2.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.14 - MSI)
MSIRegister (HKLM-x32\...\{80B995A4-3A86-4690-98A6-563F1A788835}_is1) (Version: 2.0.0.08 - MSI)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 460.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 460.89 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Oblivion - Horse Armor Pack (HKLM-x32\...\{3ABEBD00-299D-4DCA-967F-B912163AB5EA}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Knights of the Nine (HKLM-x32\...\{14C87AA7-08E6-419F-A165-998EBE5023D7}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Mehrunes Razor (HKLM-x32\...\{EF295F5C-7B57-47AA-8889-6B3E8E214E89}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Orrery (HKLM-x32\...\{EC425CFC-EE78-4A91-AA25-3BFA65B75364}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Spell Tomes (HKLM-x32\...\{16D919E6-F019-4E15-BFBE-4A85EF19DA57}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Thieves Den (HKLM-x32\...\{FFFFFD17-B460-41EB-93F1-C48ABAD63828}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Vile Lair (HKLM-x32\...\{520F4B09-3A51-47A2-82B0-9FF1DC2D20FA}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Wizard's Tower (HKLM-x32\...\{2F2E3D62-8B8C-448F-8900-451325E50948}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
OpenOffice 4.1.4 (HKLM-x32\...\{726F81BD-FECF-412D-917B-F237CD6C8FFE}) (Version: 4.14.9787 - Apache Software Foundation)
Ovládací panel NVIDIA 460.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 460.89 - NVIDIA Corporation) Hidden
PDF24 Creator 9.2.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 9.2.2 - PDF24.org)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8169 - Realtek Semiconductor Corp.)
RiME (HKLM-x32\...\1553712069_is1) (Version: 1.02 - GOG.com)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Skype verze 8.44 (HKLM-x32\...\Skype_is1) (Version: 8.44 - Skype Technologies S.A.)
Smart Watermark 2.0.1.0 (HKLM-x32\...\Smart Watermark 2.0.1.0) (Version: 2.0.1.0 - Vedran Budimir Bajer)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.9.2014.1 - SteelSeries)
SteelSeries Engine 3.18.15 (HKLM\...\SteelSeries Engine 3) (Version: 3.18.15 - SteelSeries ApS)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.75813 - TeamViewer)
The Elder Scrolls V Skyrim Special Edition verze 1.00 (HKLM-x32\...\The Elder Scrolls V Skyrim Special Edition_is1) (Version: 1.00 - )
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 9.0a - Ghisler Software GmbH)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 85.1 - Ubisoft)
Unravel - Version 1.0 (HKLM-x32\...\Unravel_is1) (Version: 1.0 - RePack by VickNet)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
ViGEm Bus Driver (HKLM\...\{4030BA52-E312-462E-B020-CCB5A2AC5497}) (Version: 1.16.116 - Nefarius Software Solutions e.U.)
Visual Watermark version 5.11 (HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\...\{ADD0F13D-4EB0-4324-AF83-24870EC44BF6}_is1) (Version: 5.11 - Portfoler sp. z o. o.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Vypínač na dobrou noc verze 2.0 (HKLM-x32\...\Vypínač na dobrou noc_is1) (Version: - )
Packages:
=========
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_122.1.778.0_x64__v10z8vjag6ke6 [2020-12-21] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-05] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-05] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-24] (Microsoft Studios) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-15] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-01-01] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-01-01] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-01-01] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-12-12] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-01-01] (Avast Software s.r.o. -> AVAST Software)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2017-07-30 12:51 - 2014-04-09 05:25 - 000071680 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\mssmp3.asi
2017-07-30 12:51 - 2014-04-09 05:25 - 000153088 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\mssvoice.asi
2014-10-09 20:44 - 2014-10-09 20:44 - 000030720 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\CODMousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000029696 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\CSGOMousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000030720 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\D3MousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000034304 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\DBUtils.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000030208 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\DOTA2MousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000115200 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\DriverCommunication.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000030720 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\GW2MousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000057344 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\Interop.BSteelLinkLib.dll
2014-10-09 20:43 - 2014-10-09 20:43 - 000011264 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\ISSPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000031744 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\KKMousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000015872 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\Localization.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000159744 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\MLGSenseiPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000189440 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\MousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000030720 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\SRawPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000504832 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineLib.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 009315328 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineWinGui.dll
2014-10-08 16:30 - 2014-10-08 16:30 - 000047616 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesDrivers\x2api.dll
2014-10-08 16:30 - 2014-10-08 16:30 - 001102336 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\System.Data.SQLite.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000011264 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\Utilities.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000030208 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\WoTMousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000020992 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\WoWGoldPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000023040 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\WoWWirelessPlugin.dll
2019-12-23 17:49 - 2019-12-23 17:49 - 002146304 _____ (Holtek Semiconductor Inc.) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine 3\HIDDLL.dll
2019-12-23 17:49 - 2019-12-23 17:49 - 002284032 _____ (Holtek) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine 3\ISPDLL.dll
2014-10-08 16:30 - 2014-10-08 16:30 - 000200704 _____ (ICSharpCode.net) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\ICSharpCode.SharpZipLib.dll
2019-02-21 21:00 - 2019-02-21 21:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2016-10-07 16:05 - 2016-10-07 16:05 - 000347648 _____ (Intel(R) Corporation) [File not signed] C:\Windows\system32\NCS2Setp.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000027136 _____ (Protolog Systems Ltd.) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\D3HeadsetPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000024064 _____ (Protolog Systems Ltd.) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\PluginAbstract.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000125440 _____ (Protolog Systems Ltd.) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\VoicePlugin.dll
2017-07-30 12:51 - 2014-05-03 02:16 - 000440320 _____ (RAD Game Tools, Inc.) [File not signed] C:\Program Files (x86)\Steam\bin\mss32.DLL
2017-07-30 12:51 - 2014-04-09 05:25 - 000055296 _____ (RAD Game Tools, Inc.) [File not signed] C:\Program Files (x86)\Steam\bin\mssdsp.flt
2014-10-08 16:30 - 2014-10-08 16:30 - 000653824 _____ (TODO: <Company name>) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesDrivers\BSteelLink.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
SearchScopes: HKU\S-1-5-21-1043091084-1387024647-1964063134-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_271\bin\ssv.dll [2020-10-26] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_271\bin\jp2ssv.dll [2020-10-26] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 08:24 - 2021-01-02 12:20 - 000000753 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\ASUS\Bluetooth Software\;C:\Program Files\ASUS\Bluetooth Software\syswow64;;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ondřej\AppData\Roaming\IrfanView\IrfanView_Wallpaper.png
DNS Servers: 213.46.172.38 - 213.46.172.39
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "Live Update"
HKLM\...\StartupApproved\Run32: => "MSIRegister"
HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\...\StartupApproved\Run: => "CCXProcess"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{95CDEDA4-5C72-43AC-A2B0-66AF76F6B6AE}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{1A462AD2-5CF0-41F8-8BDE-7DA8587D8343}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{824A2B99-126B-4A9E-9B8B-ECB94922F70C}] => (Allow) D:\STEAM\steamapps\common\Jump King\JumpKing.exe () [File not signed]
FirewallRules: [{66D74262-AC14-465A-AAD2-2D3E9510CF58}] => (Allow) D:\STEAM\steamapps\common\Jump King\JumpKing.exe () [File not signed]
FirewallRules: [{62ABB066-6F59-4917-9180-89E5D227AA61}] => (Allow) D:\STEAM\steamapps\common\Horizon Zero Dawn\HorizonZeroDawn.exe () [File not signed]
FirewallRules: [{29969F94-AA8C-4D50-A096-7CD982A0E513}] => (Allow) D:\STEAM\steamapps\common\Horizon Zero Dawn\HorizonZeroDawn.exe () [File not signed]
FirewallRules: [{6A452FCD-AC48-41EA-B1B9-27BB9FC4F6FB}] => (Allow) D:\STEAM\steamapps\common\Outward\Outward.exe () [File not signed]
FirewallRules: [{81007FAB-6121-4AE8-A58E-2D528C9E66C6}] => (Allow) D:\STEAM\steamapps\common\Outward\Outward.exe () [File not signed]
FirewallRules: [UDP Query User{F55C5084-C204-4E6F-B882-D0F3557A62CC}D:\hry\diablo iii\x64\diablo iii64.exe] => (Allow) D:\hry\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{3223C94E-7CB1-4E69-AFF8-CBC8BE072098}D:\hry\diablo iii\x64\diablo iii64.exe] => (Allow) D:\hry\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{9B9B8834-96B3-40F3-8B2E-7AC535AA1532}] => (Allow) D:\STEAM\steamapps\common\Monster Hunter World\MonsterHunterWorld.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
FirewallRules: [{8233AD85-E759-44EC-9BA4-E844155A7945}] => (Allow) D:\STEAM\steamapps\common\Monster Hunter World\MonsterHunterWorld.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
FirewallRules: [{096A46F3-5634-46BA-929F-06A0C97D987A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{21B1DB04-2461-4EA5-9A72-BA6BB5E06DC1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{F460D8A8-E3FA-4F98-969B-BB04B51038C7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5F9CA237-B30F-4D44-B3BB-39EB52C399C0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{C5A2674B-2A56-4355-88BC-BB6607BD46BB}D:\hry\rime\sirengame\binaries\win64\sirengame-win64-shipping.exe] => (Allow) D:\hry\rime\sirengame\binaries\win64\sirengame-win64-shipping.exe (Six Foot, LLC -> )
FirewallRules: [TCP Query User{529F56D0-092E-4FCC-9BB8-BDCB2FD6C8B8}D:\hry\rime\sirengame\binaries\win64\sirengame-win64-shipping.exe] => (Allow) D:\hry\rime\sirengame\binaries\win64\sirengame-win64-shipping.exe (Six Foot, LLC -> )
FirewallRules: [UDP Query User{F5AA10E0-FC3E-494B-8437-39BBB90D34EF}C:\users\ondřej\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ondřej\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{EB2CF4C9-CA33-4118-B9DD-1B91AD77B2AA}C:\users\ondřej\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ondřej\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{7F11C1C7-4F49-4BC6-9EB8-623BBE9E0D05}] => (Allow) LPort=3935
FirewallRules: [{AE95CE85-4EEA-4DA3-8AA5-6CF930F4EFF3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6ABB64F1-28EF-4D26-84F4-5A54E0AAABF3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AD9C8A0A-9979-496D-9180-50F847F2076B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9E63232C-A2BD-427B-8F6D-5CF84B81A33F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7251DEA8-90FA-4DDD-B9C7-D365FCB988E7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{8222997A-4130-4F22-96C4-CE229C3A893A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{4064711F-0F71-4AEA-BC4D-ED92DEAA3076}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{6E19F159-4504-4F5C-92D8-1654E7AB6C4B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{1287CAA5-F283-4107-AEB2-6A476C56C314}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F43898EF-3271-4739-8CC7-78F89BB463E5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{C810C44B-CB5A-4410-BF2D-899E3CE388CE}D:\hry\doom\doomx64.exe] => (Allow) D:\hry\doom\doomx64.exe (id Software) [File not signed]
FirewallRules: [UDP Query User{5684ABC4-3BE5-412D-9902-D6036FEC4CE6}D:\hry\doom\doomx64.exe] => (Allow) D:\hry\doom\doomx64.exe (id Software) [File not signed]
FirewallRules: [TCP Query User{D801AB56-5562-4318-B012-2F88FF610E75}D:\hry\far cry 4 inc. valley of the yetis\bin\farcry4.exe] => (Allow) D:\hry\far cry 4 inc. valley of the yetis\bin\farcry4.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{14D7E9CC-C15D-4728-A2F6-8ADF41F435BE}D:\hry\far cry 4 inc. valley of the yetis\bin\farcry4.exe] => (Allow) D:\hry\far cry 4 inc. valley of the yetis\bin\farcry4.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [TCP Query User{5CCBCEB8-559A-4BCA-8B1A-88D30A32FB90}D:\hry\far cry primal\bin\fcprimal.exe] => (Block) D:\hry\far cry primal\bin\fcprimal.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{FD660E02-A757-483F-8AA3-F801FF8FFE20}D:\hry\far cry primal\bin\fcprimal.exe] => (Block) D:\hry\far cry primal\bin\fcprimal.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{383FC98F-1B1A-4C8C-A8FB-915A24592C26}] => (Allow) D:\STEAM\steamapps\common\theHunterCotW\theHunterCotW_F.exe () [File not signed]
FirewallRules: [{3C4F66AA-354C-46D8-9399-722F040A686A}] => (Allow) D:\STEAM\steamapps\common\theHunterCotW\theHunterCotW_F.exe () [File not signed]
FirewallRules: [{C2E68A09-E1FB-4142-9652-C0BA30A0F3BA}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5EEEF40A-9094-472C-A330-D818D66C57F5}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{C75A5296-FB12-41D2-BB4B-FA59659BFA56}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{7E266DE5-95BD-45B9-B1A1-1F3F280099FC}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{9C00763B-1D5C-48DA-9217-CE79EC1B4554}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{694997E2-C7E3-45C5-ADEC-0E716E0512F4}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{7C674647-4F4F-4720-AC8D-D51365CAB196}C:\program files\java\jre1.8.0_271\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_271\bin\javaw.exe
FirewallRules: [UDP Query User{8B49BE04-8E15-4619-A3ED-C17BB5370D5D}C:\program files\java\jre1.8.0_271\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_271\bin\javaw.exe
FirewallRules: [{3AC0F364-9D7D-4886-9A5F-8DDB4762709B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2F7C72DA-1F5C-40F5-819A-12C42B05671C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4ADC31D8-E633-4708-9DED-D2164E0BB69F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2091E9D8-524F-462D-AEF3-89AC0296DB3E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{198C0C9F-EB6D-4A5E-8CC8-717463C143D0}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{E4015090-9DC7-433E-A842-46056FF6B7D2}] => (Allow) D:\STEAM\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{5778DDB0-3F54-4B74-ACD2-FCF9070EBC16}] => (Allow) D:\STEAM\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{6CAF25C4-5038-428A-96BE-17571C727BF8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E2E4019D-23A3-4F7D-8B44-4CBB65860B75}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A5AE8717-01A5-41C7-A701-490301F37EC6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5D0BB0E3-A24F-4241-8224-8CB19EA041FE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BD3CA6C0-8C06-48AE-AC36-7FDAFB21417C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{CD220340-8F62-4E97-9D83-F1DC02889D97}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A1EFE71C-3723-4261-AAEE-4E27CE76DEE4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{01ED3183-AC12-40B2-B213-74650A85489A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{50BE019A-A3D0-45B2-BD06-B2ABEE488C09}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
02-01-2021 12:19:45 zoek.exe restore point
02-01-2021 12:22:00 JRT Pre-Junkware Removal
02-01-2021 12:39:41 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices ============
Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Myš Microsoft PS/2
Description: Myš Microsoft PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: ========================
Application errors:
==================
Error: (01/02/2021 04:48:06 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_ca04af081b815d21.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_11b1e5df2ffd8627.manifest.
Error: (01/02/2021 04:48:04 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_ca04af081b815d21.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_11b1e5df2ffd8627.manifest.
Error: (01/02/2021 04:48:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MSI_LiveUpdate_Service.exe, verze: 1.0.0.44, časové razítko: 0x5949e886
Název chybujícího modulu: NDA.dll_unloaded, verze: 1.0.0.15, časové razítko: 0x581aa4cc
Kód výjimky: 0xc0000005
Posun chyby: 0x000f650e
ID chybujícího procesu: 0x137c
Čas spuštění chybující aplikace: 0x01d6e11ea5b5aad0
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
Cesta k chybujícímu modulu: NDA.dll
ID zprávy: 67cdc6ee-5631-4abe-bde3-392778cf7aa1
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (01/02/2021 03:35:43 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_ca04af081b815d21.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_11b1e5df2ffd8627.manifest.
Error: (01/02/2021 03:35:41 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_ca04af081b815d21.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_11b1e5df2ffd8627.manifest.
Error: (01/02/2021 12:38:23 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_ca04af081b815d21.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_11b1e5df2ffd8627.manifest.
Error: (01/02/2021 12:38:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MSI_LiveUpdate_Service.exe, verze: 1.0.0.44, časové razítko: 0x5949e886
Název chybujícího modulu: NDA.dll_unloaded, verze: 1.0.0.15, časové razítko: 0x581aa4cc
Kód výjimky: 0xc0000005
Posun chyby: 0x000f650e
ID chybujícího procesu: 0x1540
Čas spuštění chybující aplikace: 0x01d6e0fbc40f9d3f
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
Cesta k chybujícímu modulu: NDA.dll
ID zprávy: 6b87a480-4e5c-4757-b25f-8655f1bbacff
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (01/02/2021 12:38:19 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_ca04af081b815d21.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_11b1e5df2ffd8627.manifest.
System errors:
=============
Error: (01/02/2021 05:03:27 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.
Error: (01/02/2021 04:48:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MSI Live Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (01/02/2021 02:02:04 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-ETBFFP7)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/02/2021 12:39:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba PDF24 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.
Error: (01/02/2021 12:39:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (01/02/2021 12:39:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (01/02/2021 12:38:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MSI Live Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (01/02/2021 12:29:08 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
CodeIntegrity:
===================================
Date: 2021-01-02 18:18:14.0310000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-02 18:18:10.4960000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-02 18:18:10.3340000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-02 18:18:09.2200000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-02 18:18:09.2070000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-02 18:18:08.9670000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-02 18:18:08.9510000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-02 18:18:08.9230000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1.00 10/26/2016
Motherboard: MSI Z270 PC MATE (MS-7A72)
Processor: Intel(R) Core(TM) i5-7600K CPU @ 3.80GHz
Percentage of memory in use: 43%
Total physical RAM: 8148.79 MB
Available physical RAM: 4605.58 MB
Total Virtual: 13780.79 MB
Available Virtual: 6923.74 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:118.73 GB) (Free:27.28 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.02 GB) (Free:442.53 GB) NTFS
\\?\Volume{972b0071-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{972b0069-0000-0000-0000-10af1d000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 972B0071)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 119.2 GB) (Disk ID: 972B0069)
Partition 1: (Not Active) - (Size=118.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=517 MB) - (Type=27)
==================== End of Addition.txt =======================
udělal jsem nový scan a posílam FRST + addition
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2020
Ran by Ondřej (administrator) on DESKTOP-ETBFFP7 (MSI MS-7A72) (02-01-2021 18:19:20)
Running from C:\Users\Ondřej\Desktop
Loaded Profiles: Ondřej
Platform: Windows 10 Pro Version 20H2 19042.685 (X64) Language: Čeština (Česko)
Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --single-argument %1
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\ASUS\Bluetooth Software\BTTray.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\ASUS\Bluetooth Software\btwdins.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(geek software GmbH -> geek software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe <2>
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) Network Platform Group -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel(R) Online Connect -> Intel Corporation) C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe
(Intel(R) Online Connect Access -> Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe
(Intel(R) Online Connect Access -> Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\MSI\MSIRegister\MSIRegisterService.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(SteelSeries ApS) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117352 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9229280 2017-06-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [15375312 2017-06-21] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [MSIRegister] => C:\MSI\MSIRegister\MSIRegister.exe [1258960 2017-05-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [486464 2020-10-01] (geek software GmbH -> geek software GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3411232 2020-12-21] (Valve -> Valve Corporation)
HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2017-02-07] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [87040 2014-10-09] (SteelSeries ApS) [File not signed]
HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [53646696 2019-04-25] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32712080 2021-01-01] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\...\Run: [Ondřej] => explorer.exe hxxp://kb-ribaki.org <==== ATTENTION
HKLM\...\Print\Monitors\HP be2a Status Monitor: C:\Windows\system32\hpinkstsbe2aLM.dll [468576 2018-06-15] (Hewlett Packard -> HP Inc.)
HKLM\Software\...\AppCompatFlags\Custom\GOTHIC.EXE: [{4ee35559-a19c-451c-a5b3-2eebf79ce4d3}.sdb] -> GOG.com Gothic
HKLM\Software\...\AppCompatFlags\InstalledSDB\{4ee35559-a19c-451c-a5b3-2eebf79ce4d3}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{4ee35559-a19c-451c-a5b3-2eebf79ce4d3}.sdb [2014-04-01]
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\86.1.6937.199\Installer\chrmstp.exe [2020-11-23] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\ASUS\Bluetooth Software\\BtwCP.dll [2012-12-30] (Broadcom Corporation -> Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2018-12-01]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ASUS\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2020-12-23]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS -> SteelSeries ApS)
BootExecute: autocheck autochk * sdnclean64.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01D6A8E5-9760-4A2E-BD87-D154456E3BD2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {0A4CFA9A-84A0-45CC-8273-9793B925E3E4} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {1320B3E9-620A-41DC-B50C-DA33A686B615} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1D493905-CE2F-4D6E-8EE1-BF283EDC08E1} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4621920 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
Task: {3DE46E3E-9DB2-4F2A-BD6C-49ED2C1817C9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-03-23] (Google Inc -> Google Inc.)
Task: {4219F712-0260-4C15-9153-DDB8CC177A3F} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {46CA1A5A-2EF9-4D77-95B1-6B3791A565F4} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7 => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-09-29] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {490790B9-C935-40E2-81C6-2CBED62861FD} - \AvastUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {4A0F16B2-2626-437D-8769-87B7652DDCFF} - System32\Tasks\Ondřej => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v Ondřej /t REG_SZ /d "explorer.exe http://kb-ribaki.org" <==== ATTENTION
Task: {60C98333-38FA-4207-BAD2-B636250778AE} - \Avast Secure Browser Heartbeat Task (Logon) -> No File <==== ATTENTION
Task: {60CE7CDE-1351-4ACA-9FB6-7C388C02A16D} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {68307A40-4630-44EF-810A-47A041791908} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6B7B4183-C378-4EBC-8463-1CC4372793F7} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {6D10A509-D263-4F9D-9593-F0B358A942C7} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {732E3C95-8181-477D-9292-61ADDEE9FF57} - \AvastUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {7D35A1ED-C713-49F6-B2A9-CCFC8693BCA6} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {8124A3FD-9775-4B81-A8A6-D53BFB1F948A} - System32\Tasks\{D201824E-7SP1-4321-8GH5-LA32311B16CA} => C:\Users\Ondřej\AppData\Roaming\Winamp\Precomp\precomp.exe <==== ATTENTION
Task: {8CBE5A6D-DE53-4147-9643-3F2D31DD1320} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {96590DF9-D3C6-47C3-B4B4-2AE3E34EADA3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-03-23] (Google Inc -> Google Inc.)
Task: {9C1CFE87-7368-4190-8976-CEDA4A20975D} - \Avast Secure Browser Heartbeat Task (Hourly) -> No File <==== ATTENTION
Task: {A71D21EF-9E5E-4904-BFD7-9FCDE20759F7} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AF842C91-84E6-420D-BAD7-74BA8E20A67C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-09-18] (Avast Software s.r.o. -> Avast Software)
Task: {B24DF3CB-0138-48E7-A480-4CAAC8C5CC4D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C0751874-E2F4-4538-96B6-82ABA6B69CA5} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {D5CDB498-A82C-4A36-A8F1-F7081E09D3EF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E84CC73D-9796-42E7-877E-C829B0B3E64F} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7-Logon => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-09-29] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {F153FFE2-5BCA-4633-8602-2BD34AB7A7C5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {F481E86A-7AD1-4AED-BF8B-481D25B33419} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Intel PTT EK Recertification.job => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{d2183c3d-2e98-4dd7-b2cc-b5cd57c84405}: [DhcpNameServer] 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{e58f97d2-6f4b-420c-8a57-d2e69ac255e3}: [DhcpNameServer] 192.168.1.1
Edge:
======
DownloadDir: C:\Users\Ondřej\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-1043091084-1387024647-1964063134-1001 -> hxxp://google.cz/
Edge DefaultProfile: Default
Edge Profile: C:\Users\Ondřej\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-02]
Edge HomePage: Default -> hxxp://google.cz/
Edge DefaultSearchURL: Default -> hxxps://www.google.cz/search?q={searchTerms}&ie ... utEncoding?}
FireFox:
========
FF DefaultProfile: 1p9y6lbe.default
FF ProfilePath: C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\1p9y6lbe.default [2021-01-01]
FF ProfilePath: C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\ah0lwsrn.default-release [2021-01-02]
FF Homepage: Mozilla\Firefox\Profiles\ah0lwsrn.default-release -> about:home
FF NewTab: Mozilla\Firefox\Profiles\ah0lwsrn.default-release -> about:newtab
FF Plugin: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2020-10-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2020-10-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8477080 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621728 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [351848 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\86.1.6937.199\elevation_service.exe [1136920 2020-11-12] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R2 btwdins; C:\Program Files\ASUS\Bluetooth Software\btwdins.exe [960368 2012-12-30] (Broadcom Corporation -> Broadcom Corporation.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-07] (Disc Soft Ltd -> Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803952 2020-10-02] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [287720 2020-10-19] (NVIDIA Corporation -> NVIDIA)
U3 Intel(R) Online Connect; C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe [25824 2016-10-04] (Intel(R) Online Connect -> Intel Corporation)
S2 Intel(R) Online Connect Helper; C:\Program Files\Intel\Intel(R) Online Connect\iocHelperService.exe [22752 2016-10-04] (Intel(R) Online Connect -> Intel Corporation)
S3 Intel(R) Online Connect Software Asset Manager; C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-09-29] (Intel(R) Software Asset Manager -> Intel Corporation)
R2 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe [173288 2016-10-05] (Intel(R) Online Connect Access -> Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe [496872 2016-10-05] (Intel(R) Online Connect Access -> Intel(R) Corporation)
R2 MSIREGISTER_MR; C:\MSI\MSIRegister\MSIRegisterService.exe [132048 2017-02-21] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2283984 2017-06-21] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [486464 2020-10-01] (geek software GmbH -> geek software GmbH)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5197552 2020-12-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SteelSeriesUpdateService; C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesUpdateService.exe [32648 2020-12-21] (SteelSeries ApS -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10883824 2017-03-17] (TeamViewer GmbH -> TeamViewer GmbH)
S3 ViGEmBusUpdater; C:\Program Files\Nefarius Software Solutions\ViGEm Bus Driver\ViGEmBusUpdater.exe [888344 2019-12-28] (Nefarius Software Solutions e.U. -> Nefarius Software Solutions e.U.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36792 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208672 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332880 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97360 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2021-01-01] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42424 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176384 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522480 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108928 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R0 AswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84496 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851256 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [469472 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216984 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326064 2021-01-01] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 busenum; C:\WINDOWS\System32\drivers\SteelBus64.sys [146944 2018-10-27] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-03-23] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-03-23] (Disc Soft Ltd -> Disc Soft Ltd)
R3 NAL; C:\Windows\system32\Drivers\iqvw64e.sys [50640 2016-09-02] (Intel(R) INTELNPG1 -> Intel Corporation)
S1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrfl.sys [59792 2016-09-13] (Intel(R) Technology Access -> Intel Corporation)
R3 SAlphamHid; C:\WINDOWS\System32\drivers\SAlpham64.sys [39168 2018-10-27] (Microsoft Windows Hardware Compatibility Publisher -> SteelSeries Corporation)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [46776 2018-12-21] (SteelSeries ApS -> )
R3 sshid; C:\WINDOWS\system32\DRIVERS\sshid.sys [57440 2020-11-02] (SteelSeries ApS -> SteelSeries ApS)
S3 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [69168 2019-04-04] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-02 12:40 - 2021-01-02 12:40 - 000000554 _____ C:\Users\Ondřej\Desktop\JRT.txt
2021-01-02 12:30 - 2021-01-02 12:19 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2021-01-02 12:20 - 2021-01-02 12:20 - 001790024 _____ (Malwarebytes) C:\Users\Ondřej\Desktop\JRT.exe
2021-01-02 12:19 - 2021-01-02 12:29 - 000000000 ____D C:\zoek_backup
2021-01-02 10:30 - 2021-01-02 10:30 - 000001921 _____ C:\Users\Ondřej\Desktop\IrfanView 64 Thumbnails.lnk
2021-01-02 10:30 - 2021-01-02 10:30 - 000001047 _____ C:\Users\Ondřej\Desktop\IrfanView 64.lnk
2021-01-02 10:30 - 2021-01-02 10:30 - 000000000 ____D C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2021-01-02 10:30 - 2021-01-02 10:30 - 000000000 ____D C:\Program Files\IrfanView
2021-01-02 10:00 - 2021-01-02 18:19 - 000027342 _____ C:\Users\Ondřej\Desktop\FRST.txt
2021-01-02 10:00 - 2021-01-02 18:19 - 000000000 ____D C:\FRST
2021-01-02 09:59 - 2021-01-02 09:59 - 002286592 _____ (Farbar) C:\Users\Ondřej\Desktop\FRST64.exe
2021-01-01 19:45 - 2021-01-01 19:46 - 000000000 ____D C:\AdwCleaner
2021-01-01 19:06 - 2021-01-01 19:11 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-01 19:06 - 2021-01-01 19:10 - 000000000 ____D C:\Users\Ondřej\AppData\LocalLow\Mozilla
2021-01-01 19:06 - 2021-01-01 19:06 - 000000000 ____D C:\Users\Ondřej\AppData\Roaming\Mozilla
2021-01-01 19:06 - 2021-01-01 19:06 - 000000000 ____D C:\Users\Ondřej\AppData\Local\Mozilla
2021-01-01 18:07 - 2021-01-01 18:07 - 000137097 _____ C:\Users\Ondřej\Desktop\záložky_01.01.21.html
2021-01-01 17:05 - 2021-01-01 17:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\Safer-Networking
2021-01-01 17:05 - 2021-01-01 17:05 - 000000000 ____D C:\Users\Ondřej\AppData\Local\Safer-Networking Ltd
2021-01-01 17:04 - 2021-01-01 18:45 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2021-01-01 17:04 - 2021-01-01 18:44 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2021-01-01 16:33 - 2021-01-01 16:33 - 000340576 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-01-01 16:33 - 2021-01-01 16:33 - 000216984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-12-23 12:57 - 2021-01-02 18:13 - 000000000 ____D C:\Users\Ondřej\Documents\The Witcher 3
2020-12-23 09:01 - 2020-12-23 09:01 - 000506331 _____ C:\Users\Ondřej\Downloads\2910580472.pdf
2020-12-17 19:49 - 2020-12-17 19:49 - 000000000 ____D C:\Users\Ondřej\Desktop\MOTIVACNI DOPIS A CV
2020-12-16 19:17 - 2020-12-16 19:17 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2020-12-16 19:16 - 2020-12-12 15:29 - 001786584 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-12-16 19:16 - 2020-12-12 15:29 - 001786584 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-12-16 19:16 - 2020-12-12 15:29 - 001454488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-12-16 19:16 - 2020-12-12 15:29 - 001382616 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-12-16 19:16 - 2020-12-12 15:29 - 001382616 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-12-16 19:16 - 2020-12-12 15:29 - 001193880 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-12-16 19:16 - 2020-12-12 15:29 - 001087704 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-12-16 19:16 - 2020-12-12 15:29 - 001087704 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-12-16 19:16 - 2020-12-12 15:29 - 000940760 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-12-16 19:16 - 2020-12-12 15:29 - 000940760 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-12-16 19:16 - 2020-12-12 15:27 - 008261360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-12-16 19:16 - 2020-12-12 15:27 - 002103024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-12-16 19:16 - 2020-12-12 15:27 - 001731824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6446089.dll
2020-12-16 19:16 - 2020-12-12 15:27 - 001589144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-12-16 19:16 - 2020-12-12 15:27 - 001512856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-12-16 19:16 - 2020-12-12 15:27 - 001492376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6446089.dll
2020-12-16 19:16 - 2020-12-12 15:27 - 001164528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-12-16 19:16 - 2020-12-12 15:27 - 000812784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-12-16 19:16 - 2020-12-12 15:27 - 000680856 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-12-16 19:16 - 2020-12-12 15:27 - 000672496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-12-16 19:16 - 2020-12-12 15:27 - 000657816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-12-16 19:16 - 2020-12-12 15:27 - 000559000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-12-16 19:16 - 2020-12-12 15:27 - 000547056 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-12-16 19:16 - 2020-12-12 15:26 - 007391984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-12-16 19:16 - 2020-12-12 15:26 - 004612504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-12-16 19:16 - 2020-12-12 15:26 - 002731928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-12-16 19:16 - 2020-12-12 15:21 - 006070008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-12-11 20:10 - 2020-12-11 20:10 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-12-11 20:10 - 2020-12-11 20:10 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-12-11 20:10 - 2020-12-11 20:10 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-11 20:10 - 2020-12-11 20:10 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-11 20:10 - 2020-12-11 20:10 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-12-11 20:10 - 2020-12-11 20:10 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-11 20:10 - 2020-12-11 20:10 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2020-12-11 20:10 - 2020-12-11 20:10 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-11 20:10 - 2020-12-11 20:10 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-11 20:10 - 2020-12-11 20:10 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-11 20:10 - 2020-12-11 20:10 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-12-11 20:10 - 2020-12-11 20:10 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-12-11 20:10 - 2020-12-11 20:10 - 000010912 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-12-11 20:10 - 2020-12-11 20:10 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2020-12-11 20:10 - 2020-12-11 20:10 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-11 20:09 - 2020-12-11 20:09 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-12-11 20:09 - 2020-12-11 20:09 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-11 20:09 - 2020-12-11 20:09 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2020-12-11 20:09 - 2020-12-11 20:09 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-12-11 20:09 - 2020-12-11 20:09 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2020-12-11 20:09 - 2020-12-11 20:09 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-12-11 20:09 - 2020-12-11 20:09 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-12-11 17:47 - 2020-12-04 04:04 - 000038640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2020-12-06 11:07 - 2020-12-06 11:36 - 523401072 _____ C:\Users\Ondřej\Desktop\Hercule Poirot S04-02 - Smrt v oblacích.avi
2020-12-06 11:07 - 2020-12-06 11:35 - 522289950 _____ C:\Users\Ondřej\Desktop\Hercule Poirot S04-01 Vraždy podle abecedy.avi
2020-12-05 19:48 - 2020-12-06 11:18 - 1671939032 _____ C:\Users\Ondřej\Desktop\Zrodila se hvězda - Zrodila sa hviezda ( A Star Is Born 2018 ) CZ titulky.avi
2020-12-05 16:20 - 2021-01-02 18:13 - 000002606 _____ C:\WINDOWS\system32\Tasks\Ondřej
2020-12-05 16:16 - 2020-12-05 16:16 - 000000222 _____ C:\Users\Ondřej\Desktop\Zaklínač 3 Divoký hon.url
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-02 18:18 - 2019-11-29 19:47 - 000000000 ____D C:\Users\Ondřej\Desktop\Opeth - In Cauda Venenum
2021-01-02 18:15 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-02 18:13 - 2020-10-15 16:26 - 000003318 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6a2c6b09264e2
2021-01-02 18:13 - 2020-10-15 08:43 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-02 18:13 - 2020-10-15 08:43 - 000003400 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-01-02 18:13 - 2020-10-15 08:43 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-02 18:13 - 2020-10-15 08:43 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-01-02 18:13 - 2020-10-15 08:43 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-02 18:13 - 2020-10-15 08:43 - 000003176 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-01-02 18:13 - 2020-10-15 08:43 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-02 18:13 - 2020-10-15 08:43 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-01-02 18:13 - 2020-10-15 08:43 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-02 18:13 - 2020-10-15 08:43 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-02 18:13 - 2020-10-15 08:43 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-02 18:13 - 2020-10-15 08:43 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-02 18:13 - 2020-10-15 08:43 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-02 18:13 - 2020-10-15 08:43 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-02 18:13 - 2020-10-15 08:43 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-01-02 18:13 - 2020-10-15 08:43 - 000002238 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-01-02 18:13 - 2020-10-15 08:43 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2021-01-02 17:10 - 2017-03-23 09:38 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-02 17:10 - 2017-03-23 09:32 - 000000000 ____D C:\Program Files (x86)\Steam
2021-01-02 17:09 - 2020-10-15 08:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-02 17:03 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-02 17:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-02 16:54 - 2020-10-15 08:46 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-02 16:54 - 2019-12-07 15:43 - 000716706 _____ C:\WINDOWS\system32\perfh005.dat
2021-01-02 16:54 - 2019-12-07 15:43 - 000144884 _____ C:\WINDOWS\system32\perfc005.dat
2021-01-02 16:54 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-01-02 16:49 - 2018-07-23 19:38 - 000000000 ____D C:\Program Files\CCleaner
2021-01-02 16:47 - 2020-11-07 21:16 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-02 16:47 - 2020-10-15 08:43 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-02 16:47 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-01-02 16:47 - 2017-03-23 09:40 - 000000000 ____D C:\ProgramData\AVAST Software
2021-01-02 10:30 - 2017-03-23 09:32 - 000000000 ____D C:\Users\Ondřej\AppData\Roaming\IrfanView
2021-01-01 19:51 - 2020-08-13 10:22 - 000000000 ____D C:\Program Files\Google
2021-01-01 19:51 - 2017-03-23 09:32 - 000000000 ____D C:\Users\Ondřej\AppData\Local\Google
2021-01-01 19:00 - 2017-03-23 09:30 - 000000000 ____D C:\Program Files (x86)\Google
2021-01-01 16:33 - 2020-10-24 11:36 - 000176384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-01-01 16:33 - 2020-10-15 08:43 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-01-01 16:33 - 2020-04-20 18:27 - 000522480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-01-01 16:33 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-01-01 16:33 - 2019-01-15 19:18 - 000332880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-01-01 16:33 - 2019-01-05 10:55 - 000247888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-01-01 16:33 - 2019-01-05 10:55 - 000097360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-01-01 16:33 - 2019-01-05 10:55 - 000036792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-01-01 16:33 - 2018-11-09 13:12 - 000042424 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-01-01 16:33 - 2018-06-23 20:17 - 000016832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2021-01-01 16:33 - 2017-11-20 18:58 - 000208672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-01-01 16:33 - 2017-03-23 09:41 - 000851256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-01-01 16:33 - 2017-03-23 09:41 - 000469472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-01-01 16:33 - 2017-03-23 09:41 - 000326064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-01-01 16:33 - 2017-03-23 09:41 - 000108928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-01-01 16:33 - 2017-03-23 09:41 - 000084496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-12-25 10:21 - 2018-05-27 09:55 - 000000000 ____D C:\Users\Ondřej\AppData\Local\D3DSCache
2020-12-25 10:15 - 2020-10-17 08:15 - 000000000 ____D C:\Program Files\Common Files\Adobe
2020-12-25 10:15 - 2017-10-22 16:17 - 000000000 ____D C:\Users\Ondřej\AppData\Local\Packages
2020-12-25 10:15 - 2017-07-30 13:09 - 000000000 ____D C:\ProgramData\Adobe
2020-12-25 10:15 - 2017-03-23 16:22 - 000000000 ____D C:\Users\Ondřej\AppData\Roaming\Adobe
2020-12-25 10:14 - 2017-03-23 10:12 - 000000000 ____D C:\Users\Ondřej\AppData\Local\CrashDumps
2020-12-21 15:08 - 2019-04-19 14:25 - 000000000 ____D C:\Users\Ondřej\AppData\Local\Ubisoft Game Launcher
2020-12-21 15:03 - 2019-04-19 14:25 - 000000681 _____ C:\Users\Ondřej\Desktop\Ubisoft Connect.lnk
2020-12-21 15:03 - 2019-04-19 14:25 - 000000000 ____D C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2020-12-21 14:47 - 2020-06-18 12:49 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-21 14:47 - 2020-06-18 12:49 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-12-12 15:21 - 2020-09-06 12:08 - 007114256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-12-12 09:29 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-12 04:59 - 2020-09-06 12:08 - 000060811 _____ C:\WINDOWS\system32\nvinfo.pb
2020-12-12 00:55 - 2020-09-06 12:09 - 009371667 _____ C:\WINDOWS\system32\nvcoproc.bin
2020-12-12 00:55 - 2020-09-06 12:09 - 005622072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2020-12-12 00:55 - 2020-09-06 12:09 - 002636776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2020-12-12 00:55 - 2020-09-06 12:09 - 001760232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2020-12-12 00:55 - 2020-09-06 12:09 - 000992232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2020-12-12 00:55 - 2020-09-06 12:09 - 000121144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2020-12-12 00:55 - 2020-09-06 12:09 - 000083256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2020-12-11 20:39 - 2020-10-15 08:36 - 000462384 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-11 20:38 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-12-11 20:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-11 20:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-11 20:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-12-11 20:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-11 20:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-12-11 20:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-11 20:38 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-11 20:38 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-04 04:04 - 2020-09-06 12:08 - 001682376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2020-12-04 04:04 - 2020-09-06 12:08 - 000135592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
==================== Files in the root of some directories ========
2017-03-23 13:20 - 2017-03-23 13:20 - 000007601 _____ () C:\Users\Ondřej\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by Ondřej (02-01-2021 18:20:14)
Running from C:\Users\Ondřej\Desktop
Windows 10 Pro Version 20H2 19042.685 (X64) (2020-10-15 07:43:18)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1043091084-1387024647-1964063134-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1043091084-1387024647-1964063134-503 - Limited - Disabled)
Guest (S-1-5-21-1043091084-1387024647-1964063134-501 - Limited - Disabled)
Ondřej (S-1-5-21-1043091084-1387024647-1964063134-1001 - Administrator - Enabled) => C:\Users\Ondřej
WDAGUtilityAccount (S-1-5-21-1043091084-1387024647-1964063134-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Spybot - Search and Destroy (Disabled - Out of date) {F77C7796-45C4-531E-0DAE-B4A8229B11C8}
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\...\uTorrent) (Version: 3.5.5.45790 - BitTorrent Inc.)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
7-Zip 19.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov)
Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated)
Aktualizace NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
ASUS Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.5000 - ASUS)
Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 86.1.6937.199 - Autoři prohlížeče Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
Balíček ovladače systému Windows - Broadcom Corporation (bcbtums) Bluetooth (07/14/2015 12.0.1.658) (HKLM\...\BABE4E18F2E0DA329C1139E5584082BBE6F64E5F) (Version: 07/14/2015 12.0.1.658 - Broadcom Corporation)
Blizzard App (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Caps Lock Changer 1.0 (HKLM-x32\...\Caps Lock Changer) (Version: 1.0 - Filebird.com)
CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform)
CPUID CPU-Z 1.91 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.91 - CPUID, Inc.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd)
Dark Souls II Scholar of the First Sin (HKLM-x32\...\Dark Souls II Scholar of the First Sin_is1) (Version: - )
Dark Souls III The Ringed City (HKLM-x32\...\Dark Souls III The Ringed City_is1) (Version: - )
Dauntless (HKLM\...\{03AFDFA7-7A23-41B1-AAC2-3898591127D3}) (Version: 1.00.0000 - Phoenix Labs)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Doom (HKLM-x32\...\{B6A2B3BA-C93E-4AEE-BBCF-BE91DDC84962}_is1) (Version: - id Software)
Epic Games Launcher (HKLM-x32\...\{19BC09B5-F319-4A61-A878-475E7F7054EA}) (Version: 1.1.195.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Far Cry 4 Inc. Valley of the Yetis version 1.0.0 (HKLM-x32\...\Far Cry 4 Inc. Valley of the Yetis_is1) (Version: 1.0.0 - Ubisoft)
Far Cry Primal (HKLM-x32\...\{80BD47AF-CF13-49B2-99BF-7E78FBA26124}_is1) (Version: - Ubisoft)
Google Earth Pro (HKLM\...\{FB8010D4-05F4-420D-8DFC-2F911A6DD100}) (Version: 7.3.3.7786 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Gothic (HKLM-x32\...\1207658682_is1) (Version: 2.1.0.7 - GOG.com)
CHUCHEL (HKLM-x32\...\1825910123_is1) (Version: 1.0.0 - GOG.com)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1004 - Intel Corporation)
Intel(R) Network Connections 21.1.30.0 (HKLM\...\PROSetDX) (Version: 21.1.30.0 - Intel)
Intel(R) Online Connect Software Asset Manager (HKLM-x32\...\{AE956AB9-CD98-4F1E-8B9E-C3C66E290D64}) (Version: 3.4.2072 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
IrfanView 4.56 (64-bit) (HKLM\...\IrfanView64) (Version: 4.56 - Irfan Skiljan)
Java 8 Update 271 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.66 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft OneDrive (HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\...\OneDriveSetup.exe) (Version: 20.124.0621.0006 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{97238E8A-4919-4A1E-965A-C6C36938F4CE}) (Version: 2.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.14 - MSI)
MSIRegister (HKLM-x32\...\{80B995A4-3A86-4690-98A6-563F1A788835}_is1) (Version: 2.0.0.08 - MSI)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 460.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 460.89 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Oblivion - Horse Armor Pack (HKLM-x32\...\{3ABEBD00-299D-4DCA-967F-B912163AB5EA}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Knights of the Nine (HKLM-x32\...\{14C87AA7-08E6-419F-A165-998EBE5023D7}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Mehrunes Razor (HKLM-x32\...\{EF295F5C-7B57-47AA-8889-6B3E8E214E89}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Orrery (HKLM-x32\...\{EC425CFC-EE78-4A91-AA25-3BFA65B75364}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Spell Tomes (HKLM-x32\...\{16D919E6-F019-4E15-BFBE-4A85EF19DA57}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Thieves Den (HKLM-x32\...\{FFFFFD17-B460-41EB-93F1-C48ABAD63828}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Vile Lair (HKLM-x32\...\{520F4B09-3A51-47A2-82B0-9FF1DC2D20FA}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Wizard's Tower (HKLM-x32\...\{2F2E3D62-8B8C-448F-8900-451325E50948}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
OpenOffice 4.1.4 (HKLM-x32\...\{726F81BD-FECF-412D-917B-F237CD6C8FFE}) (Version: 4.14.9787 - Apache Software Foundation)
Ovládací panel NVIDIA 460.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 460.89 - NVIDIA Corporation) Hidden
PDF24 Creator 9.2.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 9.2.2 - PDF24.org)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8169 - Realtek Semiconductor Corp.)
RiME (HKLM-x32\...\1553712069_is1) (Version: 1.02 - GOG.com)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Skype verze 8.44 (HKLM-x32\...\Skype_is1) (Version: 8.44 - Skype Technologies S.A.)
Smart Watermark 2.0.1.0 (HKLM-x32\...\Smart Watermark 2.0.1.0) (Version: 2.0.1.0 - Vedran Budimir Bajer)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.9.2014.1 - SteelSeries)
SteelSeries Engine 3.18.15 (HKLM\...\SteelSeries Engine 3) (Version: 3.18.15 - SteelSeries ApS)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.75813 - TeamViewer)
The Elder Scrolls V Skyrim Special Edition verze 1.00 (HKLM-x32\...\The Elder Scrolls V Skyrim Special Edition_is1) (Version: 1.00 - )
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 9.0a - Ghisler Software GmbH)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 85.1 - Ubisoft)
Unravel - Version 1.0 (HKLM-x32\...\Unravel_is1) (Version: 1.0 - RePack by VickNet)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
ViGEm Bus Driver (HKLM\...\{4030BA52-E312-462E-B020-CCB5A2AC5497}) (Version: 1.16.116 - Nefarius Software Solutions e.U.)
Visual Watermark version 5.11 (HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\...\{ADD0F13D-4EB0-4324-AF83-24870EC44BF6}_is1) (Version: 5.11 - Portfoler sp. z o. o.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Vypínač na dobrou noc verze 2.0 (HKLM-x32\...\Vypínač na dobrou noc_is1) (Version: - )
Packages:
=========
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_122.1.778.0_x64__v10z8vjag6ke6 [2020-12-21] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-05] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-05] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-24] (Microsoft Studios) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-15] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-01-01] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-01-01] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-01-01] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-12-12] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-01-01] (Avast Software s.r.o. -> AVAST Software)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2017-07-30 12:51 - 2014-04-09 05:25 - 000071680 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\mssmp3.asi
2017-07-30 12:51 - 2014-04-09 05:25 - 000153088 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\mssvoice.asi
2014-10-09 20:44 - 2014-10-09 20:44 - 000030720 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\CODMousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000029696 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\CSGOMousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000030720 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\D3MousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000034304 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\DBUtils.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000030208 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\DOTA2MousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000115200 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\DriverCommunication.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000030720 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\GW2MousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000057344 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\Interop.BSteelLinkLib.dll
2014-10-09 20:43 - 2014-10-09 20:43 - 000011264 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\ISSPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000031744 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\KKMousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000015872 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\Localization.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000159744 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\MLGSenseiPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000189440 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\MousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000030720 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\SRawPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000504832 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineLib.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 009315328 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineWinGui.dll
2014-10-08 16:30 - 2014-10-08 16:30 - 000047616 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesDrivers\x2api.dll
2014-10-08 16:30 - 2014-10-08 16:30 - 001102336 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\System.Data.SQLite.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000011264 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\Utilities.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000030208 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\WoTMousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000020992 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\WoWGoldPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000023040 _____ () [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\WoWWirelessPlugin.dll
2019-12-23 17:49 - 2019-12-23 17:49 - 002146304 _____ (Holtek Semiconductor Inc.) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine 3\HIDDLL.dll
2019-12-23 17:49 - 2019-12-23 17:49 - 002284032 _____ (Holtek) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine 3\ISPDLL.dll
2014-10-08 16:30 - 2014-10-08 16:30 - 000200704 _____ (ICSharpCode.net) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\ICSharpCode.SharpZipLib.dll
2019-02-21 21:00 - 2019-02-21 21:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2016-10-07 16:05 - 2016-10-07 16:05 - 000347648 _____ (Intel(R) Corporation) [File not signed] C:\Windows\system32\NCS2Setp.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000027136 _____ (Protolog Systems Ltd.) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\D3HeadsetPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000024064 _____ (Protolog Systems Ltd.) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\PluginAbstract.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000125440 _____ (Protolog Systems Ltd.) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\VoicePlugin.dll
2017-07-30 12:51 - 2014-05-03 02:16 - 000440320 _____ (RAD Game Tools, Inc.) [File not signed] C:\Program Files (x86)\Steam\bin\mss32.DLL
2017-07-30 12:51 - 2014-04-09 05:25 - 000055296 _____ (RAD Game Tools, Inc.) [File not signed] C:\Program Files (x86)\Steam\bin\mssdsp.flt
2014-10-08 16:30 - 2014-10-08 16:30 - 000653824 _____ (TODO: <Company name>) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesDrivers\BSteelLink.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
SearchScopes: HKU\S-1-5-21-1043091084-1387024647-1964063134-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_271\bin\ssv.dll [2020-10-26] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_271\bin\jp2ssv.dll [2020-10-26] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 08:24 - 2021-01-02 12:20 - 000000753 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\ASUS\Bluetooth Software\;C:\Program Files\ASUS\Bluetooth Software\syswow64;;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ondřej\AppData\Roaming\IrfanView\IrfanView_Wallpaper.png
DNS Servers: 213.46.172.38 - 213.46.172.39
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "Live Update"
HKLM\...\StartupApproved\Run32: => "MSIRegister"
HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\...\StartupApproved\Run: => "CCXProcess"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{95CDEDA4-5C72-43AC-A2B0-66AF76F6B6AE}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{1A462AD2-5CF0-41F8-8BDE-7DA8587D8343}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{824A2B99-126B-4A9E-9B8B-ECB94922F70C}] => (Allow) D:\STEAM\steamapps\common\Jump King\JumpKing.exe () [File not signed]
FirewallRules: [{66D74262-AC14-465A-AAD2-2D3E9510CF58}] => (Allow) D:\STEAM\steamapps\common\Jump King\JumpKing.exe () [File not signed]
FirewallRules: [{62ABB066-6F59-4917-9180-89E5D227AA61}] => (Allow) D:\STEAM\steamapps\common\Horizon Zero Dawn\HorizonZeroDawn.exe () [File not signed]
FirewallRules: [{29969F94-AA8C-4D50-A096-7CD982A0E513}] => (Allow) D:\STEAM\steamapps\common\Horizon Zero Dawn\HorizonZeroDawn.exe () [File not signed]
FirewallRules: [{6A452FCD-AC48-41EA-B1B9-27BB9FC4F6FB}] => (Allow) D:\STEAM\steamapps\common\Outward\Outward.exe () [File not signed]
FirewallRules: [{81007FAB-6121-4AE8-A58E-2D528C9E66C6}] => (Allow) D:\STEAM\steamapps\common\Outward\Outward.exe () [File not signed]
FirewallRules: [UDP Query User{F55C5084-C204-4E6F-B882-D0F3557A62CC}D:\hry\diablo iii\x64\diablo iii64.exe] => (Allow) D:\hry\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{3223C94E-7CB1-4E69-AFF8-CBC8BE072098}D:\hry\diablo iii\x64\diablo iii64.exe] => (Allow) D:\hry\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{9B9B8834-96B3-40F3-8B2E-7AC535AA1532}] => (Allow) D:\STEAM\steamapps\common\Monster Hunter World\MonsterHunterWorld.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
FirewallRules: [{8233AD85-E759-44EC-9BA4-E844155A7945}] => (Allow) D:\STEAM\steamapps\common\Monster Hunter World\MonsterHunterWorld.exe (CAPCOM CO., LTD. -> CAPCOM CO., LTD.)
FirewallRules: [{096A46F3-5634-46BA-929F-06A0C97D987A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{21B1DB04-2461-4EA5-9A72-BA6BB5E06DC1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{F460D8A8-E3FA-4F98-969B-BB04B51038C7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5F9CA237-B30F-4D44-B3BB-39EB52C399C0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{C5A2674B-2A56-4355-88BC-BB6607BD46BB}D:\hry\rime\sirengame\binaries\win64\sirengame-win64-shipping.exe] => (Allow) D:\hry\rime\sirengame\binaries\win64\sirengame-win64-shipping.exe (Six Foot, LLC -> )
FirewallRules: [TCP Query User{529F56D0-092E-4FCC-9BB8-BDCB2FD6C8B8}D:\hry\rime\sirengame\binaries\win64\sirengame-win64-shipping.exe] => (Allow) D:\hry\rime\sirengame\binaries\win64\sirengame-win64-shipping.exe (Six Foot, LLC -> )
FirewallRules: [UDP Query User{F5AA10E0-FC3E-494B-8437-39BBB90D34EF}C:\users\ondřej\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ondřej\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{EB2CF4C9-CA33-4118-B9DD-1B91AD77B2AA}C:\users\ondřej\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ondřej\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{7F11C1C7-4F49-4BC6-9EB8-623BBE9E0D05}] => (Allow) LPort=3935
FirewallRules: [{AE95CE85-4EEA-4DA3-8AA5-6CF930F4EFF3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6ABB64F1-28EF-4D26-84F4-5A54E0AAABF3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AD9C8A0A-9979-496D-9180-50F847F2076B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9E63232C-A2BD-427B-8F6D-5CF84B81A33F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7251DEA8-90FA-4DDD-B9C7-D365FCB988E7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{8222997A-4130-4F22-96C4-CE229C3A893A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{4064711F-0F71-4AEA-BC4D-ED92DEAA3076}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{6E19F159-4504-4F5C-92D8-1654E7AB6C4B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{1287CAA5-F283-4107-AEB2-6A476C56C314}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F43898EF-3271-4739-8CC7-78F89BB463E5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{C810C44B-CB5A-4410-BF2D-899E3CE388CE}D:\hry\doom\doomx64.exe] => (Allow) D:\hry\doom\doomx64.exe (id Software) [File not signed]
FirewallRules: [UDP Query User{5684ABC4-3BE5-412D-9902-D6036FEC4CE6}D:\hry\doom\doomx64.exe] => (Allow) D:\hry\doom\doomx64.exe (id Software) [File not signed]
FirewallRules: [TCP Query User{D801AB56-5562-4318-B012-2F88FF610E75}D:\hry\far cry 4 inc. valley of the yetis\bin\farcry4.exe] => (Allow) D:\hry\far cry 4 inc. valley of the yetis\bin\farcry4.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{14D7E9CC-C15D-4728-A2F6-8ADF41F435BE}D:\hry\far cry 4 inc. valley of the yetis\bin\farcry4.exe] => (Allow) D:\hry\far cry 4 inc. valley of the yetis\bin\farcry4.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [TCP Query User{5CCBCEB8-559A-4BCA-8B1A-88D30A32FB90}D:\hry\far cry primal\bin\fcprimal.exe] => (Block) D:\hry\far cry primal\bin\fcprimal.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [UDP Query User{FD660E02-A757-483F-8AA3-F801FF8FFE20}D:\hry\far cry primal\bin\fcprimal.exe] => (Block) D:\hry\far cry primal\bin\fcprimal.exe (UBISOFT ENTERTAINMENT INC. -> Ubisoft Entertainment)
FirewallRules: [{383FC98F-1B1A-4C8C-A8FB-915A24592C26}] => (Allow) D:\STEAM\steamapps\common\theHunterCotW\theHunterCotW_F.exe () [File not signed]
FirewallRules: [{3C4F66AA-354C-46D8-9399-722F040A686A}] => (Allow) D:\STEAM\steamapps\common\theHunterCotW\theHunterCotW_F.exe () [File not signed]
FirewallRules: [{C2E68A09-E1FB-4142-9652-C0BA30A0F3BA}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5EEEF40A-9094-472C-A330-D818D66C57F5}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{C75A5296-FB12-41D2-BB4B-FA59659BFA56}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{7E266DE5-95BD-45B9-B1A1-1F3F280099FC}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{9C00763B-1D5C-48DA-9217-CE79EC1B4554}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{694997E2-C7E3-45C5-ADEC-0E716E0512F4}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{7C674647-4F4F-4720-AC8D-D51365CAB196}C:\program files\java\jre1.8.0_271\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_271\bin\javaw.exe
FirewallRules: [UDP Query User{8B49BE04-8E15-4619-A3ED-C17BB5370D5D}C:\program files\java\jre1.8.0_271\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_271\bin\javaw.exe
FirewallRules: [{3AC0F364-9D7D-4886-9A5F-8DDB4762709B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2F7C72DA-1F5C-40F5-819A-12C42B05671C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4ADC31D8-E633-4708-9DED-D2164E0BB69F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2091E9D8-524F-462D-AEF3-89AC0296DB3E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{198C0C9F-EB6D-4A5E-8CC8-717463C143D0}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{E4015090-9DC7-433E-A842-46056FF6B7D2}] => (Allow) D:\STEAM\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{5778DDB0-3F54-4B74-ACD2-FCF9070EBC16}] => (Allow) D:\STEAM\steamapps\common\The Witcher 3\bin\x64\witcher3.exe (CD Projekt Red) [File not signed]
FirewallRules: [{6CAF25C4-5038-428A-96BE-17571C727BF8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E2E4019D-23A3-4F7D-8B44-4CBB65860B75}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A5AE8717-01A5-41C7-A701-490301F37EC6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5D0BB0E3-A24F-4241-8224-8CB19EA041FE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BD3CA6C0-8C06-48AE-AC36-7FDAFB21417C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{CD220340-8F62-4E97-9D83-F1DC02889D97}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A1EFE71C-3723-4261-AAEE-4E27CE76DEE4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{01ED3183-AC12-40B2-B213-74650A85489A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{50BE019A-A3D0-45B2-BD06-B2ABEE488C09}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
02-01-2021 12:19:45 zoek.exe restore point
02-01-2021 12:22:00 JRT Pre-Junkware Removal
02-01-2021 12:39:41 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices ============
Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Myš Microsoft PS/2
Description: Myš Microsoft PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: ========================
Application errors:
==================
Error: (01/02/2021 04:48:06 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_ca04af081b815d21.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_11b1e5df2ffd8627.manifest.
Error: (01/02/2021 04:48:04 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_ca04af081b815d21.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_11b1e5df2ffd8627.manifest.
Error: (01/02/2021 04:48:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MSI_LiveUpdate_Service.exe, verze: 1.0.0.44, časové razítko: 0x5949e886
Název chybujícího modulu: NDA.dll_unloaded, verze: 1.0.0.15, časové razítko: 0x581aa4cc
Kód výjimky: 0xc0000005
Posun chyby: 0x000f650e
ID chybujícího procesu: 0x137c
Čas spuštění chybující aplikace: 0x01d6e11ea5b5aad0
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
Cesta k chybujícímu modulu: NDA.dll
ID zprávy: 67cdc6ee-5631-4abe-bde3-392778cf7aa1
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (01/02/2021 03:35:43 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_ca04af081b815d21.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_11b1e5df2ffd8627.manifest.
Error: (01/02/2021 03:35:41 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_ca04af081b815d21.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_11b1e5df2ffd8627.manifest.
Error: (01/02/2021 12:38:23 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_ca04af081b815d21.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_11b1e5df2ffd8627.manifest.
Error: (01/02/2021 12:38:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MSI_LiveUpdate_Service.exe, verze: 1.0.0.44, časové razítko: 0x5949e886
Název chybujícího modulu: NDA.dll_unloaded, verze: 1.0.0.15, časové razítko: 0x581aa4cc
Kód výjimky: 0xc0000005
Posun chyby: 0x000f650e
ID chybujícího procesu: 0x1540
Čas spuštění chybující aplikace: 0x01d6e0fbc40f9d3f
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
Cesta k chybujícímu modulu: NDA.dll
ID zprávy: 6b87a480-4e5c-4757-b25f-8655f1bbacff
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (01/02/2021 12:38:19 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_ca04af081b815d21.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_11b1e5df2ffd8627.manifest.
System errors:
=============
Error: (01/02/2021 05:03:27 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.
Error: (01/02/2021 04:48:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MSI Live Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (01/02/2021 02:02:04 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-ETBFFP7)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/02/2021 12:39:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba PDF24 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.
Error: (01/02/2021 12:39:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (01/02/2021 12:39:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (01/02/2021 12:38:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MSI Live Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (01/02/2021 12:29:08 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
CodeIntegrity:
===================================
Date: 2021-01-02 18:18:14.0310000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-02 18:18:10.4960000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-02 18:18:10.3340000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-02 18:18:09.2200000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-02 18:18:09.2070000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-02 18:18:08.9670000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-02 18:18:08.9510000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-01-02 18:18:08.9230000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 1.00 10/26/2016
Motherboard: MSI Z270 PC MATE (MS-7A72)
Processor: Intel(R) Core(TM) i5-7600K CPU @ 3.80GHz
Percentage of memory in use: 43%
Total physical RAM: 8148.79 MB
Available physical RAM: 4605.58 MB
Total Virtual: 13780.79 MB
Available Virtual: 6923.74 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:118.73 GB) (Free:27.28 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.02 GB) (Free:442.53 GB) NTFS
\\?\Volume{972b0071-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{972b0069-0000-0000-0000-10af1d000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 972B0071)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 119.2 GB) (Disk ID: 972B0069)
Partition 1: (Not Active) - (Size=118.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=517 MB) - (Type=27)
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pup up add v prohližeči?
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\...\Run: [Ondřej] => explorer.exe hxxp://kb-ribaki.org <==== ATTENTION
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2020-12-23]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {3DE46E3E-9DB2-4F2A-BD6C-49ED2C1817C9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-03-23] (Google Inc -> Google Inc.)
Task: {490790B9-C935-40E2-81C6-2CBED62861FD} - \AvastUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {4A0F16B2-2626-437D-8769-87B7652DDCFF} - System32\Tasks\Ondřej => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v Ondřej /t REG_SZ /d "explorer.exe http://kb-ribaki.org" <==== ATTENTION
Task: {60C98333-38FA-4207-BAD2-B636250778AE} - \Avast Secure Browser Heartbeat Task (Logon) -> No File <==== ATTENTION
Task: {732E3C95-8181-477D-9292-61ADDEE9FF57} - \AvastUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {7D35A1ED-C713-49F6-B2A9-CCFC8693BCA6} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {8124A3FD-9775-4B81-A8A6-D53BFB1F948A} - System32\Tasks\{D201824E-7SP1-4321-8GH5-LA32311B16CA} => C:\Users\Ondřej\AppData\Roaming\Winamp\Precomp\precomp.exe <==== ATTENTION
Task: {96590DF9-D3C6-47C3-B4B4-2AE3E34EADA3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-03-23] (Google Inc -> Google Inc.)
Task: {9C1CFE87-7368-4190-8976-CEDA4A20975D} - \Avast Secure Browser Heartbeat Task (Hourly) -> No File <==== ATTENTION
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
FirewallRules: [{BD3CA6C0-8C06-48AE-AC36-7FDAFB21417C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => No File
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pup up add v prohližeči?
posilam fixlog a dodavam info, ze po restartu PC se prohlizec neotevrel
Fix result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by Ondřej (02-01-2021 19:15:29) Run:1
Running from C:\Users\Ondřej\Desktop
Loaded Profiles: Ondřej
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\...\Run: [Ondřej] => explorer.exe hxxp://kb-ribaki.org <==== ATTENTION
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2020-12-23]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {3DE46E3E-9DB2-4F2A-BD6C-49ED2C1817C9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-03-23] (Google Inc -> Google Inc.)
Task: {490790B9-C935-40E2-81C6-2CBED62861FD} - \AvastUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {4A0F16B2-2626-437D-8769-87B7652DDCFF} - System32\Tasks\Ondřej => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v Ondřej /t REG_SZ /d "explorer.exe http://kb-ribaki.org" <==== ATTENTION
Task: {60C98333-38FA-4207-BAD2-B636250778AE} - \Avast Secure Browser Heartbeat Task (Logon) -> No File <==== ATTENTION
Task: {732E3C95-8181-477D-9292-61ADDEE9FF57} - \AvastUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {7D35A1ED-C713-49F6-B2A9-CCFC8693BCA6} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {8124A3FD-9775-4B81-A8A6-D53BFB1F948A} - System32\Tasks\{D201824E-7SP1-4321-8GH5-LA32311B16CA} => C:\Users\Ondřej\AppData\Roaming\Winamp\Precomp\precomp.exe <==== ATTENTION
Task: {96590DF9-D3C6-47C3-B4B4-2AE3E34EADA3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-03-23] (Google Inc -> Google Inc.)
Task: {9C1CFE87-7368-4190-8976-CEDA4A20975D} - \Avast Secure Browser Heartbeat Task (Hourly) -> No File <==== ATTENTION
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
FirewallRules: [{BD3CA6C0-8C06-48AE-AC36-7FDAFB21417C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => No File
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
"HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Ondřej" => removed successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3DE46E3E-9DB2-4F2A-BD6C-49ED2C1817C9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3DE46E3E-9DB2-4F2A-BD6C-49ED2C1817C9}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{490790B9-C935-40E2-81C6-2CBED62861FD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{490790B9-C935-40E2-81C6-2CBED62861FD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AvastUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{4A0F16B2-2626-437D-8769-87B7652DDCFF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4A0F16B2-2626-437D-8769-87B7652DDCFF}" => removed successfully
C:\WINDOWS\System32\Tasks\Ondřej => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Ondřej" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{60C98333-38FA-4207-BAD2-B636250778AE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{60C98333-38FA-4207-BAD2-B636250778AE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Secure Browser Heartbeat Task (Logon)" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{732E3C95-8181-477D-9292-61ADDEE9FF57}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{732E3C95-8181-477D-9292-61ADDEE9FF57}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AvastUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7D35A1ED-C713-49F6-B2A9-CCFC8693BCA6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D35A1ED-C713-49F6-B2A9-CCFC8693BCA6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8124A3FD-9775-4B81-A8A6-D53BFB1F948A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8124A3FD-9775-4B81-A8A6-D53BFB1F948A}" => removed successfully
C:\WINDOWS\System32\Tasks\{D201824E-7SP1-4321-8GH5-LA32311B16CA} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D201824E-7SP1-4321-8GH5-LA32311B16CA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{96590DF9-D3C6-47C3-B4B4-2AE3E34EADA3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{96590DF9-D3C6-47C3-B4B4-2AE3E34EADA3}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9C1CFE87-7368-4190-8976-CEDA4A20975D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C1CFE87-7368-4190-8976-CEDA4A20975D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Secure Browser Heartbeat Task (Hourly)" => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BD3CA6C0-8C06-48AE-AC36-7FDAFB21417C}" => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 24436049 B
Java, Flash, Steam htmlcache => 388046469 B
Windows/system/drivers => 18020686 B
Edge => 32768 B
Chrome => 0 B
Firefox => 32410374 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 40690 B
NetworkService => 40690 B
Ondřej => 6620364 B
RecycleBin => 0 B
EmptyTemp: => 457.7 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 19:15:37 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by Ondřej (02-01-2021 19:15:29) Run:1
Running from C:\Users\Ondřej\Desktop
Loaded Profiles: Ondřej
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\...\Run: [Ondřej] => explorer.exe hxxp://kb-ribaki.org <==== ATTENTION
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2020-12-23]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {3DE46E3E-9DB2-4F2A-BD6C-49ED2C1817C9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-03-23] (Google Inc -> Google Inc.)
Task: {490790B9-C935-40E2-81C6-2CBED62861FD} - \AvastUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {4A0F16B2-2626-437D-8769-87B7652DDCFF} - System32\Tasks\Ondřej => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v Ondřej /t REG_SZ /d "explorer.exe http://kb-ribaki.org" <==== ATTENTION
Task: {60C98333-38FA-4207-BAD2-B636250778AE} - \Avast Secure Browser Heartbeat Task (Logon) -> No File <==== ATTENTION
Task: {732E3C95-8181-477D-9292-61ADDEE9FF57} - \AvastUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {7D35A1ED-C713-49F6-B2A9-CCFC8693BCA6} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {8124A3FD-9775-4B81-A8A6-D53BFB1F948A} - System32\Tasks\{D201824E-7SP1-4321-8GH5-LA32311B16CA} => C:\Users\Ondřej\AppData\Roaming\Winamp\Precomp\precomp.exe <==== ATTENTION
Task: {96590DF9-D3C6-47C3-B4B4-2AE3E34EADA3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-03-23] (Google Inc -> Google Inc.)
Task: {9C1CFE87-7368-4190-8976-CEDA4A20975D} - \Avast Secure Browser Heartbeat Task (Hourly) -> No File <==== ATTENTION
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
FirewallRules: [{BD3CA6C0-8C06-48AE-AC36-7FDAFB21417C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => No File
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
"HKU\S-1-5-21-1043091084-1387024647-1964063134-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Ondřej" => removed successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3DE46E3E-9DB2-4F2A-BD6C-49ED2C1817C9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3DE46E3E-9DB2-4F2A-BD6C-49ED2C1817C9}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{490790B9-C935-40E2-81C6-2CBED62861FD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{490790B9-C935-40E2-81C6-2CBED62861FD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AvastUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{4A0F16B2-2626-437D-8769-87B7652DDCFF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4A0F16B2-2626-437D-8769-87B7652DDCFF}" => removed successfully
C:\WINDOWS\System32\Tasks\Ondřej => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Ondřej" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{60C98333-38FA-4207-BAD2-B636250778AE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{60C98333-38FA-4207-BAD2-B636250778AE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Secure Browser Heartbeat Task (Logon)" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{732E3C95-8181-477D-9292-61ADDEE9FF57}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{732E3C95-8181-477D-9292-61ADDEE9FF57}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AvastUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7D35A1ED-C713-49F6-B2A9-CCFC8693BCA6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7D35A1ED-C713-49F6-B2A9-CCFC8693BCA6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8124A3FD-9775-4B81-A8A6-D53BFB1F948A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8124A3FD-9775-4B81-A8A6-D53BFB1F948A}" => removed successfully
C:\WINDOWS\System32\Tasks\{D201824E-7SP1-4321-8GH5-LA32311B16CA} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D201824E-7SP1-4321-8GH5-LA32311B16CA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{96590DF9-D3C6-47C3-B4B4-2AE3E34EADA3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{96590DF9-D3C6-47C3-B4B4-2AE3E34EADA3}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9C1CFE87-7368-4190-8976-CEDA4A20975D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C1CFE87-7368-4190-8976-CEDA4A20975D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Secure Browser Heartbeat Task (Hourly)" => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BD3CA6C0-8C06-48AE-AC36-7FDAFB21417C}" => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 24436049 B
Java, Flash, Steam htmlcache => 388046469 B
Windows/system/drivers => 18020686 B
Edge => 32768 B
Chrome => 0 B
Firefox => 32410374 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 40690 B
NetworkService => 40690 B
Ondřej => 6620364 B
RecycleBin => 0 B
EmptyTemp: => 457.7 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 19:15:37 ====
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pup up add v prohližeči?
Vše bylo smazáno, PC by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pup up add v prohližeči?
V tom případě mnohokrát děkuji za Váš čas a pomoc.
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pup up add v prohližeči?
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?