==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671792 2014-03-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [116960 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [365160 2020-03-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\Run: [AvastBrowserAutoLaunch_2E05910479705D7B59776D699BE700F4] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2199624 2021-02-09] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\Run: [Discord] => C:\Users\Lukas\AppData\Local\Discord\app-0.0.308\Discord.exe [91023672 2020-09-10] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\MountPoints2: {5ac78779-6a73-11ea-8e10-f2f9e49aaac1} - "F:\SETUP.EXE"
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\MountPoints2: {5ac787c0-6a73-11ea-8e10-f2f9e49aaac1} - "G:\SETUP.EXE"
HKLM\...\Windows x64\Print Processors\HP1006S: C:\Windows\System32\spool\prtprocs\x64\HP1006S.DLL [373760 2010-06-29] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
HKLM\...\Print\Monitors\HP LaserJet P1006 Language Monitor: C:\Windows\system32\HP1006LM.DLL [403968 2010-06-29] (Microsoft Windows Hardware Compatibility Publisher -> Software 2000 Limited)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\88.1.8016.150\Installer\chrmstp.exe [2021-02-23] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.190\Installer\chrmstp.exe [2021-02-26] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\88.0.7844.104\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {05CE2B1D-4CA1-40F1-BE2E-0AF3519236D3} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {12BE066F-3BA9-4BF1-8B18-DD719BACABC0} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1368500D-8B19-432A-8019-36D9320B21EA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-10] (Adobe Inc. -> Adobe)
Task: {1F5362A4-8371-44F8-AFD6-9BECA64FC2EF} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [677344 2021-02-16] (Mozilla Corporation -> Mozilla Foundation)
Task: {246CA8DF-2CE8-4BDE-ACF8-D09146A574FF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-21] (Google Inc -> Google Inc.)
Task: {256A0FA2-32AC-4DA2-8560-C75B130C796F} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {279C8BE9-7188-4CD9-A715-B0EA8815669C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {28213E32-DFD5-4863-9260-456DBE138981} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3018344C-C562-4440-8011-AC90C367E2F2} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {31C6A98D-D996-40A7-90CD-76E243AEE9B0} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [7651984 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {383F93E8-D9EE-43BC-AC15-E46822051BFB} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {40021C5E-1DA8-4509-A2C3-739A54C1A34E} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {40DE1DAF-42B2-42C1-B695-D113F9EBB8EB} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [7192192 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {40F2D3DE-BF50-48A4-9A3E-DA749549AD5C} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {45418CD5-31D8-4BF2-8A4D-C250F58D6354} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {456CC290-136B-43EE-8897-851D34E671FB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-21] (Google Inc -> Google Inc.)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4A93DDDE-5185-4BC5-8E63-1902D9333EA0} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {50F0465A-3531-47E8-90EE-03031944ECEA} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {54523AA1-B933-435A-8BA3-252B0C1DCE16} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {60611B09-06CD-49F9-832D-FD17EC7C8A88} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2199624 2021-02-09] (Avast Software s.r.o. -> AVAST Software)
Task: {65387174-644C-4230-974C-0F526C22E7AA} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {653D566F-3399-400B-B413-5C4C85713B4D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6585C4E3-5626-487E-9445-28CAE05091B1} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {69D21B5D-836A-4B25-A4D0-FBECFC08629A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6D203447-CE1A-46C1-83AA-20E07DE94764} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {73681010-AB11-4F29-831C-80310566C9D4} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7437CD26-DE57-48D7-8230-F73384F750CA} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {77CA03A1-A407-422C-AF46-C28095940FD1} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {7998CCAC-DB20-4454-984B-D33772809E55} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {7AD217A0-EF1B-40CE-B8CA-1C435A279BC7} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7C91B1FD-6B36-43CF-A983-A99D0F7274DD} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2199624 2021-02-09] (Avast Software s.r.o. -> AVAST Software)
Task: {84814F73-9C30-4539-9495-4ED3D2E5D4C9} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {85BF30FB-C4C0-497B-A8D6-B1815E95543F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {86D8F8D8-DC7C-4EC0-9AC1-6A44FA05EAC1} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {898C7DF5-B7EC-45D2-A485-4737ADC28793} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {92AD968A-97CA-4BA0-8D72-27FFFADE6E41} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {93BE425F-F957-47A1-8A23-298A95A580EE} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4682976 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
Task: {93EE2C40-F5E8-4475-A3D9-F8A5568BDBCF} - System32\Tasks\vypnutí PC => C:\Windows\System32\Shutdown.exe [28160 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {961D7EF2-6EF1-438C-AACA-13EF19E51B04} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {96F4DCDE-2D23-47EA-96EC-E2C3407FF5D5} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {A1ECFBE8-CF2D-4AF0-869B-B445B0BEAD21} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A728FA1C-009B-4A50-BEA6-EE44AABAB25B} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A7DF6CDB-D1B2-47B4-B561-B47D45F1E725} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {AB797031-2B1E-4A89-8BFF-61E8D6D7AF2E} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-10] (Adobe Inc. -> Adobe)
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {C69DD1B6-E128-47D2-A1C3-EDB50737FB0B} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C7DD3BB9-D0C2-4B17-8BAB-5B5CD99C3CE2} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CB0EDB87-11A8-4CCD-8BF4-0BEDAA62043A} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {CDF94340-F01C-4E81-ACE4-A50F49BDBB85} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1791712 2021-02-23] (Avast Software s.r.o. -> Avast Software)
Task: {D23F6C49-19F0-48CA-B81E-756EF5C39816} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D6710684-D3A4-4E70-9553-13F93C18FDC7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DE32B89D-77B7-4640-A7AC-FDDD91436FB5} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DF9B86DB-13FD-4811-8976-A30F54CECF76} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [6944304 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {E8C20F06-C8BF-416C-BFF4-53E12F099CE9} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E8EEFC0E-6466-4364-9BA4-3709CC6D1364} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FE8BC8AF-C089-4CD2-ABCB-65A92899130E} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{6eb17d81-3f3b-441e-8645-a94c2aebdc34}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{BA5FFC89-EFF1-48C9-B27F-3182ECAC2349}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{c32a0f60-2d9d-4c0d-a98d-917a99d86f8f}: [DhcpNameServer] 192.168.42.129
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Lukas\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-10]
FireFox:
========
FF DefaultProfile: d6l8lr9m.default
FF ProfilePath: C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\d6l8lr9m.default [2021-02-26]
FF Session Restore: Mozilla\Firefox\Profiles\d6l8lr9m.default -> is enabled.
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2020-03-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2020-03-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-02-25] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default [2021-02-26]
CHR Notifications: Default -> hxxps://meet.google.com; hxxps://www.4camping.cz; hxxps://www.facebook.com; hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxp://search.babylon.com/?affID=112555&tt=010712_1&babsrc=HP_ss&mntrId=fa9065f6000000000000f4ec3888e107","hxxp://start.facemoods.com/?a=ddrnw","www.google.com","hxxp://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (James White) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm [2016-04-24]
CHR Extension: (Dota 2 Stream Browser) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnhfhjlfbaehncgjfnleejhehimhleip [2020-05-12]
CHR Extension: (Tampermonkey) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2020-10-24]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-02-25]
CHR Extension: (sFTP Client) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jajcoljhdglkjpfefjkgiohbhnkkmipm [2020-04-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Chrome Media Router) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-31]
CHR Profile: C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\System Profile [2020-12-28]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-10] (Adobe Inc. -> Adobe)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7878680 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621608 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [352480 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\88.1.8016.150\elevation_service.exe [1456376 2021-02-09] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56904 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4506728 2020-03-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2020-02-24] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2020-02-24] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35648 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208024 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [357320 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [249304 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [98760 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-22] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41272 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175248 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [521336 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107784 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83360 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850112 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [465656 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215328 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-03-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-03-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [254528 2017-01-28] (DT Soft Ltd -> DT Soft Ltd)
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [25608 2020-02-08] (AVG Technologies CZ, s.r.o. -> SlimWare Utilities, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2020-02-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2020-02-24] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2020-02-24] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-26 16:10 - 2021-02-26 16:10 - 000024992 _____ C:\Users\Lukas\Desktop\FRST.txt
2021-02-26 16:07 - 2021-02-26 16:07 - 002301440 _____ (Farbar) C:\Users\Lukas\Desktop\FRST64.exe
2021-02-26 15:57 - 2021-02-26 16:10 - 000000000 ____D C:\FRST
2021-02-24 17:43 - 2021-02-24 17:43 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-02-24 17:43 - 2021-02-24 17:43 - 000215328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-02-18 09:55 - 2021-02-18 09:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-02-16 08:02 - 2021-02-26 16:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-02-13 13:06 - 2021-02-13 13:26 - 000000000 ____D C:\Users\Lukas\Documents\Path of Building
2021-02-13 13:04 - 2021-02-13 13:04 - 000000980 _____ C:\Users\Lukas\Desktop\Path of Building Community.lnk
2021-02-13 13:04 - 2021-02-13 13:04 - 000000980 _____ C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Path of Building Community.lnk
2021-02-12 08:55 - 2021-02-12 09:28 - 000554736 _____ C:\Users\Lukas\Desktop\A210113_VEN_004_DANE_2020_VELKY1.XLSX
2021-02-10 18:49 - 2021-02-10 18:49 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-10 18:48 - 2021-02-10 18:48 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-10 18:48 - 2021-02-10 18:48 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-10 18:48 - 2021-02-10 18:48 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-10 18:48 - 2021-02-10 18:48 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-10 16:18 - 2021-02-10 16:18 - 000209338 _____ C:\Users\Lukas\Desktop\Vypis_poplatku_z_uctu_0-1753509033_z_2020.pdf
2021-02-10 16:17 - 2021-02-10 16:17 - 000120914 _____ C:\Users\Lukas\Desktop\Vypis_z_uctu_0-1753509033_z_20210131.pdf
2021-01-30 09:20 - 2021-01-30 09:20 - 000059966 _____ C:\Users\Lukas\Desktop\EDAZ-1TP9648_20210130_10ca7a72-20fb-419a-9bec-cbfc51c76116.pdf
2021-01-29 13:03 - 2021-01-29 13:04 - 072548880 _____ C:\Users\Lukas\Desktop\torbrowser-install-win64-10.0.9_en-US.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-26 16:08 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-26 16:08 - 2015-12-23 10:29 - 000000000 ____D C:\ProgramData\NVIDIA
2021-02-26 16:08 - 2015-12-23 10:19 - 000000000 ____D C:\Program Files\CCleaner
2021-02-26 16:07 - 2015-12-22 10:01 - 000000000 ____D C:\ProgramData\AVAST Software
2021-02-26 16:06 - 2020-10-16 11:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-26 16:06 - 2020-02-16 15:17 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2021-02-26 16:06 - 2019-12-07 10:03 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2021-02-26 16:06 - 2017-06-16 09:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-02-26 16:06 - 2015-12-23 10:30 - 000000000 __SHD C:\Users\Lukas\IntelGraphicsProfiles
2021-02-26 16:06 - 2015-12-21 22:34 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-02-26 16:05 - 2020-10-17 10:51 - 000003318 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6a3a4df2170fc
2021-02-26 16:05 - 2020-10-16 11:15 - 000003828 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2021-02-26 16:05 - 2020-10-16 11:15 - 000003530 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2021-02-26 16:05 - 2020-10-16 11:15 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-26 16:05 - 2020-10-16 11:15 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-02-26 16:05 - 2020-10-16 11:15 - 000003400 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-26 16:05 - 2020-10-16 11:15 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 16:05 - 2020-10-16 11:15 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-26 16:05 - 2020-10-16 11:15 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 16:05 - 2020-10-16 11:15 - 000003176 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-26 16:05 - 2020-10-16 11:15 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 16:05 - 2020-10-16 11:15 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-02-26 16:05 - 2020-10-16 11:15 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 16:05 - 2020-10-16 11:15 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 16:05 - 2020-10-16 11:15 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 16:05 - 2020-10-16 11:15 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 16:05 - 2020-10-16 11:15 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 16:05 - 2020-10-16 11:15 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 16:05 - 2020-10-16 11:15 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1673955461-2077084812-692843474-1000
2021-02-26 16:05 - 2020-10-16 11:15 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 16:05 - 2020-10-16 11:15 - 000002298 _____ C:\WINDOWS\system32\Tasks\vypnutí PC
2021-02-26 16:05 - 2020-10-16 11:15 - 000002290 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-02-26 16:00 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-02-26 15:53 - 2017-06-16 09:33 - 000000000 ____D C:\Users\Lukas\AppData\LocalLow\Mozilla
2021-02-26 14:10 - 2015-12-21 22:00 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-26 14:05 - 2019-06-11 08:51 - 000000000 ____D C:\ProgramData\Mozilla
2021-02-26 14:04 - 2020-10-16 11:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2021-02-25 20:23 - 2018-04-05 07:02 - 000000000 ____D C:\Users\Lukas\AppData\Local\AVAST Software
2021-02-25 19:58 - 2018-09-21 12:01 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-02-25 19:53 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-24 18:55 - 2020-10-16 11:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-24 17:43 - 2020-10-17 10:55 - 000175248 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-02-24 17:43 - 2020-10-16 11:15 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-02-24 17:43 - 2020-04-08 07:29 - 000521336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-02-24 17:43 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-02-24 17:43 - 2019-01-14 15:57 - 000357320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-02-24 17:43 - 2019-01-07 01:18 - 000249304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-02-24 17:43 - 2019-01-07 01:18 - 000098760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-02-24 17:43 - 2019-01-07 01:18 - 000035648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-02-24 17:43 - 2018-10-21 18:27 - 000041272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-02-24 17:43 - 2017-11-17 12:23 - 000208024 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-02-24 17:43 - 2015-12-22 10:02 - 000850112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-02-24 17:43 - 2015-12-22 10:02 - 000465656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-02-24 17:43 - 2015-12-22 10:02 - 000326976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-02-24 17:43 - 2015-12-22 10:02 - 000107784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-02-24 17:43 - 2015-12-22 10:02 - 000083360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-02-23 17:27 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-23 17:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-23 13:56 - 2020-10-04 07:43 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-23 13:54 - 2018-04-05 07:03 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2021-02-19 22:57 - 2015-12-22 11:05 - 000000000 ____D C:\Users\Lukas\AppData\Roaming\vlc
2021-02-19 08:50 - 2020-06-06 07:12 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-18 09:55 - 2017-06-16 09:33 - 000001119 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-02-15 14:41 - 2020-03-19 09:49 - 000000000 ____D C:\Users\Lukas\AppData\Roaming\.minecraft
2021-02-15 13:36 - 2020-12-26 20:22 - 000000000 ____D C:\Program Files (x86)\Minecraft Launcher
2021-02-12 08:31 - 2019-08-30 04:23 - 000002535 _____ C:\Users\Lukas\Desktop\Avast Secure Browser.lnk
2021-02-11 17:08 - 2020-10-16 11:17 - 001796828 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-11 17:08 - 2019-12-07 15:41 - 000750852 _____ C:\WINDOWS\system32\perfh005.dat
2021-02-11 17:08 - 2019-12-07 15:41 - 000162426 _____ C:\WINDOWS\system32\perfc005.dat
2021-02-10 20:24 - 2020-10-16 11:06 - 000341800 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-10 20:23 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-10 20:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-10 20:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-10 20:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-10 20:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-10 20:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-10 20:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-10 20:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-10 20:23 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-10 20:23 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-02-10 18:43 - 2020-02-08 15:14 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-10 18:41 - 2020-02-08 15:14 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-08 15:54 - 2020-10-16 11:09 - 000002399 _____ C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-08 15:54 - 2020-02-08 14:41 - 000000000 ___RD C:\Users\Lukas\OneDrive
2021-02-05 20:04 - 2020-10-04 07:43 - 000734016 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-02-05 20:03 - 2020-10-04 07:43 - 000470848 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2021-02-05 11:14 - 2020-10-17 16:52 - 000000000 ____D C:\Users\Lukas\Desktop\Luky
2021-02-03 10:15 - 2020-11-02 18:51 - 000000000 ____D C:\Users\Lukas\Desktop\Odpory
2021-01-29 12:52 - 2020-02-08 14:39 - 000000000 ____D C:\Users\Lukas\AppData\Local\Packages
2021-01-28 21:48 - 2020-10-16 11:06 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-28 21:46 - 2018-02-02 21:00 - 000000000 ____D C:\Users\Lukas\AppData\Local\CrashDumps
==================== Files in the root of some directories ========
2020-03-18 15:19 - 2020-03-21 12:45 - 000007614 _____ () C:\Users\Lukas\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-02-2021
Ran by Lukas (26-02-2021 16:11:34)
Running from C:\Users\Lukas\Desktop
Windows 10 Home Version 2004 19041.804 (X64) (2020-10-16 10:15:20)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1673955461-2077084812-692843474-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1673955461-2077084812-692843474-503 - Limited - Disabled)
Guest (S-1-5-21-1673955461-2077084812-692843474-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1673955461-2077084812-692843474-1002 - Limited - Enabled)
Lukas (S-1-5-21-1673955461-2077084812-692843474-1000 - Administrator - Enabled) => C:\Users\Lukas
WDAGUtilityAccount (S-1-5-21-1673955461-2077084812-692843474-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Spybot - Search and Destroy (Enabled - Up to date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ACD/Labs 2020 Freeware in C:\Program Files\ACD64FREE\ (HKLM\...\ACDLabs in C__Program_Files_ACD64FREE_) (Version: v14.00, FREE - ACD/Labs)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20142 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.465 - Adobe)
Aktualizace NVIDIA 38.0.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.4.0 - NVIDIA Corporation) Hidden
Avast Driver Updater (HKLM-x32\...\{8804140C-3144-4075-9526-1C662E26CA17}) (Version: 2.5.5 - AVAST Software) Hidden
Avast Driver Updater (HKLM-x32\...\Avast Driver Updater) (Version: 2.5.5 - AVAST Software)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 21.1.2449 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 88.1.8016.150 - Autoři prohlížeče Avast Secure Browser)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.74.1085 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.12.0.1152 - Disc Soft Ltd)
Diablo II (HKLM-x32\...\Diablo II) (Version: - )
Discord (HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\Discord) (Version: 0.0.308 - Discord Inc.)
Gameforge Live 2.0.13 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.13 - Gameforge)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.190 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.115 - Google Inc.) Hidden
HEX (HKLM-x32\...\{6EDED3CB-CAC5-4200-A534-CCA1732EAF23}_is1) (Version: - Gameforge)
HP LaserJet P1000 series (HKLM-x32\...\HP LaserJet P1000 series) (Version: - )
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Název společnosti:)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.41 - Irfan Skiljan)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
LibreOffice 5.0.4.2 (HKLM-x32\...\{14B5DDCF-61C4-4F1E-A621-844685D60B5A}) (Version: 5.0.4.2 - The Document Foundation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.74 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft OneDrive (HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\OneDriveSetup.exe) (Version: 21.002.0104.0005 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{27B34E47-68AE-4802-822A-9F0C187AF84A}) (Version: 1.0.0.0 - Mojang)
Mozilla Firefox 85.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 85.0.2 (x64 cs)) (Version: 85.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 456.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 456.71 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Ovládací panel NVIDIA 456.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 456.71 - NVIDIA Corporation) Hidden
Path of Building Community (HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\Path of Building Community) (Version: 1.4.170.26 - Path of Building Community)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 3.10.0.15618 - Grinding Gear Games) Hidden
Path of Exile (HKLM-x32\...\{c0dabb4b-9e10-40cf-b8b3-c93a91f40a7a}) (Version: 3.10.0.15618 - Grinding Gear Games)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22899 - Microsoft Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.82.317.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7200 - Realtek Semiconductor Corp.)
Recepty doma (HKLM-x32\...\Recepty doma_is1) (Version: - Martin Roubec)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.7.64.0 - Safer-Networking Ltd.)
Starcraft (HKLM-x32\...\Starcraft) (Version: - )
TL-WN721N/TL-WN722N Driver (HKLM-x32\...\{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}) (Version: 1.0.0 - TP-LINK)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-02-08] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-02-08] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-02] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0 [2021-02-20] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-24] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1-x32: [miranda.shlext] -> {72013A26-A94C-11d6-8540-A5E62932711D} => D:\Programy\Miranda IM\Plugins\shlext.dll [2011-02-27] () [File not signed]
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programy\WinRar\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programy\WinRar\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-03-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-03-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4-x32: [miranda.shlext] -> {72013A26-A94C-11d6-8540-A5E62932711D} => D:\Programy\Miranda IM\Plugins\shlext.dll [2011-02-27] () [File not signed]
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programy\WinRar\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programy\WinRar\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\sFTP Client.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=jajcoljhdglkjpfefjkgiohbhnkkmipm
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2020-03-19] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2020-03-19] (Oracle America, Inc. -> Oracle Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\123simsen.com -> www.123simsen.com
There are 7942 more sites.
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2020-02-20 05:18 - 000454582 ____R C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
There are 15603 more lines.
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\Control Panel\Desktop\\Wallpaper -> d:\obrázky\plocha\tapety\cerna 180.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_2E05910479705D7B59776D699BE700F4"
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\StartupApproved\Run: => "Discord"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{58A7F77E-85CA-4258-B460-A4CFEE062CAC}D:\programy\winamp\winamp.exe] => (Allow) D:\programy\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [TCP Query User{E1D5040C-ACDE-41B6-83CA-27C39CCA7560}D:\programy\winamp\winamp.exe] => (Allow) D:\programy\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [UDP Query User{D3D77237-4B96-42DB-90AD-550447579D8E}D:\programy\winamp\winamp.exe] => (Allow) D:\programy\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [TCP Query User{A844AD94-086F-4148-87E9-32224F1E3EFD}D:\programy\winamp\winamp.exe] => (Allow) D:\programy\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{B86D357C-0CBB-47C0-8392-0A2A17B9C899}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{6ABE639D-BF6F-41F4-BD3F-BBD71FCE07B4}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{8CA9F4CA-06F8-4C1A-A6C3-A5744BAC145B}] => (Allow) D:\Programy\Kill Ping\Kill Ping.exe => No File
FirewallRules: [UDP Query User{93AC18C4-792E-4058-B774-A16A9B0E937A}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{258FEDA5-CDEA-42BB-B507-CE5D5E4221D1}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{163A98BC-20B3-4F91-8A02-4200CD9780AF}D:\programy\utorrent\utorrent.exe] => (Allow) D:\programy\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{6EB69322-DCF5-413F-81F8-9E1FF7C7261B}D:\programy\utorrent\utorrent.exe] => (Allow) D:\programy\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{FDD6575A-8620-4988-B355-E11498702844}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE (Microsoft Windows Hardware Compatibility Publisher -> Software 2000 Limited)
FirewallRules: [{221382F6-8489-4F6D-95D7-CDB7C552FC87}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE (Microsoft Windows Hardware Compatibility Publisher -> Software 2000 Limited)
FirewallRules: [{3304E220-578F-49A5-945E-A8638566190B}] => (Allow) D:\Hry\Steam\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{C338FBF3-7159-43B8-A960-40955FE8FCCF}] => (Allow) D:\Hry\Steam\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{C5A9ABCA-4AA6-4147-B237-86C36B0D1721}] => (Allow) D:\Hry\Steam\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{DF724FCD-26FE-4133-A3D3-0A5DB4C2C51D}] => (Allow) D:\Hry\Steam\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{5FD744D7-E4E4-41B4-9F2E-0D31A42D8C6D}D:\hry\steam\steam\steam.exe] => (Allow) D:\hry\steam\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{4A17CB4E-B674-449E-910B-B4F44720D75E}D:\hry\steam\steam\steam.exe] => (Allow) D:\hry\steam\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{C61C61FB-D4B7-434D-969E-94CC9C948065}D:\programy\utorrent\utorrent.exe] => (Allow) D:\programy\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{513105E1-E25A-46CC-9CBA-0149F8DCF757}D:\programy\utorrent\utorrent.exe] => (Allow) D:\programy\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{95E64304-5FC4-4AC6-B200-CEA223A8FCC4}C:\program files (x86)\avast software\browser\application\avastbrowser.exe] => (Allow) C:\program files (x86)\avast software\browser\application\avastbrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{433D1776-D2F1-4699-BDAA-B91B2BCC4C97}C:\program files (x86)\avast software\browser\application\avastbrowser.exe] => (Allow) C:\program files (x86)\avast software\browser\application\avastbrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{8B6D468E-33E5-4DAD-BA02-2C09359F9363}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{1150FA98-0C58-4691-9B70-8C35BDDF5C75}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{1DA98DC0-E605-4B2D-92ED-5A2111774818}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0C3A85FD-2A16-47D1-9586-62053E926F9F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{592C5AE5-6B91-447C-B373-E98614D3C8D3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6E8CCECC-C2F7-407F-BC0A-FF199BFAE45F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2FA8C5C3-63E9-4704-9F86-23A5CEBC5AF7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F3CBD7BD-7B83-4406-8BD2-1494B0D186F0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{046FFD4D-5EEA-442B-9A31-3997375B3DAD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6A71A7F2-7E46-49A9-8B55-992D76405317}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E32D770C-4A27-407E-8630-8321FDF72EA5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D7D9A464-861F-4356-BCED-17BF6FB13929}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{519EF54A-44E2-4282-9BFE-CA920D2F76DE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4EFC1A75-C2D8-4CA0-951E-5488AA17E723}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F9458C19-90A2-4EF7-B6E1-FF4D20B1B8F4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4CC2835E-A615-47B5-9E33-540C41DA4185}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{16052CE1-EE02-42DD-83EC-465E28237574}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{484506CB-026D-4218-971A-F9F5CB877C4A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:111.04 GB) (Free:23.03 GB) (21%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/26/2021 04:06:16 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (02/20/2021 09:17:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Video.UI.exe verze 10.20112.1011.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 32f8
Čas spuštění: 01d707c5510e01a2
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20112.10111.0_x64__8wekyb3d8bbwe\Video.UI.exe
ID hlášení: ae256754-dbbd-46d9-bf90-d65fbbc3bf3f
Úplný název balíčku s chybou: Microsoft.ZuneVideo_10.20112.10111.0_x64__8wekyb3d8bbwe
ID aplikace relativní podle balíčku s chybou: Microsoft.ZuneVideo
Typ zablokování: Quiesce
Error: (02/20/2021 08:56:27 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Místní disk (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (02/13/2021 11:56:45 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Místní disk (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (02/06/2021 10:49:17 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Místní disk (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (01/30/2021 11:40:01 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Místní disk (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (01/28/2021 09:46:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: bad_module_info, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc00001a5
Posun chyby: 0x72ea82b2
ID chybujícího procesu: 0x3788
Čas spuštění chybující aplikace: 0x01d6f5b4e1335554
Cesta k chybující aplikaci: bad_module_info
Cesta k chybujícímu modulu: unknown
ID zprávy: 41c93429-eacf-4e7d-8443-f534b75f7e34
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (01/27/2021 07:40:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_wlidsvc, verze: 10.0.19041.546, časové razítko: 0x058e175a
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.662, časové razítko: 0x27bfa5f0
Kód výjimky: 0xc0000409
Posun chyby: 0x00000000000a3808
ID chybujícího procesu: 0x2ba8
Čas spuštění chybující aplikace: 0x01d6f4dbef3f5510
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 36d77af5-b971-45f7-90e6-553adfb8fcfc
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (02/26/2021 04:06:06 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Avast Antivirus se po přijetí pokynu pro vypnutí neukončila správně.
Error: (02/26/2021 04:05:52 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby wuauserv s argumenty Není k dispozici za účelem spuštění serveru:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error: (02/26/2021 04:05:51 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby wuauserv s argumenty Není k dispozici za účelem spuštění serveru:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error: (02/25/2021 08:32:12 PM) (Source: DCOM) (EventID: 10010) (User: Lukas-PC)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/19/2021 09:50:43 AM) (Source: DCOM) (EventID: 10010) (User: Lukas-PC)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/18/2021 09:38:40 PM) (Source: DCOM) (EventID: 10010) (User: Lukas-PC)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/18/2021 10:30:41 AM) (Source: DCOM) (EventID: 10010) (User: Lukas-PC)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/18/2021 10:18:41 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NZKPSTSNW4P-Microsoft.XboxGamingOverlay.
CodeIntegrity:
===============
Date: 2021-02-26 16:10:51
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2021-02-26 16:10:25
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. F5 07/08/2014
Motherboard: Gigabyte Technology Co., Ltd. H81M-D3H
Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 37%
Total physical RAM: 8086.3 MB
Available physical RAM: 5032.85 MB
Total Virtual: 16278.3 MB
Available Virtual: 12864.57 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.04 GB) (Free:23.03 GB) NTFS
Drive d: (Místní disk) (Fixed) (Total:1863.01 GB) (Free:31.47 GB) NTFS
\\?\Volume{775da8d1-1d33-40a3-9311-64cd6750f883}\ () (Fixed) (Total:0.53 GB) (Free:0.1 GB) NTFS
\\?\Volume{e1993c7f-eadb-4d58-81eb-bf35dc8637ba}\ () (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 96FF0385)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118238
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu
# -------------------------------
# Malwarebytes AdwCleaner 8.1.0.0
# -------------------------------
# Build: 02-15-2021
# Database: 2021-01-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-26-2021
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 5
# Failed: 1
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
Deleted Facemoods Search
Deleted Search the web (Babylon)
Deleted http://search.babylon.com/?affID=112555 ... ec3888e107
Deleted http://search.babylon.com/?affID=112555 ... ec3888e107
Deleted http://start.facemoods.com/?a=ddrnw
Not Deleted Search the web (Babylon)
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [3612 octets] - [26/02/2021 16:34:13]
AdwCleaner[S01].txt - [3673 octets] - [26/02/2021 16:35:20]
AdwCleaner[C01].txt - [3388 octets] - [26/02/2021 16:36:28]
AdwCleaner[S02].txt - [2064 octets] - [26/02/2021 16:37:33]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########
# Malwarebytes AdwCleaner 8.1.0.0
# -------------------------------
# Build: 02-15-2021
# Database: 2021-01-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-26-2021
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 5
# Failed: 1
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
Deleted Facemoods Search
Deleted Search the web (Babylon)
Deleted http://search.babylon.com/?affID=112555 ... ec3888e107
Deleted http://search.babylon.com/?affID=112555 ... ec3888e107
Deleted http://start.facemoods.com/?a=ddrnw
Not Deleted Search the web (Babylon)
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [3612 octets] - [26/02/2021 16:34:13]
AdwCleaner[S01].txt - [3673 octets] - [26/02/2021 16:35:20]
AdwCleaner[C01].txt - [3388 octets] - [26/02/2021 16:36:28]
AdwCleaner[S02].txt - [2064 octets] - [26/02/2021 16:37:33]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118238
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu
OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-02-2021
Ran by Lukas (administrator) on LUKAS-PC (Gigabyte Technology Co., Ltd. H81M-D3H) (26-02-2021 17:53:32)
Running from C:\Users\Lukas\Desktop
Loaded Profiles: Lukas
Platform: Windows 10 Home Version 2004 19041.804 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Software 2000 Limited) C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671792 2014-03-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [116960 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [365160 2020-03-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\Run: [AvastBrowserAutoLaunch_2E05910479705D7B59776D699BE700F4] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2199624 2021-02-09] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\Run: [Discord] => C:\Users\Lukas\AppData\Local\Discord\app-0.0.308\Discord.exe [91023672 2020-09-10] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\MountPoints2: {5ac78779-6a73-11ea-8e10-f2f9e49aaac1} - "F:\SETUP.EXE"
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\MountPoints2: {5ac787c0-6a73-11ea-8e10-f2f9e49aaac1} - "G:\SETUP.EXE"
HKLM\...\Windows x64\Print Processors\HP1006S: C:\Windows\System32\spool\prtprocs\x64\HP1006S.DLL [373760 2010-06-29] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
HKLM\...\Print\Monitors\HP LaserJet P1006 Language Monitor: C:\Windows\system32\HP1006LM.DLL [403968 2010-06-29] (Microsoft Windows Hardware Compatibility Publisher -> Software 2000 Limited)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\88.1.8016.150\Installer\chrmstp.exe [2021-02-23] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.190\Installer\chrmstp.exe [2021-02-26] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\88.0.7844.104\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {05CE2B1D-4CA1-40F1-BE2E-0AF3519236D3} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {12BE066F-3BA9-4BF1-8B18-DD719BACABC0} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1368500D-8B19-432A-8019-36D9320B21EA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-10] (Adobe Inc. -> Adobe)
Task: {1F5362A4-8371-44F8-AFD6-9BECA64FC2EF} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [677344 2021-02-16] (Mozilla Corporation -> Mozilla Foundation)
Task: {246CA8DF-2CE8-4BDE-ACF8-D09146A574FF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-21] (Google Inc -> Google Inc.)
Task: {256A0FA2-32AC-4DA2-8560-C75B130C796F} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {279C8BE9-7188-4CD9-A715-B0EA8815669C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {28213E32-DFD5-4863-9260-456DBE138981} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3018344C-C562-4440-8011-AC90C367E2F2} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {31C6A98D-D996-40A7-90CD-76E243AEE9B0} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [7651984 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {383F93E8-D9EE-43BC-AC15-E46822051BFB} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {40021C5E-1DA8-4509-A2C3-739A54C1A34E} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {40DE1DAF-42B2-42C1-B695-D113F9EBB8EB} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [7192192 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {40F2D3DE-BF50-48A4-9A3E-DA749549AD5C} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {45418CD5-31D8-4BF2-8A4D-C250F58D6354} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {456CC290-136B-43EE-8897-851D34E671FB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-21] (Google Inc -> Google Inc.)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4A93DDDE-5185-4BC5-8E63-1902D9333EA0} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {50F0465A-3531-47E8-90EE-03031944ECEA} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {54523AA1-B933-435A-8BA3-252B0C1DCE16} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {60611B09-06CD-49F9-832D-FD17EC7C8A88} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2199624 2021-02-09] (Avast Software s.r.o. -> AVAST Software)
Task: {65387174-644C-4230-974C-0F526C22E7AA} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {653D566F-3399-400B-B413-5C4C85713B4D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6585C4E3-5626-487E-9445-28CAE05091B1} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {69D21B5D-836A-4B25-A4D0-FBECFC08629A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6D203447-CE1A-46C1-83AA-20E07DE94764} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {73681010-AB11-4F29-831C-80310566C9D4} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7437CD26-DE57-48D7-8230-F73384F750CA} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {77CA03A1-A407-422C-AF46-C28095940FD1} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {7998CCAC-DB20-4454-984B-D33772809E55} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {7AD217A0-EF1B-40CE-B8CA-1C435A279BC7} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7C91B1FD-6B36-43CF-A983-A99D0F7274DD} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2199624 2021-02-09] (Avast Software s.r.o. -> AVAST Software)
Task: {84814F73-9C30-4539-9495-4ED3D2E5D4C9} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {85BF30FB-C4C0-497B-A8D6-B1815E95543F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {86D8F8D8-DC7C-4EC0-9AC1-6A44FA05EAC1} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {898C7DF5-B7EC-45D2-A485-4737ADC28793} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {92AD968A-97CA-4BA0-8D72-27FFFADE6E41} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {93BE425F-F957-47A1-8A23-298A95A580EE} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4682976 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
Task: {93EE2C40-F5E8-4475-A3D9-F8A5568BDBCF} - System32\Tasks\vypnutí PC => C:\Windows\System32\Shutdown.exe [28160 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {961D7EF2-6EF1-438C-AACA-13EF19E51B04} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {96F4DCDE-2D23-47EA-96EC-E2C3407FF5D5} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {A1ECFBE8-CF2D-4AF0-869B-B445B0BEAD21} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A728FA1C-009B-4A50-BEA6-EE44AABAB25B} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A7DF6CDB-D1B2-47B4-B561-B47D45F1E725} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {AB797031-2B1E-4A89-8BFF-61E8D6D7AF2E} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-10] (Adobe Inc. -> Adobe)
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {C69DD1B6-E128-47D2-A1C3-EDB50737FB0B} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C7DD3BB9-D0C2-4B17-8BAB-5B5CD99C3CE2} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CB0EDB87-11A8-4CCD-8BF4-0BEDAA62043A} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {CDF94340-F01C-4E81-ACE4-A50F49BDBB85} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1791712 2021-02-23] (Avast Software s.r.o. -> Avast Software)
Task: {D23F6C49-19F0-48CA-B81E-756EF5C39816} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D6710684-D3A4-4E70-9553-13F93C18FDC7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DE32B89D-77B7-4640-A7AC-FDDD91436FB5} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DF9B86DB-13FD-4811-8976-A30F54CECF76} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [6944304 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {E8C20F06-C8BF-416C-BFF4-53E12F099CE9} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E8EEFC0E-6466-4364-9BA4-3709CC6D1364} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FE8BC8AF-C089-4CD2-ABCB-65A92899130E} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{6eb17d81-3f3b-441e-8645-a94c2aebdc34}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{BA5FFC89-EFF1-48C9-B27F-3182ECAC2349}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{c32a0f60-2d9d-4c0d-a98d-917a99d86f8f}: [DhcpNameServer] 192.168.42.129
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Lukas\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-10]
FireFox:
========
FF DefaultProfile: d6l8lr9m.default
FF ProfilePath: C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\d6l8lr9m.default [2021-02-26]
FF Session Restore: Mozilla\Firefox\Profiles\d6l8lr9m.default -> is enabled.
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2020-03-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2020-03-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-02-25] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default [2021-02-26]
CHR Notifications: Default -> hxxps://meet.google.com; hxxps://www.4camping.cz; hxxps://www.facebook.com; hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxps://www.google.co ... oogle.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (James White) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm [2016-04-24]
CHR Extension: (Dota 2 Stream Browser) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnhfhjlfbaehncgjfnleejhehimhleip [2020-05-12]
CHR Extension: (Tampermonkey) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2020-10-24]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-02-25]
CHR Extension: (sFTP Client) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jajcoljhdglkjpfefjkgiohbhnkkmipm [2020-04-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Chrome Media Router) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-31]
CHR Profile: C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\System Profile [2020-12-28]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-10] (Adobe Inc. -> Adobe)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7878680 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621608 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [352480 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\88.1.8016.150\elevation_service.exe [1456376 2021-02-09] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56904 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4506728 2020-03-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2020-02-24] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2020-02-24] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35648 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208024 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [357320 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [249304 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [98760 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-22] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41272 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175248 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [521336 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107784 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83360 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850112 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [465656 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215328 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-03-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-03-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [254528 2017-01-28] (DT Soft Ltd -> DT Soft Ltd)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2020-02-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2020-02-24] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2020-02-24] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath
S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-26 16:33 - 2021-02-26 16:36 - 000000000 ____D C:\AdwCleaner
2021-02-26 16:32 - 2021-02-26 16:32 - 008463216 _____ (Malwarebytes) C:\Users\Lukas\Desktop\adwcleaner_8.1.exe
2021-02-26 16:10 - 2021-02-26 17:53 - 000027757 _____ C:\Users\Lukas\Desktop\FRST.txt
2021-02-26 16:07 - 2021-02-26 16:07 - 002301440 _____ (Farbar) C:\Users\Lukas\Desktop\FRST64.exe
2021-02-26 15:57 - 2021-02-26 17:53 - 000000000 ____D C:\FRST
2021-02-24 17:43 - 2021-02-24 17:43 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-02-24 17:43 - 2021-02-24 17:43 - 000215328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-02-18 09:55 - 2021-02-18 09:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-02-16 08:02 - 2021-02-26 16:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-02-13 13:06 - 2021-02-13 13:26 - 000000000 ____D C:\Users\Lukas\Documents\Path of Building
2021-02-13 13:04 - 2021-02-13 13:04 - 000000980 _____ C:\Users\Lukas\Desktop\Path of Building Community.lnk
2021-02-13 13:04 - 2021-02-13 13:04 - 000000980 _____ C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Path of Building Community.lnk
2021-02-12 08:55 - 2021-02-12 09:28 - 000554736 _____ C:\Users\Lukas\Desktop\A210113_VEN_004_DANE_2020_VELKY1.XLSX
2021-02-10 18:49 - 2021-02-10 18:49 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-10 18:48 - 2021-02-10 18:48 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-10 18:48 - 2021-02-10 18:48 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-10 18:48 - 2021-02-10 18:48 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-10 18:48 - 2021-02-10 18:48 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-10 16:18 - 2021-02-10 16:18 - 000209338 _____ C:\Users\Lukas\Desktop\Vypis_poplatku_z_uctu_0-1753509033_z_2020.pdf
2021-02-10 16:17 - 2021-02-10 16:17 - 000120914 _____ C:\Users\Lukas\Desktop\Vypis_z_uctu_0-1753509033_z_20210131.pdf
2021-01-30 09:20 - 2021-01-30 09:20 - 000059966 _____ C:\Users\Lukas\Desktop\EDAZ-1TP9648_20210130_10ca7a72-20fb-419a-9bec-cbfc51c76116.pdf
2021-01-29 13:03 - 2021-01-29 13:04 - 072548880 _____ C:\Users\Lukas\Desktop\torbrowser-install-win64-10.0.9_en-US.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-26 16:57 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-26 16:37 - 2015-12-23 10:29 - 000000000 ____D C:\ProgramData\NVIDIA
2021-02-26 16:33 - 2020-10-17 10:51 - 000003318 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6a3a4df2170fc
2021-02-26 16:33 - 2020-10-16 11:15 - 000003828 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2021-02-26 16:33 - 2020-10-16 11:15 - 000003530 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2021-02-26 16:33 - 2020-10-16 11:15 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-26 16:33 - 2020-10-16 11:15 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-02-26 16:33 - 2020-10-16 11:15 - 000003400 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-26 16:33 - 2020-10-16 11:15 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 16:33 - 2020-10-16 11:15 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-26 16:33 - 2020-10-16 11:15 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 16:33 - 2020-10-16 11:15 - 000003176 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-26 16:33 - 2020-10-16 11:15 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 16:33 - 2020-10-16 11:15 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-02-26 16:33 - 2020-10-16 11:15 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 16:33 - 2020-10-16 11:15 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 16:33 - 2020-10-16 11:15 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 16:33 - 2020-10-16 11:15 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 16:33 - 2020-10-16 11:15 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 16:33 - 2020-10-16 11:15 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 16:33 - 2020-10-16 11:15 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1673955461-2077084812-692843474-1000
2021-02-26 16:33 - 2020-10-16 11:15 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 16:33 - 2020-10-16 11:15 - 000002298 _____ C:\WINDOWS\system32\Tasks\vypnutí PC
2021-02-26 16:33 - 2020-10-16 11:15 - 000002290 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-02-26 16:33 - 2020-10-16 11:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2021-02-26 16:13 - 2020-10-16 11:17 - 001796828 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-26 16:13 - 2019-12-07 15:41 - 000750852 _____ C:\WINDOWS\system32\perfh005.dat
2021-02-26 16:13 - 2019-12-07 15:41 - 000162426 _____ C:\WINDOWS\system32\perfc005.dat
2021-02-26 16:13 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-02-26 16:08 - 2015-12-23 10:19 - 000000000 ____D C:\Program Files\CCleaner
2021-02-26 16:07 - 2015-12-22 10:01 - 000000000 ____D C:\ProgramData\AVAST Software
2021-02-26 16:06 - 2020-10-16 11:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-26 16:06 - 2020-02-16 15:17 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2021-02-26 16:06 - 2019-12-07 10:03 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2021-02-26 16:06 - 2017-06-16 09:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-02-26 16:06 - 2015-12-23 10:30 - 000000000 __SHD C:\Users\Lukas\IntelGraphicsProfiles
2021-02-26 16:06 - 2015-12-21 22:34 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-02-26 15:53 - 2017-06-16 09:33 - 000000000 ____D C:\Users\Lukas\AppData\LocalLow\Mozilla
2021-02-26 14:10 - 2015-12-21 22:00 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-26 14:05 - 2019-06-11 08:51 - 000000000 ____D C:\ProgramData\Mozilla
2021-02-25 20:23 - 2018-04-05 07:02 - 000000000 ____D C:\Users\Lukas\AppData\Local\AVAST Software
2021-02-25 19:58 - 2018-09-21 12:01 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-02-25 19:53 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-24 18:55 - 2020-10-16 11:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-24 17:43 - 2020-10-17 10:55 - 000175248 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-02-24 17:43 - 2020-10-16 11:15 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-02-24 17:43 - 2020-04-08 07:29 - 000521336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-02-24 17:43 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-02-24 17:43 - 2019-01-14 15:57 - 000357320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-02-24 17:43 - 2019-01-07 01:18 - 000249304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-02-24 17:43 - 2019-01-07 01:18 - 000098760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-02-24 17:43 - 2019-01-07 01:18 - 000035648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-02-24 17:43 - 2018-10-21 18:27 - 000041272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-02-24 17:43 - 2017-11-17 12:23 - 000208024 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-02-24 17:43 - 2015-12-22 10:02 - 000850112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-02-24 17:43 - 2015-12-22 10:02 - 000465656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-02-24 17:43 - 2015-12-22 10:02 - 000326976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-02-24 17:43 - 2015-12-22 10:02 - 000107784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-02-24 17:43 - 2015-12-22 10:02 - 000083360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-02-23 17:27 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-23 17:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-23 13:56 - 2020-10-04 07:43 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-23 13:54 - 2018-04-05 07:03 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2021-02-19 22:57 - 2015-12-22 11:05 - 000000000 ____D C:\Users\Lukas\AppData\Roaming\vlc
2021-02-19 08:50 - 2020-06-06 07:12 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-18 09:55 - 2017-06-16 09:33 - 000001119 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-02-15 14:41 - 2020-03-19 09:49 - 000000000 ____D C:\Users\Lukas\AppData\Roaming\.minecraft
2021-02-15 13:36 - 2020-12-26 20:22 - 000000000 ____D C:\Program Files (x86)\Minecraft Launcher
2021-02-12 08:31 - 2019-08-30 04:23 - 000002535 _____ C:\Users\Lukas\Desktop\Avast Secure Browser.lnk
2021-02-10 20:24 - 2020-10-16 11:06 - 000341800 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-10 20:23 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-10 20:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-10 20:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-10 20:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-10 20:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-10 20:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-10 20:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-10 20:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-10 20:23 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-10 20:23 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-02-10 18:43 - 2020-02-08 15:14 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-10 18:41 - 2020-02-08 15:14 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-08 15:54 - 2020-10-16 11:09 - 000002399 _____ C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-08 15:54 - 2020-02-08 14:41 - 000000000 ___RD C:\Users\Lukas\OneDrive
2021-02-05 20:04 - 2020-10-04 07:43 - 000734016 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-02-05 20:03 - 2020-10-04 07:43 - 000470848 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2021-02-05 11:14 - 2020-10-17 16:52 - 000000000 ____D C:\Users\Lukas\Desktop\Luky
2021-02-03 10:15 - 2020-11-02 18:51 - 000000000 ____D C:\Users\Lukas\Desktop\Odpory
2021-01-29 12:52 - 2020-02-08 14:39 - 000000000 ____D C:\Users\Lukas\AppData\Local\Packages
2021-01-28 21:48 - 2020-10-16 11:06 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-28 21:46 - 2018-02-02 21:00 - 000000000 ____D C:\Users\Lukas\AppData\Local\CrashDumps
==================== Files in the root of some directories ========
2020-03-18 15:19 - 2020-03-21 12:45 - 000007614 _____ () C:\Users\Lukas\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-02-2021
Ran by Lukas (26-02-2021 17:54:40)
Running from C:\Users\Lukas\Desktop
Windows 10 Home Version 2004 19041.804 (X64) (2020-10-16 10:15:20)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1673955461-2077084812-692843474-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1673955461-2077084812-692843474-503 - Limited - Disabled)
Guest (S-1-5-21-1673955461-2077084812-692843474-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1673955461-2077084812-692843474-1002 - Limited - Enabled)
Lukas (S-1-5-21-1673955461-2077084812-692843474-1000 - Administrator - Enabled) => C:\Users\Lukas
WDAGUtilityAccount (S-1-5-21-1673955461-2077084812-692843474-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Spybot - Search and Destroy (Enabled - Up to date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ACD/Labs 2020 Freeware in C:\Program Files\ACD64FREE\ (HKLM\...\ACDLabs in C__Program_Files_ACD64FREE_) (Version: v14.00, FREE - ACD/Labs)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20142 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.465 - Adobe)
Aktualizace NVIDIA 38.0.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.4.0 - NVIDIA Corporation) Hidden
Avast Driver Updater (HKLM-x32\...\{8804140C-3144-4075-9526-1C662E26CA17}) (Version: 2.5.5 - AVAST Software) Hidden
Avast Driver Updater (HKLM-x32\...\Avast Driver Updater) (Version: 2.5.5 - AVAST Software)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 21.1.2449 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 88.1.8016.150 - Autoři prohlížeče Avast Secure Browser)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.74.1085 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.12.0.1152 - Disc Soft Ltd)
Diablo II (HKLM-x32\...\Diablo II) (Version: - )
Discord (HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\Discord) (Version: 0.0.308 - Discord Inc.)
Gameforge Live 2.0.13 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.13 - Gameforge)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.190 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.115 - Google Inc.) Hidden
HEX (HKLM-x32\...\{6EDED3CB-CAC5-4200-A534-CCA1732EAF23}_is1) (Version: - Gameforge)
HP LaserJet P1000 series (HKLM-x32\...\HP LaserJet P1000 series) (Version: - )
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Název společnosti:)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.41 - Irfan Skiljan)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
LibreOffice 5.0.4.2 (HKLM-x32\...\{14B5DDCF-61C4-4F1E-A621-844685D60B5A}) (Version: 5.0.4.2 - The Document Foundation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.74 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft OneDrive (HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\OneDriveSetup.exe) (Version: 21.002.0104.0005 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{27B34E47-68AE-4802-822A-9F0C187AF84A}) (Version: 1.0.0.0 - Mojang)
Mozilla Firefox 85.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 85.0.2 (x64 cs)) (Version: 85.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 456.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 456.71 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Ovládací panel NVIDIA 456.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 456.71 - NVIDIA Corporation) Hidden
Path of Building Community (HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\Path of Building Community) (Version: 1.4.170.26 - Path of Building Community)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 3.10.0.15618 - Grinding Gear Games) Hidden
Path of Exile (HKLM-x32\...\{c0dabb4b-9e10-40cf-b8b3-c93a91f40a7a}) (Version: 3.10.0.15618 - Grinding Gear Games)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22899 - Microsoft Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.82.317.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7200 - Realtek Semiconductor Corp.)
Recepty doma (HKLM-x32\...\Recepty doma_is1) (Version: - Martin Roubec)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.7.64.0 - Safer-Networking Ltd.)
Starcraft (HKLM-x32\...\Starcraft) (Version: - )
TL-WN721N/TL-WN722N Driver (HKLM-x32\...\{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}) (Version: 1.0.0 - TP-LINK)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-02-08] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-02-08] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-02] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0 [2021-02-20] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-24] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1-x32: [miranda.shlext] -> {72013A26-A94C-11d6-8540-A5E62932711D} => D:\Programy\Miranda IM\Plugins\shlext.dll [2011-02-27] () [File not signed]
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programy\WinRar\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programy\WinRar\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-03-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-03-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4-x32: [miranda.shlext] -> {72013A26-A94C-11d6-8540-A5E62932711D} => D:\Programy\Miranda IM\Plugins\shlext.dll [2011-02-27] () [File not signed]
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programy\WinRar\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programy\WinRar\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\sFTP Client.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=jajcoljhdglkjpfefjkgiohbhnkkmipm
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2020-03-19] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2020-03-19] (Oracle America, Inc. -> Oracle Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\123simsen.com -> www.123simsen.com
There are 7940 more sites.
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2020-02-20 05:18 - 000454582 ____R C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
There are 15603 more lines.
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\Control Panel\Desktop\\Wallpaper -> d:\obrázky\plocha\tapety\cerna 180.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_2E05910479705D7B59776D699BE700F4"
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\StartupApproved\Run: => "Discord"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{58A7F77E-85CA-4258-B460-A4CFEE062CAC}D:\programy\winamp\winamp.exe] => (Allow) D:\programy\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [TCP Query User{E1D5040C-ACDE-41B6-83CA-27C39CCA7560}D:\programy\winamp\winamp.exe] => (Allow) D:\programy\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [UDP Query User{D3D77237-4B96-42DB-90AD-550447579D8E}D:\programy\winamp\winamp.exe] => (Allow) D:\programy\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [TCP Query User{A844AD94-086F-4148-87E9-32224F1E3EFD}D:\programy\winamp\winamp.exe] => (Allow) D:\programy\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{B86D357C-0CBB-47C0-8392-0A2A17B9C899}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{6ABE639D-BF6F-41F4-BD3F-BBD71FCE07B4}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{8CA9F4CA-06F8-4C1A-A6C3-A5744BAC145B}] => (Allow) D:\Programy\Kill Ping\Kill Ping.exe => No File
FirewallRules: [UDP Query User{93AC18C4-792E-4058-B774-A16A9B0E937A}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{258FEDA5-CDEA-42BB-B507-CE5D5E4221D1}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{163A98BC-20B3-4F91-8A02-4200CD9780AF}D:\programy\utorrent\utorrent.exe] => (Allow) D:\programy\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{6EB69322-DCF5-413F-81F8-9E1FF7C7261B}D:\programy\utorrent\utorrent.exe] => (Allow) D:\programy\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{FDD6575A-8620-4988-B355-E11498702844}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE (Microsoft Windows Hardware Compatibility Publisher -> Software 2000 Limited)
FirewallRules: [{221382F6-8489-4F6D-95D7-CDB7C552FC87}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE (Microsoft Windows Hardware Compatibility Publisher -> Software 2000 Limited)
FirewallRules: [{3304E220-578F-49A5-945E-A8638566190B}] => (Allow) D:\Hry\Steam\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{C338FBF3-7159-43B8-A960-40955FE8FCCF}] => (Allow) D:\Hry\Steam\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{C5A9ABCA-4AA6-4147-B237-86C36B0D1721}] => (Allow) D:\Hry\Steam\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{DF724FCD-26FE-4133-A3D3-0A5DB4C2C51D}] => (Allow) D:\Hry\Steam\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{5FD744D7-E4E4-41B4-9F2E-0D31A42D8C6D}D:\hry\steam\steam\steam.exe] => (Allow) D:\hry\steam\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{4A17CB4E-B674-449E-910B-B4F44720D75E}D:\hry\steam\steam\steam.exe] => (Allow) D:\hry\steam\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{C61C61FB-D4B7-434D-969E-94CC9C948065}D:\programy\utorrent\utorrent.exe] => (Allow) D:\programy\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{513105E1-E25A-46CC-9CBA-0149F8DCF757}D:\programy\utorrent\utorrent.exe] => (Allow) D:\programy\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{95E64304-5FC4-4AC6-B200-CEA223A8FCC4}C:\program files (x86)\avast software\browser\application\avastbrowser.exe] => (Allow) C:\program files (x86)\avast software\browser\application\avastbrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{433D1776-D2F1-4699-BDAA-B91B2BCC4C97}C:\program files (x86)\avast software\browser\application\avastbrowser.exe] => (Allow) C:\program files (x86)\avast software\browser\application\avastbrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{8B6D468E-33E5-4DAD-BA02-2C09359F9363}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{1150FA98-0C58-4691-9B70-8C35BDDF5C75}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{1DA98DC0-E605-4B2D-92ED-5A2111774818}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0C3A85FD-2A16-47D1-9586-62053E926F9F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{592C5AE5-6B91-447C-B373-E98614D3C8D3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6E8CCECC-C2F7-407F-BC0A-FF199BFAE45F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2FA8C5C3-63E9-4704-9F86-23A5CEBC5AF7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F3CBD7BD-7B83-4406-8BD2-1494B0D186F0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{046FFD4D-5EEA-442B-9A31-3997375B3DAD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6A71A7F2-7E46-49A9-8B55-992D76405317}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E32D770C-4A27-407E-8630-8321FDF72EA5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D7D9A464-861F-4356-BCED-17BF6FB13929}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{519EF54A-44E2-4282-9BFE-CA920D2F76DE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4EFC1A75-C2D8-4CA0-951E-5488AA17E723}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F9458C19-90A2-4EF7-B6E1-FF4D20B1B8F4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4CC2835E-A615-47B5-9E33-540C41DA4185}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{16052CE1-EE02-42DD-83EC-465E28237574}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{484506CB-026D-4218-971A-F9F5CB877C4A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:111.04 GB) (Free:24.71 GB) (22%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/26/2021 04:06:16 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (02/20/2021 09:17:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Video.UI.exe verze 10.20112.1011.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 32f8
Čas spuštění: 01d707c5510e01a2
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20112.10111.0_x64__8wekyb3d8bbwe\Video.UI.exe
ID hlášení: ae256754-dbbd-46d9-bf90-d65fbbc3bf3f
Úplný název balíčku s chybou: Microsoft.ZuneVideo_10.20112.10111.0_x64__8wekyb3d8bbwe
ID aplikace relativní podle balíčku s chybou: Microsoft.ZuneVideo
Typ zablokování: Quiesce
Error: (02/20/2021 08:56:27 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Místní disk (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (02/13/2021 11:56:45 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Místní disk (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (02/06/2021 10:49:17 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Místní disk (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (01/30/2021 11:40:01 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Místní disk (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (01/28/2021 09:46:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: bad_module_info, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc00001a5
Posun chyby: 0x72ea82b2
ID chybujícího procesu: 0x3788
Čas spuštění chybující aplikace: 0x01d6f5b4e1335554
Cesta k chybující aplikaci: bad_module_info
Cesta k chybujícímu modulu: unknown
ID zprávy: 41c93429-eacf-4e7d-8443-f534b75f7e34
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (01/27/2021 07:40:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_wlidsvc, verze: 10.0.19041.546, časové razítko: 0x058e175a
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.662, časové razítko: 0x27bfa5f0
Kód výjimky: 0xc0000409
Posun chyby: 0x00000000000a3808
ID chybujícího procesu: 0x2ba8
Čas spuštění chybující aplikace: 0x01d6f4dbef3f5510
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 36d77af5-b971-45f7-90e6-553adfb8fcfc
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (02/26/2021 04:37:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Spybot-S&D 2 Security Center Service byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.
Error: (02/26/2021 04:37:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (02/26/2021 04:37:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Spybot-S&D 2 Updating Service byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.
Error: (02/26/2021 04:37:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Disc Soft Lite Bus Service byla neočekávaně ukončena. Tento stav nastal již 2krát.
Error: (02/26/2021 04:37:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (02/26/2021 04:37:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (02/26/2021 04:37:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Intel(R) Capability Licensing Service Interface byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (02/26/2021 04:37:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla neočekávaně ukončena. Tento stav nastal již 2krát.
CodeIntegrity:
===============
Date: 2021-02-26 17:53:10
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. F5 07/08/2014
Motherboard: Gigabyte Technology Co., Ltd. H81M-D3H
Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 35%
Total physical RAM: 8086.3 MB
Available physical RAM: 5220.04 MB
Total Virtual: 16278.3 MB
Available Virtual: 12793.47 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.04 GB) (Free:24.71 GB) NTFS
Drive d: (Místní disk) (Fixed) (Total:1863.01 GB) (Free:31.47 GB) NTFS
\\?\Volume{775da8d1-1d33-40a3-9311-64cd6750f883}\ () (Fixed) (Total:0.53 GB) (Free:0.1 GB) NTFS
\\?\Volume{e1993c7f-eadb-4d58-81eb-bf35dc8637ba}\ () (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 96FF0385)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Ran by Lukas (administrator) on LUKAS-PC (Gigabyte Technology Co., Ltd. H81M-D3H) (26-02-2021 17:53:32)
Running from C:\Users\Lukas\Desktop
Loaded Profiles: Lukas
Platform: Windows 10 Home Version 2004 19041.804 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Software 2000 Limited) C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671792 2014-03-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [116960 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [365160 2020-03-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\Run: [AvastBrowserAutoLaunch_2E05910479705D7B59776D699BE700F4] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2199624 2021-02-09] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\Run: [Discord] => C:\Users\Lukas\AppData\Local\Discord\app-0.0.308\Discord.exe [91023672 2020-09-10] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\MountPoints2: {5ac78779-6a73-11ea-8e10-f2f9e49aaac1} - "F:\SETUP.EXE"
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\MountPoints2: {5ac787c0-6a73-11ea-8e10-f2f9e49aaac1} - "G:\SETUP.EXE"
HKLM\...\Windows x64\Print Processors\HP1006S: C:\Windows\System32\spool\prtprocs\x64\HP1006S.DLL [373760 2010-06-29] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
HKLM\...\Print\Monitors\HP LaserJet P1006 Language Monitor: C:\Windows\system32\HP1006LM.DLL [403968 2010-06-29] (Microsoft Windows Hardware Compatibility Publisher -> Software 2000 Limited)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\88.1.8016.150\Installer\chrmstp.exe [2021-02-23] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.190\Installer\chrmstp.exe [2021-02-26] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\88.0.7844.104\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {05CE2B1D-4CA1-40F1-BE2E-0AF3519236D3} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {12BE066F-3BA9-4BF1-8B18-DD719BACABC0} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1368500D-8B19-432A-8019-36D9320B21EA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-10] (Adobe Inc. -> Adobe)
Task: {1F5362A4-8371-44F8-AFD6-9BECA64FC2EF} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [677344 2021-02-16] (Mozilla Corporation -> Mozilla Foundation)
Task: {246CA8DF-2CE8-4BDE-ACF8-D09146A574FF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-21] (Google Inc -> Google Inc.)
Task: {256A0FA2-32AC-4DA2-8560-C75B130C796F} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {279C8BE9-7188-4CD9-A715-B0EA8815669C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {28213E32-DFD5-4863-9260-456DBE138981} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3018344C-C562-4440-8011-AC90C367E2F2} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {31C6A98D-D996-40A7-90CD-76E243AEE9B0} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [7651984 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {383F93E8-D9EE-43BC-AC15-E46822051BFB} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {40021C5E-1DA8-4509-A2C3-739A54C1A34E} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {40DE1DAF-42B2-42C1-B695-D113F9EBB8EB} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [7192192 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {40F2D3DE-BF50-48A4-9A3E-DA749549AD5C} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {45418CD5-31D8-4BF2-8A4D-C250F58D6354} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {456CC290-136B-43EE-8897-851D34E671FB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-21] (Google Inc -> Google Inc.)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4A93DDDE-5185-4BC5-8E63-1902D9333EA0} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {50F0465A-3531-47E8-90EE-03031944ECEA} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {54523AA1-B933-435A-8BA3-252B0C1DCE16} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {60611B09-06CD-49F9-832D-FD17EC7C8A88} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2199624 2021-02-09] (Avast Software s.r.o. -> AVAST Software)
Task: {65387174-644C-4230-974C-0F526C22E7AA} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {653D566F-3399-400B-B413-5C4C85713B4D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6585C4E3-5626-487E-9445-28CAE05091B1} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {69D21B5D-836A-4B25-A4D0-FBECFC08629A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6D203447-CE1A-46C1-83AA-20E07DE94764} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {73681010-AB11-4F29-831C-80310566C9D4} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7437CD26-DE57-48D7-8230-F73384F750CA} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {77CA03A1-A407-422C-AF46-C28095940FD1} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {7998CCAC-DB20-4454-984B-D33772809E55} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {7AD217A0-EF1B-40CE-B8CA-1C435A279BC7} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7C91B1FD-6B36-43CF-A983-A99D0F7274DD} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2199624 2021-02-09] (Avast Software s.r.o. -> AVAST Software)
Task: {84814F73-9C30-4539-9495-4ED3D2E5D4C9} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {85BF30FB-C4C0-497B-A8D6-B1815E95543F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {86D8F8D8-DC7C-4EC0-9AC1-6A44FA05EAC1} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {898C7DF5-B7EC-45D2-A485-4737ADC28793} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {92AD968A-97CA-4BA0-8D72-27FFFADE6E41} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {93BE425F-F957-47A1-8A23-298A95A580EE} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4682976 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
Task: {93EE2C40-F5E8-4475-A3D9-F8A5568BDBCF} - System32\Tasks\vypnutí PC => C:\Windows\System32\Shutdown.exe [28160 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {961D7EF2-6EF1-438C-AACA-13EF19E51B04} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {96F4DCDE-2D23-47EA-96EC-E2C3407FF5D5} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {A1ECFBE8-CF2D-4AF0-869B-B445B0BEAD21} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A728FA1C-009B-4A50-BEA6-EE44AABAB25B} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A7DF6CDB-D1B2-47B4-B561-B47D45F1E725} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {AB797031-2B1E-4A89-8BFF-61E8D6D7AF2E} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-10] (Adobe Inc. -> Adobe)
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {C69DD1B6-E128-47D2-A1C3-EDB50737FB0B} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C7DD3BB9-D0C2-4B17-8BAB-5B5CD99C3CE2} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CB0EDB87-11A8-4CCD-8BF4-0BEDAA62043A} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {CDF94340-F01C-4E81-ACE4-A50F49BDBB85} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1791712 2021-02-23] (Avast Software s.r.o. -> Avast Software)
Task: {D23F6C49-19F0-48CA-B81E-756EF5C39816} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D6710684-D3A4-4E70-9553-13F93C18FDC7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DE32B89D-77B7-4640-A7AC-FDDD91436FB5} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DF9B86DB-13FD-4811-8976-A30F54CECF76} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [6944304 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {E8C20F06-C8BF-416C-BFF4-53E12F099CE9} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E8EEFC0E-6466-4364-9BA4-3709CC6D1364} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FE8BC8AF-C089-4CD2-ABCB-65A92899130E} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{6eb17d81-3f3b-441e-8645-a94c2aebdc34}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{BA5FFC89-EFF1-48C9-B27F-3182ECAC2349}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{c32a0f60-2d9d-4c0d-a98d-917a99d86f8f}: [DhcpNameServer] 192.168.42.129
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Lukas\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-10]
FireFox:
========
FF DefaultProfile: d6l8lr9m.default
FF ProfilePath: C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\d6l8lr9m.default [2021-02-26]
FF Session Restore: Mozilla\Firefox\Profiles\d6l8lr9m.default -> is enabled.
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2020-03-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2020-03-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-02-25] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default [2021-02-26]
CHR Notifications: Default -> hxxps://meet.google.com; hxxps://www.4camping.cz; hxxps://www.facebook.com; hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxps://www.google.co ... oogle.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (James White) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm [2016-04-24]
CHR Extension: (Dota 2 Stream Browser) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnhfhjlfbaehncgjfnleejhehimhleip [2020-05-12]
CHR Extension: (Tampermonkey) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2020-10-24]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-02-25]
CHR Extension: (sFTP Client) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jajcoljhdglkjpfefjkgiohbhnkkmipm [2020-04-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Chrome Media Router) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-31]
CHR Profile: C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\System Profile [2020-12-28]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-10] (Adobe Inc. -> Adobe)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7878680 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621608 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [352480 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\88.1.8016.150\elevation_service.exe [1456376 2021-02-09] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56904 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4506728 2020-03-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2020-02-24] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2020-02-24] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35648 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208024 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [357320 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [249304 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [98760 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-22] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41272 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175248 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [521336 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107784 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83360 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850112 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [465656 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215328 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-03-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-03-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [254528 2017-01-28] (DT Soft Ltd -> DT Soft Ltd)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2020-02-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2020-02-24] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2020-02-24] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath
S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-26 16:33 - 2021-02-26 16:36 - 000000000 ____D C:\AdwCleaner
2021-02-26 16:32 - 2021-02-26 16:32 - 008463216 _____ (Malwarebytes) C:\Users\Lukas\Desktop\adwcleaner_8.1.exe
2021-02-26 16:10 - 2021-02-26 17:53 - 000027757 _____ C:\Users\Lukas\Desktop\FRST.txt
2021-02-26 16:07 - 2021-02-26 16:07 - 002301440 _____ (Farbar) C:\Users\Lukas\Desktop\FRST64.exe
2021-02-26 15:57 - 2021-02-26 17:53 - 000000000 ____D C:\FRST
2021-02-24 17:43 - 2021-02-24 17:43 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-02-24 17:43 - 2021-02-24 17:43 - 000215328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-02-18 09:55 - 2021-02-18 09:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-02-16 08:02 - 2021-02-26 16:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-02-13 13:06 - 2021-02-13 13:26 - 000000000 ____D C:\Users\Lukas\Documents\Path of Building
2021-02-13 13:04 - 2021-02-13 13:04 - 000000980 _____ C:\Users\Lukas\Desktop\Path of Building Community.lnk
2021-02-13 13:04 - 2021-02-13 13:04 - 000000980 _____ C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Path of Building Community.lnk
2021-02-12 08:55 - 2021-02-12 09:28 - 000554736 _____ C:\Users\Lukas\Desktop\A210113_VEN_004_DANE_2020_VELKY1.XLSX
2021-02-10 18:49 - 2021-02-10 18:49 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-10 18:48 - 2021-02-10 18:48 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-10 18:48 - 2021-02-10 18:48 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-10 18:48 - 2021-02-10 18:48 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-10 18:48 - 2021-02-10 18:48 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-10 16:18 - 2021-02-10 16:18 - 000209338 _____ C:\Users\Lukas\Desktop\Vypis_poplatku_z_uctu_0-1753509033_z_2020.pdf
2021-02-10 16:17 - 2021-02-10 16:17 - 000120914 _____ C:\Users\Lukas\Desktop\Vypis_z_uctu_0-1753509033_z_20210131.pdf
2021-01-30 09:20 - 2021-01-30 09:20 - 000059966 _____ C:\Users\Lukas\Desktop\EDAZ-1TP9648_20210130_10ca7a72-20fb-419a-9bec-cbfc51c76116.pdf
2021-01-29 13:03 - 2021-01-29 13:04 - 072548880 _____ C:\Users\Lukas\Desktop\torbrowser-install-win64-10.0.9_en-US.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-26 16:57 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-26 16:37 - 2015-12-23 10:29 - 000000000 ____D C:\ProgramData\NVIDIA
2021-02-26 16:33 - 2020-10-17 10:51 - 000003318 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6a3a4df2170fc
2021-02-26 16:33 - 2020-10-16 11:15 - 000003828 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2021-02-26 16:33 - 2020-10-16 11:15 - 000003530 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2021-02-26 16:33 - 2020-10-16 11:15 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-26 16:33 - 2020-10-16 11:15 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-02-26 16:33 - 2020-10-16 11:15 - 000003400 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-26 16:33 - 2020-10-16 11:15 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 16:33 - 2020-10-16 11:15 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-26 16:33 - 2020-10-16 11:15 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 16:33 - 2020-10-16 11:15 - 000003176 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-26 16:33 - 2020-10-16 11:15 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 16:33 - 2020-10-16 11:15 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-02-26 16:33 - 2020-10-16 11:15 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 16:33 - 2020-10-16 11:15 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 16:33 - 2020-10-16 11:15 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 16:33 - 2020-10-16 11:15 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 16:33 - 2020-10-16 11:15 - 000002948 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 16:33 - 2020-10-16 11:15 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 16:33 - 2020-10-16 11:15 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1673955461-2077084812-692843474-1000
2021-02-26 16:33 - 2020-10-16 11:15 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-02-26 16:33 - 2020-10-16 11:15 - 000002298 _____ C:\WINDOWS\system32\Tasks\vypnutí PC
2021-02-26 16:33 - 2020-10-16 11:15 - 000002290 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-02-26 16:33 - 2020-10-16 11:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2021-02-26 16:13 - 2020-10-16 11:17 - 001796828 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-26 16:13 - 2019-12-07 15:41 - 000750852 _____ C:\WINDOWS\system32\perfh005.dat
2021-02-26 16:13 - 2019-12-07 15:41 - 000162426 _____ C:\WINDOWS\system32\perfc005.dat
2021-02-26 16:13 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-02-26 16:08 - 2015-12-23 10:19 - 000000000 ____D C:\Program Files\CCleaner
2021-02-26 16:07 - 2015-12-22 10:01 - 000000000 ____D C:\ProgramData\AVAST Software
2021-02-26 16:06 - 2020-10-16 11:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-26 16:06 - 2020-02-16 15:17 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2021-02-26 16:06 - 2019-12-07 10:03 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2021-02-26 16:06 - 2017-06-16 09:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-02-26 16:06 - 2015-12-23 10:30 - 000000000 __SHD C:\Users\Lukas\IntelGraphicsProfiles
2021-02-26 16:06 - 2015-12-21 22:34 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-02-26 15:53 - 2017-06-16 09:33 - 000000000 ____D C:\Users\Lukas\AppData\LocalLow\Mozilla
2021-02-26 14:10 - 2015-12-21 22:00 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-26 14:05 - 2019-06-11 08:51 - 000000000 ____D C:\ProgramData\Mozilla
2021-02-25 20:23 - 2018-04-05 07:02 - 000000000 ____D C:\Users\Lukas\AppData\Local\AVAST Software
2021-02-25 19:58 - 2018-09-21 12:01 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-02-25 19:53 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-24 18:55 - 2020-10-16 11:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-24 17:43 - 2020-10-17 10:55 - 000175248 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-02-24 17:43 - 2020-10-16 11:15 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-02-24 17:43 - 2020-04-08 07:29 - 000521336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-02-24 17:43 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-02-24 17:43 - 2019-01-14 15:57 - 000357320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-02-24 17:43 - 2019-01-07 01:18 - 000249304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-02-24 17:43 - 2019-01-07 01:18 - 000098760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-02-24 17:43 - 2019-01-07 01:18 - 000035648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-02-24 17:43 - 2018-10-21 18:27 - 000041272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-02-24 17:43 - 2017-11-17 12:23 - 000208024 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-02-24 17:43 - 2015-12-22 10:02 - 000850112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-02-24 17:43 - 2015-12-22 10:02 - 000465656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-02-24 17:43 - 2015-12-22 10:02 - 000326976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-02-24 17:43 - 2015-12-22 10:02 - 000107784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-02-24 17:43 - 2015-12-22 10:02 - 000083360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-02-23 17:27 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-23 17:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-23 13:56 - 2020-10-04 07:43 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-23 13:54 - 2018-04-05 07:03 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2021-02-19 22:57 - 2015-12-22 11:05 - 000000000 ____D C:\Users\Lukas\AppData\Roaming\vlc
2021-02-19 08:50 - 2020-06-06 07:12 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-18 09:55 - 2017-06-16 09:33 - 000001119 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-02-15 14:41 - 2020-03-19 09:49 - 000000000 ____D C:\Users\Lukas\AppData\Roaming\.minecraft
2021-02-15 13:36 - 2020-12-26 20:22 - 000000000 ____D C:\Program Files (x86)\Minecraft Launcher
2021-02-12 08:31 - 2019-08-30 04:23 - 000002535 _____ C:\Users\Lukas\Desktop\Avast Secure Browser.lnk
2021-02-10 20:24 - 2020-10-16 11:06 - 000341800 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-10 20:23 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-10 20:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-10 20:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-10 20:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-10 20:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-10 20:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-10 20:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-10 20:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-10 20:23 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-10 20:23 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-02-10 18:43 - 2020-02-08 15:14 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-10 18:41 - 2020-02-08 15:14 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-08 15:54 - 2020-10-16 11:09 - 000002399 _____ C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-08 15:54 - 2020-02-08 14:41 - 000000000 ___RD C:\Users\Lukas\OneDrive
2021-02-05 20:04 - 2020-10-04 07:43 - 000734016 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-02-05 20:03 - 2020-10-04 07:43 - 000470848 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2021-02-05 11:14 - 2020-10-17 16:52 - 000000000 ____D C:\Users\Lukas\Desktop\Luky
2021-02-03 10:15 - 2020-11-02 18:51 - 000000000 ____D C:\Users\Lukas\Desktop\Odpory
2021-01-29 12:52 - 2020-02-08 14:39 - 000000000 ____D C:\Users\Lukas\AppData\Local\Packages
2021-01-28 21:48 - 2020-10-16 11:06 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-28 21:46 - 2018-02-02 21:00 - 000000000 ____D C:\Users\Lukas\AppData\Local\CrashDumps
==================== Files in the root of some directories ========
2020-03-18 15:19 - 2020-03-21 12:45 - 000007614 _____ () C:\Users\Lukas\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-02-2021
Ran by Lukas (26-02-2021 17:54:40)
Running from C:\Users\Lukas\Desktop
Windows 10 Home Version 2004 19041.804 (X64) (2020-10-16 10:15:20)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1673955461-2077084812-692843474-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1673955461-2077084812-692843474-503 - Limited - Disabled)
Guest (S-1-5-21-1673955461-2077084812-692843474-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1673955461-2077084812-692843474-1002 - Limited - Enabled)
Lukas (S-1-5-21-1673955461-2077084812-692843474-1000 - Administrator - Enabled) => C:\Users\Lukas
WDAGUtilityAccount (S-1-5-21-1673955461-2077084812-692843474-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Spybot - Search and Destroy (Enabled - Up to date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ACD/Labs 2020 Freeware in C:\Program Files\ACD64FREE\ (HKLM\...\ACDLabs in C__Program_Files_ACD64FREE_) (Version: v14.00, FREE - ACD/Labs)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20142 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.465 - Adobe)
Aktualizace NVIDIA 38.0.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.4.0 - NVIDIA Corporation) Hidden
Avast Driver Updater (HKLM-x32\...\{8804140C-3144-4075-9526-1C662E26CA17}) (Version: 2.5.5 - AVAST Software) Hidden
Avast Driver Updater (HKLM-x32\...\Avast Driver Updater) (Version: 2.5.5 - AVAST Software)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 21.1.2449 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 88.1.8016.150 - Autoři prohlížeče Avast Secure Browser)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.74.1085 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.12.0.1152 - Disc Soft Ltd)
Diablo II (HKLM-x32\...\Diablo II) (Version: - )
Discord (HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\Discord) (Version: 0.0.308 - Discord Inc.)
Gameforge Live 2.0.13 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.13 - Gameforge)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.190 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.115 - Google Inc.) Hidden
HEX (HKLM-x32\...\{6EDED3CB-CAC5-4200-A534-CCA1732EAF23}_is1) (Version: - Gameforge)
HP LaserJet P1000 series (HKLM-x32\...\HP LaserJet P1000 series) (Version: - )
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Název společnosti:)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.41 - Irfan Skiljan)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
LibreOffice 5.0.4.2 (HKLM-x32\...\{14B5DDCF-61C4-4F1E-A621-844685D60B5A}) (Version: 5.0.4.2 - The Document Foundation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.74 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft OneDrive (HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\OneDriveSetup.exe) (Version: 21.002.0104.0005 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{27B34E47-68AE-4802-822A-9F0C187AF84A}) (Version: 1.0.0.0 - Mojang)
Mozilla Firefox 85.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 85.0.2 (x64 cs)) (Version: 85.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 456.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 456.71 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Ovládací panel NVIDIA 456.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 456.71 - NVIDIA Corporation) Hidden
Path of Building Community (HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\Path of Building Community) (Version: 1.4.170.26 - Path of Building Community)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 3.10.0.15618 - Grinding Gear Games) Hidden
Path of Exile (HKLM-x32\...\{c0dabb4b-9e10-40cf-b8b3-c93a91f40a7a}) (Version: 3.10.0.15618 - Grinding Gear Games)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22899 - Microsoft Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.82.317.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7200 - Realtek Semiconductor Corp.)
Recepty doma (HKLM-x32\...\Recepty doma_is1) (Version: - Martin Roubec)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.7.64.0 - Safer-Networking Ltd.)
Starcraft (HKLM-x32\...\Starcraft) (Version: - )
TL-WN721N/TL-WN722N Driver (HKLM-x32\...\{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}) (Version: 1.0.0 - TP-LINK)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-02-08] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-02-08] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-02] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0 [2021-02-20] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-24] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1-x32: [miranda.shlext] -> {72013A26-A94C-11d6-8540-A5E62932711D} => D:\Programy\Miranda IM\Plugins\shlext.dll [2011-02-27] () [File not signed]
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programy\WinRar\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programy\WinRar\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-03-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-03-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4-x32: [miranda.shlext] -> {72013A26-A94C-11d6-8540-A5E62932711D} => D:\Programy\Miranda IM\Plugins\shlext.dll [2011-02-27] () [File not signed]
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-02-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programy\WinRar\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programy\WinRar\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\sFTP Client.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=jajcoljhdglkjpfefjkgiohbhnkkmipm
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2020-03-19] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2020-03-19] (Oracle America, Inc. -> Oracle Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\123simsen.com -> www.123simsen.com
There are 7940 more sites.
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2020-02-20 05:18 - 000454582 ____R C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
There are 15603 more lines.
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\Control Panel\Desktop\\Wallpaper -> d:\obrázky\plocha\tapety\cerna 180.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_2E05910479705D7B59776D699BE700F4"
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\StartupApproved\Run: => "Discord"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{58A7F77E-85CA-4258-B460-A4CFEE062CAC}D:\programy\winamp\winamp.exe] => (Allow) D:\programy\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [TCP Query User{E1D5040C-ACDE-41B6-83CA-27C39CCA7560}D:\programy\winamp\winamp.exe] => (Allow) D:\programy\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [UDP Query User{D3D77237-4B96-42DB-90AD-550447579D8E}D:\programy\winamp\winamp.exe] => (Allow) D:\programy\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [TCP Query User{A844AD94-086F-4148-87E9-32224F1E3EFD}D:\programy\winamp\winamp.exe] => (Allow) D:\programy\winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{B86D357C-0CBB-47C0-8392-0A2A17B9C899}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{6ABE639D-BF6F-41F4-BD3F-BBD71FCE07B4}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{8CA9F4CA-06F8-4C1A-A6C3-A5744BAC145B}] => (Allow) D:\Programy\Kill Ping\Kill Ping.exe => No File
FirewallRules: [UDP Query User{93AC18C4-792E-4058-B774-A16A9B0E937A}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{258FEDA5-CDEA-42BB-B507-CE5D5E4221D1}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{163A98BC-20B3-4F91-8A02-4200CD9780AF}D:\programy\utorrent\utorrent.exe] => (Allow) D:\programy\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{6EB69322-DCF5-413F-81F8-9E1FF7C7261B}D:\programy\utorrent\utorrent.exe] => (Allow) D:\programy\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{FDD6575A-8620-4988-B355-E11498702844}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE (Microsoft Windows Hardware Compatibility Publisher -> Software 2000 Limited)
FirewallRules: [{221382F6-8489-4F6D-95D7-CDB7C552FC87}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE (Microsoft Windows Hardware Compatibility Publisher -> Software 2000 Limited)
FirewallRules: [{3304E220-578F-49A5-945E-A8638566190B}] => (Allow) D:\Hry\Steam\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{C338FBF3-7159-43B8-A960-40955FE8FCCF}] => (Allow) D:\Hry\Steam\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{C5A9ABCA-4AA6-4147-B237-86C36B0D1721}] => (Allow) D:\Hry\Steam\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{DF724FCD-26FE-4133-A3D3-0A5DB4C2C51D}] => (Allow) D:\Hry\Steam\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{5FD744D7-E4E4-41B4-9F2E-0D31A42D8C6D}D:\hry\steam\steam\steam.exe] => (Allow) D:\hry\steam\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{4A17CB4E-B674-449E-910B-B4F44720D75E}D:\hry\steam\steam\steam.exe] => (Allow) D:\hry\steam\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{C61C61FB-D4B7-434D-969E-94CC9C948065}D:\programy\utorrent\utorrent.exe] => (Allow) D:\programy\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{513105E1-E25A-46CC-9CBA-0149F8DCF757}D:\programy\utorrent\utorrent.exe] => (Allow) D:\programy\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{95E64304-5FC4-4AC6-B200-CEA223A8FCC4}C:\program files (x86)\avast software\browser\application\avastbrowser.exe] => (Allow) C:\program files (x86)\avast software\browser\application\avastbrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{433D1776-D2F1-4699-BDAA-B91B2BCC4C97}C:\program files (x86)\avast software\browser\application\avastbrowser.exe] => (Allow) C:\program files (x86)\avast software\browser\application\avastbrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{8B6D468E-33E5-4DAD-BA02-2C09359F9363}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [UDP Query User{1150FA98-0C58-4691-9B70-8C35BDDF5C75}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{1DA98DC0-E605-4B2D-92ED-5A2111774818}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0C3A85FD-2A16-47D1-9586-62053E926F9F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{592C5AE5-6B91-447C-B373-E98614D3C8D3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6E8CCECC-C2F7-407F-BC0A-FF199BFAE45F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2FA8C5C3-63E9-4704-9F86-23A5CEBC5AF7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F3CBD7BD-7B83-4406-8BD2-1494B0D186F0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{046FFD4D-5EEA-442B-9A31-3997375B3DAD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6A71A7F2-7E46-49A9-8B55-992D76405317}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E32D770C-4A27-407E-8630-8321FDF72EA5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D7D9A464-861F-4356-BCED-17BF6FB13929}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{519EF54A-44E2-4282-9BFE-CA920D2F76DE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4EFC1A75-C2D8-4CA0-951E-5488AA17E723}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F9458C19-90A2-4EF7-B6E1-FF4D20B1B8F4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4CC2835E-A615-47B5-9E33-540C41DA4185}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{16052CE1-EE02-42DD-83EC-465E28237574}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{484506CB-026D-4218-971A-F9F5CB877C4A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:111.04 GB) (Free:24.71 GB) (22%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/26/2021 04:06:16 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (02/20/2021 09:17:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Video.UI.exe verze 10.20112.1011.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 32f8
Čas spuštění: 01d707c5510e01a2
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20112.10111.0_x64__8wekyb3d8bbwe\Video.UI.exe
ID hlášení: ae256754-dbbd-46d9-bf90-d65fbbc3bf3f
Úplný název balíčku s chybou: Microsoft.ZuneVideo_10.20112.10111.0_x64__8wekyb3d8bbwe
ID aplikace relativní podle balíčku s chybou: Microsoft.ZuneVideo
Typ zablokování: Quiesce
Error: (02/20/2021 08:56:27 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Místní disk (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (02/13/2021 11:56:45 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Místní disk (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (02/06/2021 10:49:17 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Místní disk (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (01/30/2021 11:40:01 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Místní disk (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (01/28/2021 09:46:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: bad_module_info, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc00001a5
Posun chyby: 0x72ea82b2
ID chybujícího procesu: 0x3788
Čas spuštění chybující aplikace: 0x01d6f5b4e1335554
Cesta k chybující aplikaci: bad_module_info
Cesta k chybujícímu modulu: unknown
ID zprávy: 41c93429-eacf-4e7d-8443-f534b75f7e34
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (01/27/2021 07:40:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_wlidsvc, verze: 10.0.19041.546, časové razítko: 0x058e175a
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.662, časové razítko: 0x27bfa5f0
Kód výjimky: 0xc0000409
Posun chyby: 0x00000000000a3808
ID chybujícího procesu: 0x2ba8
Čas spuštění chybující aplikace: 0x01d6f4dbef3f5510
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 36d77af5-b971-45f7-90e6-553adfb8fcfc
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (02/26/2021 04:37:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Spybot-S&D 2 Security Center Service byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.
Error: (02/26/2021 04:37:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (02/26/2021 04:37:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Spybot-S&D 2 Updating Service byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.
Error: (02/26/2021 04:37:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Disc Soft Lite Bus Service byla neočekávaně ukončena. Tento stav nastal již 2krát.
Error: (02/26/2021 04:37:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (02/26/2021 04:37:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (02/26/2021 04:37:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Intel(R) Capability Licensing Service Interface byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (02/26/2021 04:37:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla neočekávaně ukončena. Tento stav nastal již 2krát.
CodeIntegrity:
===============
Date: 2021-02-26 17:53:10
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. F5 07/08/2014
Motherboard: Gigabyte Technology Co., Ltd. H81M-D3H
Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 35%
Total physical RAM: 8086.3 MB
Available physical RAM: 5220.04 MB
Total Virtual: 16278.3 MB
Available Virtual: 12793.47 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.04 GB) (Free:24.71 GB) NTFS
Drive d: (Místní disk) (Fixed) (Total:1863.01 GB) (Free:31.47 GB) NTFS
\\?\Volume{775da8d1-1d33-40a3-9311-64cd6750f883}\ () (Fixed) (Total:0.53 GB) (Free:0.1 GB) NTFS
\\?\Volume{e1993c7f-eadb-4d58-81eb-bf35dc8637ba}\ () (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 96FF0385)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 118238
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\MountPoints2: {5ac78779-6a73-11ea-8e10-f2f9e49aaac1} - "F:\SETUP.EXE"
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\MountPoints2: {5ac787c0-6a73-11ea-8e10-f2f9e49aaac1} - "G:\SETUP.EXE"
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {246CA8DF-2CE8-4BDE-ACF8-D09146A574FF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-21] (Google Inc -> Google Inc.)
Task: {456CC290-136B-43EE-8897-851D34E671FB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-21] (Google Inc -> Google Inc.)
U3 idsvc; no ImagePath
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\DumpStack.log.tmp
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
FirewallRules: [{8CA9F4CA-06F8-4C1A-A6C3-A5744BAC145B}] => (Allow) D:\Programy\Kill Ping\Kill Ping.exe => No File
EmptyTemp:
Hosts:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu
Fix result of Farbar Recovery Scan Tool (x64) Version: 24-02-2021
Ran by Lukas (26-02-2021 19:07:22) Run:1
Running from C:\Users\Lukas\Desktop
Loaded Profiles: Lukas
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\MountPoints2: {5ac78779-6a73-11ea-8e10-f2f9e49aaac1} - "F:\SETUP.EXE"
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\MountPoints2: {5ac787c0-6a73-11ea-8e10-f2f9e49aaac1} - "G:\SETUP.EXE"
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {246CA8DF-2CE8-4BDE-ACF8-D09146A574FF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-21] (Google Inc -> Google Inc.)
Task: {456CC290-136B-43EE-8897-851D34E671FB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-21] (Google Inc -> Google Inc.)
U3 idsvc; no ImagePath
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\DumpStack.log.tmp
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
FirewallRules: [{8CA9F4CA-06F8-4C1A-A6C3-A5744BAC145B}] => (Allow) D:\Programy\Kill Ping\Kill Ping.exe => No File
EmptyTemp:
Hosts:
End
*****************
Processes closed successfully.
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5ac78779-6a73-11ea-8e10-f2f9e49aaac1} => removed successfully
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5ac787c0-6a73-11ea-8e10-f2f9e49aaac1} => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{503739d0-4c5e-4cfd-b3ba-d881334f0df2}" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{246CA8DF-2CE8-4BDE-ACF8-D09146A574FF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{246CA8DF-2CE8-4BDE-ACF8-D09146A574FF}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{456CC290-136B-43EE-8897-851D34E671FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{456CC290-136B-43EE-8897-851D34E671FB}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
HKLM\System\CurrentControlSet\Services\idsvc => removed successfully
idsvc => service removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\DumpStack.log.tmp => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8CA9F4CA-06F8-4C1A-A6C3-A5744BAC145B}" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 9461760 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 143743448 B
Java, Flash, Steam htmlcache => 153443078 B
Windows/system/drivers => 1431542 B
Edge => 44557 B
Chrome => 531185051 B
Firefox => 760890373 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 26630 B
NetworkService => 26630 B
Lukas => 2451181 B
RecycleBin => 0 B
EmptyTemp: => 1.5 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 19:08:01 ====
Ran by Lukas (26-02-2021 19:07:22) Run:1
Running from C:\Users\Lukas\Desktop
Loaded Profiles: Lukas
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\MountPoints2: {5ac78779-6a73-11ea-8e10-f2f9e49aaac1} - "F:\SETUP.EXE"
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\...\MountPoints2: {5ac787c0-6a73-11ea-8e10-f2f9e49aaac1} - "G:\SETUP.EXE"
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {246CA8DF-2CE8-4BDE-ACF8-D09146A574FF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-21] (Google Inc -> Google Inc.)
Task: {456CC290-136B-43EE-8897-851D34E671FB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-21] (Google Inc -> Google Inc.)
U3 idsvc; no ImagePath
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\DumpStack.log.tmp
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
FirewallRules: [{8CA9F4CA-06F8-4C1A-A6C3-A5744BAC145B}] => (Allow) D:\Programy\Kill Ping\Kill Ping.exe => No File
EmptyTemp:
Hosts:
End
*****************
Processes closed successfully.
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5ac78779-6a73-11ea-8e10-f2f9e49aaac1} => removed successfully
HKU\S-1-5-21-1673955461-2077084812-692843474-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5ac787c0-6a73-11ea-8e10-f2f9e49aaac1} => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{503739d0-4c5e-4cfd-b3ba-d881334f0df2}" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{246CA8DF-2CE8-4BDE-ACF8-D09146A574FF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{246CA8DF-2CE8-4BDE-ACF8-D09146A574FF}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{456CC290-136B-43EE-8897-851D34E671FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{456CC290-136B-43EE-8897-851D34E671FB}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
HKLM\System\CurrentControlSet\Services\idsvc => removed successfully
idsvc => service removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\DumpStack.log.tmp => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8CA9F4CA-06F8-4C1A-A6C3-A5744BAC145B}" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 9461760 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 143743448 B
Java, Flash, Steam htmlcache => 153443078 B
Windows/system/drivers => 1431542 B
Edge => 44557 B
Chrome => 531185051 B
Firefox => 760890373 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 26630 B
NetworkService => 26630 B
Lukas => 2451181 B
RecycleBin => 0 B
EmptyTemp: => 1.5 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 19:08:01 ====
-
Rudy
- Site Admin
- Příspěvky: 118238
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu
Smazáno, log by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?