norton mi hází často tenhle problém je to něco závažné ?
Kategorie: Ochrana před změnami produktu Norton
Datum a čas,Riziko,Činnost,Stav,Doporučená akce,Datum,Aktér,PID účastníka,Cíl,Cílový PID,Akce
26.10.2021 9:57:03,Střední,Neautorizovaný přístup byl zablokován. (Získat přístup k procesním datům),Blokováno,Není nutná žádná akce.,26.10.2021 9:57:03,C:\PROGRAM FILES\WINDOWSAPPS\MICROSOFT.GAMINGSERVICES_3.58.14001.0_X64__8WEKYB3D8BBWE\GAMINGSERVICES.EXE,6344,C:\Program Files\Norton Security\Engine\22.21.9.25\cltLMH.exe,18612,"Získat přístup k procesním datům, Neautorizovaný přístup byl zablokován."
zde logy z frst addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-10-2021
Ran by Draeg (26-10-2021 10:15:59)
Running from E:\Stažené soubory
Microsoft Windows 10 Pro Version 20H2 19042.1288 (X64) (2020-12-24 21:28:58)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2893592886-4133754699-2489620301-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2893592886-4133754699-2489620301-503 - Limited - Disabled)
Draeg (S-1-5-21-2893592886-4133754699-2489620301-1001 - Administrator - Enabled) => C:\Users\Draeg
Guest (S-1-5-21-2893592886-4133754699-2489620301-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2893592886-4133754699-2489620301-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Security (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security (Enabled - Up to date) {AECE2126-F4E7-6909-11F2-1B69D1FBCBD0}
AV: Norton Security (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A}
FW: Norton Security (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}
FW: Norton Security (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1}
FW: Norton Security (Enabled) {96F5A003-BE88-6851-3AAD-B25C2F288CAB}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\uTorrent) (Version: 3.5.5.45852 - BitTorrent Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.0.327 - Adobe Systems Incorporated)
Adobe Illustrator CC 2017 (HKLM-x32\...\ILST_21_0_0) (Version: 21.0.0 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.12.1 - Advanced Micro Devices, Inc.)
Anaconda3 2021.05 (Python 3.8.8 64-bit) (HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Anaconda3 2021.05 (Python 3.8.8 64-bit)) (Version: 2021.05 - Anaconda, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
Cisco Packet Tracer 8.0 64Bit (HKLM\...\Cisco Packet Tracer 8.0 64Bit_is1) (Version: - Cisco Systems, Inc.)
Dia (pouze odstranit) (HKLM-x32\...\Dia) (Version: - )
Discord (HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 12.0.148.5025 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{d3e84f4a-a180-492d-985f-40cdbc8681a1}) (Version: 12.0.148.5025 - Electronic Arts)
Epic Games Launcher (HKLM-x32\...\{FEF3A9BA-A962-4469-AD62-04839D4BB847}) (Version: 1.1.298.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{0B736177-814A-4ADE-81D1-66A0FDD55BB4}) (Version: 1.1.11.0 - Epic Games, Inc.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
GlassFish Server Open Source Edition 4.1.1 (HKLM\...\nbi-glassfish-mod-4.1.1.0.1) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 95.0.4638.54 - Google LLC)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Honeygain (HKLM-x32\...\{C1922E93-B15E-460D-9C01-53E71109C2C6}) (Version: 0.10.2.0 - Honeygain)
Hotspot Shield 10.22.4 (HKLM-x32\...\{4de134ec-1612-4548-bed4-35bf05f8cfe2}) (Version: 10.22.4.12022 - Pango Inc.)
Hotspot Shield 10.22.4 (HKLM-x32\...\{AF599C42-A2E5-4251-B7EE-4925F287F119}) (Version: 10.22.4.12022 - Pango Inc.) Hidden
Hotspot Shield 10.22.4 (HKLM-x32\...\HotspotShield) (Version: 10.22.4 - Pango Inc.) Hidden
HotspotShield TAP-Windows 9.24.4 (HKLM\...\HotspotShield TAP-Windows) (Version: 9.24.4 - Pango Inc.) Hidden
Cheat Engine 7.2 (HKLM\...\Cheat Engine_is1) (Version: - Cheat Engine)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java SE Development Kit 8 Update 101 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180101}) (Version: 8.0.1010.13 - Oracle Corporation)
JavaFX Scene Builder 2.0 (HKLM-x32\...\{B4665EB1-1F7A-44F5-AD07-C20A938E8BC2}) (Version: 2.0 - Oracle)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.14430.20306 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 95.0.1020.30 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 95.0.1020.30 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\OneDriveSetup.exe) (Version: 21.205.1003.0003 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Teams) (Version: 1.4.00.26376 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.61.2 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{27B34E47-68AE-4802-822A-9F0C187AF84A}) (Version: 1.0.0.0 - Mojang)
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts)
NetBeans IDE 8.1 (HKLM\...\nbi-nb-base-8.1.0.0.201510222201) (Version: 8.1 - NetBeans.org)
Norton Security (HKLM-x32\...\NGC) (Version: 22.21.9.25 - NortonLifeLock Inc)
Npcap (HKLM-x32\...\NpcapInst) (Version: 1.10 - Nmap Project)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.1.1 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14430.20306 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14430.20306 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 6.1.16 (HKLM\...\{8979282D-1F43-4810-B819-AA1B06F2C085}) (Version: 6.1.16 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.91.46291 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.181.0.11 - Overwolf Ltd.)
Porofessor.gg (HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Overwolf_pibhbkkgefgheeglaeemkkfjlhidhcedalapdggh) (Version: 2.7.43 - Overwolf app)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 5.0.4.543 - Jan Fiala)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Python 3.9.6 (64-bit) (HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\{178e8fd0-1b1d-4cdf-8e5c-f5f53d25e0e4}) (Version: 3.9.6150.0 - Python Software Foundation)
Python 3.9.6 Core Interpreter (64-bit) (HKLM\...\{C4B7FF79-1195-436F-AA85-28EE995151B7}) (Version: 3.9.6150.0 - Python Software Foundation) Hidden
Python 3.9.6 Development Libraries (64-bit) (HKLM\...\{D6580352-5B95-49A9-B2F3-313D12D13968}) (Version: 3.9.6150.0 - Python Software Foundation) Hidden
Python 3.9.6 Documentation (64-bit) (HKLM\...\{2994270E-FE74-49E5-98BB-E65F5F0EC304}) (Version: 3.9.6150.0 - Python Software Foundation) Hidden
Python 3.9.6 Executables (64-bit) (HKLM\...\{9BE9E7F0-F9F1-487B-A2FC-790CD2898388}) (Version: 3.9.6150.0 - Python Software Foundation) Hidden
Python 3.9.6 pip Bootstrap (64-bit) (HKLM\...\{69BCB7EC-54AF-47F2-A891-D335CE44A530}) (Version: 3.9.6150.0 - Python Software Foundation) Hidden
Python 3.9.6 Standard Library (64-bit) (HKLM\...\{4DD10049-CC97-48AE-BE76-4CB6E3111F7B}) (Version: 3.9.6150.0 - Python Software Foundation) Hidden
Python 3.9.6 Tcl/Tk Support (64-bit) (HKLM\...\{7C56D977-225C-4EBA-8308-E47DF9FA867F}) (Version: 3.9.6150.0 - Python Software Foundation) Hidden
Python 3.9.6 Test Suite (64-bit) (HKLM\...\{5C5B7907-C4E8-4E09-8CD6-3E844C7D65E2}) (Version: 3.9.6150.0 - Python Software Foundation) Hidden
Python 3.9.6 Utility Scripts (64-bit) (HKLM\...\{511119D2-41C4-48E1-A3DA-0A6A1E68AC76}) (Version: 3.9.6150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{3CC89AD9-6FF2-40BE-ADF4-8ADDD3030FCE}) (Version: 3.9.7483.0 - Python Software Foundation)
Quest Software Toad Data Modeler Freeware 2.25 (HKLM-x32\...\Quest Software Toad Data Modeler Freeware 2.25_is1) (Version: - Quest Software, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.32.1206.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8773.1 - Realtek Semiconductor Corp.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.42.369 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.8.5 - Rockstar Games)
SPEEDLINK STRIKE Gamepad (HKLM-x32\...\{DFF7CD2E-2BB5-40C3-9592-078F64677EFF}) (Version: 1.00.0000 - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.26064 - Microsoft Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 117.0.10324 - Ubisoft)
USB RACING WHEEL (HKLM-x32\...\{DED994FF-D39B-4937-9DB9-87EC4E91B316}) (Version: 1.00.0000 - Y-J-R)
VEGAS Pro 18.0 (HKLM\...\{75111FE1-CE55-11EA-8B12-00155D43CFCE}) (Version: 18.0.284 - VEGAS)
vJoy Device Driver 2.1.9.1 (HKLM\...\{8E31F76F-74C3-47F1-9550-E041EEDC5FBB}_is1) (Version: 2.1.9.1 - Shaul Eizikovich)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Vzum (HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\6cfa0c5674100ff8) (Version: 1.0.0.38 - Vzum)
Wampserver64 3.2.0 (HKLM\...\{wampserver64}_is1) (Version: 3.2.0 - Dominique Ottello aka Otomatic)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Wireshark 3.4.3 64-bit (HKLM-x32\...\Wireshark) (Version: 3.4.3 - The Wireshark developer community, hxxps//www.wireshark.org)
Zoner Callisto 5 FREE (HKLM-x32\...\ZonerCallisto5_CZ_is1) (Version: 5.0.5000.16 - ZONER software)
Zoner Photo Studio X CS (HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\ZPS X) (Version: 19.2103.2.324 - ZONER software)
Packages:
=========
1938 MG TA Midget -> C:\Program Files\WindowsApps\Microsoft.MGTA38_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
1966 Volkswagen Double Cab Pick-Up -> C:\Program Files\WindowsApps\Microsoft.VWDoubleCab61_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
1970 Triumph TR6 PI -> C:\Program Files\WindowsApps\Microsoft.TRITR670_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
1972 Lamborghini Jarama S -> C:\Program Files\WindowsApps\Microsoft.LAMJarama76_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
2017 Ferrari GTC4Lusso -> C:\Program Files\WindowsApps\Microsoft.ERGTC4Lusso_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
2018 Chevrolet Camaro ZL1 1LE -> C:\Program Files\WindowsApps\Microsoft.CHECamaro1LE18_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
2018 Morgan Aero GT -> C:\Program Files\WindowsApps\Microsoft.MORAeroGT19_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
2019 Chevrolet Corvette ZR1 -> C:\Program Files\WindowsApps\Microsoft.CHECorvetteZR_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-10-25] (Microsoft Corporation)
Forza Horizon 4 1965 Peel Trident -> C:\Program Files\WindowsApps\Microsoft.PEETrident_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2005 Honda NSX-R GT -> C:\Program Files\WindowsApps\Microsoft.HONNSXRGT_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 -> C:\Program Files\WindowsApps\Microsoft.SunriseBaseGame_1.474.687.2_x64__8wekyb3d8bbwe [2021-08-30] (Microsoft Studios)
Forza Horizon 4 1929 Mercedes-Benz SSK -> C:\Program Files\WindowsApps\Microsoft.MercedesBenzSSK_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 1953 Jaguar C-Type -> C:\Program Files\WindowsApps\Microsoft.JAGCType_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 1959 Cadillac Eldorado Biarritz Convertible -> C:\Program Files\WindowsApps\Microsoft.CADElDorado_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 1959 Porsche 356A Coupe -> C:\Program Files\WindowsApps\Microsoft.ForzaHorizon41959Porsche356ACoupe_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 1962 Triumph TR3B -> C:\Program Files\WindowsApps\Microsoft.TriumphTR3B_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 1963 Opel Kadett A -> C:\Program Files\WindowsApps\Microsoft.OpelKadettA_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 1965 Ford Transit -> C:\Program Files\WindowsApps\Microsoft.FORTransit_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 1966 Hillman Imp -> C:\Program Files\WindowsApps\Microsoft.SUNImp_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 1968 Ford Mustang GT 2+2 Fastback -> C:\Program Files\WindowsApps\Microsoft.FORMustangGT390_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 1974 Honda Civic RS -> C:\Program Files\WindowsApps\Microsoft.HONCivicRS_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 1977 Hoonigan Ford Gymkhana 10 F-150 -> C:\Program Files\WindowsApps\Microsoft.FordGymkhana_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 1985 Porsche #186 959 Paris-Dakar -> C:\Program Files\WindowsApps\Microsoft.Porsche186ParisDakar_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 1993 Hoonigan Ford Escort Cosworth Group A -> C:\Program Files\WindowsApps\Microsoft.HooniganFordEscort_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 1993 Porsche 968 Turbo S -> C:\Program Files\WindowsApps\Microsoft.POR968TurboS_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2002 Mazda RX-7 Spirit R Type-A -> C:\Program Files\WindowsApps\Microsoft.MazdaRX7SpiritR_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2003 Honda S2000 -> C:\Program Files\WindowsApps\Microsoft.HondaS2000_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2004 Vauxhall VX220 -> C:\Program Files\WindowsApps\Microsoft.VauxhallVX220_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2005 Ferrari FXX -> C:\Program Files\WindowsApps\Microsoft.FerrariFXX_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2010 Vauxhall Insignia VXR -> C:\Program Files\WindowsApps\Microsoft.VauxhallInsigniaVXR_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2012 Lamborghini Gallardo LP570-4 Spyder Performante -> C:\Program Files\WindowsApps\Microsoft.LamborghiniGallardoLP5704_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2014 McLaren 650S Spider -> C:\Program Files\WindowsApps\Microsoft.MCL650SSpider_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2016 Honda Civic Coupe GRC -> C:\Program Files\WindowsApps\Microsoft.ForzaHorizon42016HondaCivicCoupeGRC_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2017 Koenigsegg Agera RS -> C:\Program Files\WindowsApps\Microsoft.ForzaHorizon42017KoenigseggAgeraRS_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2018 Alfa Romeo Stelvio Quadrifoglio -> C:\Program Files\WindowsApps\Microsoft.AlfaStevio_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2018 Aston Martin Vantage -> C:\Program Files\WindowsApps\Microsoft.ASTVantage18_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2018 Can-Am Maverick X3 X RS Turbo R -> C:\Program Files\WindowsApps\Microsoft.CanAmMaverick_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2018 Ford Deberti Design Mustang Fastback -> C:\Program Files\WindowsApps\Microsoft.ForzaHorizon2018FordDebertiDesignMustang_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2018 Chevrolet Silverado 1500 DeBerti Design Drift Truck -> C:\Program Files\WindowsApps\Microsoft.CHEDebertiDriftTruck_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2018 Nissan SentraNismo -> C:\Program Files\WindowsApps\Microsoft.ForzaHorizon42018NissanSentraNismo_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2018 TVR Griffith -> C:\Program Files\WindowsApps\Microsoft.TVRGriffith18_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2019 BMW i8 Roadster -> C:\Program Files\WindowsApps\Microsoft.BMWi8Roadster_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2019 Porsche 911 Carrera S -> C:\Program Files\WindowsApps\Microsoft.POR992_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 Barrett Jackson Car Pack -> C:\Program Files\WindowsApps\Microsoft.BJCarPack_1.0.1.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 Best of Bond Car Pack -> C:\Program Files\WindowsApps\Microsoft.Day1CarPackBits_1.0.5.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 Formula Drift Car Pack -> C:\Program Files\WindowsApps\Microsoft.FormulaDriftCarPack_1.0.3.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 Fortune Island -> C:\Program Files\WindowsApps\Microsoft.Expansion1_1.225.171.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 LEGO Speed Champions -> C:\Program Files\WindowsApps\Microsoft.Expansion2_1.312.645.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 VIP -> C:\Program Files\WindowsApps\Microsoft.ForzaHorizon4VIP_1.0.3.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_131.1.242.0_x64__v10z8vjag6ke6 [2021-09-29] (HP Inc.)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.9220.0_x64__8wekyb3d8bbwe [2021-10-09] (Microsoft Studios) [MS Ad]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.4.188.0_x64__dt26b99r8h8gj [2020-12-25] (Realtek Semiconductor Corp)
Sea of Thieves -> C:\Program Files\WindowsApps\Microsoft.SeaofThieves_2.105.3872.2_x64__8wekyb3d8bbwe [2021-10-21] (ms-resource:PublisherDisplayName)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0 [2021-10-13] (Spotify AB) [Startup Task]
Telly TV -> C:\Program Files\WindowsApps\4NET.TV.DIGI2GO_1.1.6.0_x64__2epghj4njp6fy [2021-01-23] (4NET.TV)
The Touryst -> C:\Program Files\WindowsApps\Shinen.TheTouryst_1.0.6.0_x64__9y1eezmggh3fe [2021-02-01] (Shin'en)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2893592886-4133754699-2489620301-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-2893592886-4133754699-2489620301-1001_Classes\CLSID\{04271989-C4D2-4FF5-359E-7F768727B0C6} -> [OneDrive - Vyssi odborna skola a Stredni skola technicka Ceska Trebova] => C:\Users\Draeg\OneDrive - Vyssi odborna skola a Stredni skola technicka Ceska Trebova [2020-12-25 00:55]
CustomCLSID: HKU\S-1-5-21-2893592886-4133754699-2489620301-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Draeg\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21161.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2893592886-4133754699-2489620301-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Draeg\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
CustomCLSID: HKU\S-1-5-21-2893592886-4133754699-2489620301-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-2893592886-4133754699-2489620301-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.21.9.25\NavShExt.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.21.9.25\NavShExt.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Windows\System32\atiacm64.dll [2020-12-07] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.21.9.25\NavShExt.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-2893592886-4133754699-2489620301-1001: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Draeg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Hangouts Google.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=knipolnnllmklapflnccelgolnpehhpl
ShortcutWithArgument: C:\Users\Draeg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Anaconda Prompt (anaconda).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" E:\anaconda\Scripts\activate.bat E:\anaconda
==================== Loaded Modules (Whitelisted) =============
2020-07-27 14:58 - 2020-07-27 14:58 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2020-07-27 14:58 - 2020-07-27 14:58 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2021-10-26 09:53 - 2021-10-26 09:53 - 002815488 _____ (The OpenSSL Project, hxxp//www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libcrypto-1_1-x64.dll
2021-10-26 09:53 - 2021-10-26 09:53 - 000678400 _____ (The OpenSSL Project, hxxp//www.openssl.org/) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\libssl-1_1-x64.dll
2021-01-29 20:07 - 2021-01-13 15:18 - 001282048 _____ (The OpenSSL Project, hxxp//www.openssl.org/) [File not signed] E:\origin\LIBEAY32.dll
2021-01-29 20:07 - 2021-01-13 15:18 - 000279040 _____ (The OpenSSL Project, hxxp//www.openssl.org/) [File not signed] E:\origin\ssleay32.dll
2021-01-29 20:07 - 2021-01-13 15:18 - 001611264 _____ (The Qt Company Ltd) [File not signed] E:\origin\platforms\qwindows.dll
2021-01-29 20:07 - 2021-01-13 15:18 - 005487104 _____ (The Qt Company Ltd) [File not signed] E:\origin\Qt5Core.dll
2021-01-29 20:07 - 2021-01-13 15:18 - 005841920 _____ (The Qt Company Ltd) [File not signed] E:\origin\Qt5Gui.dll
2021-01-29 20:07 - 2021-01-13 15:18 - 001179136 _____ (The Qt Company Ltd) [File not signed] E:\origin\Qt5Network.dll
2021-01-29 20:07 - 2021-01-13 15:18 - 000146432 _____ (The Qt Company Ltd) [File not signed] E:\origin\Qt5WebSockets.dll
2021-01-29 20:07 - 2021-01-13 15:18 - 005089792 _____ (The Qt Company Ltd) [File not signed] E:\origin\Qt5Widgets.dll
2021-01-29 20:07 - 2021-01-13 15:18 - 000184832 _____ (The Qt Company Ltd) [File not signed] E:\origin\Qt5Xml.dll
2020-07-27 14:58 - 2020-07-27 14:58 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2020-07-27 14:58 - 2020-07-27 14:58 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2020-07-27 14:58 - 2020-07-27 14:58 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2020-07-27 14:58 - 2020-07-27 14:58 - 000414720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2020-07-27 14:58 - 2020-07-27 14:58 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2020-07-27 14:58 - 2020-07-27 14:58 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2020-07-27 14:58 - 2020-07-27 14:58 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2020-07-27 14:58 - 2020-07-27 14:58 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2020-07-27 14:58 - 2020-07-27 14:58 - 001441792 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2020-07-27 14:58 - 2020-07-27 14:58 - 001189888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2020-07-27 14:58 - 2020-07-27 14:58 - 000134656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2020-07-27 14:58 - 2020-07-27 14:58 - 006184448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2020-07-27 14:58 - 2020-07-27 14:58 - 006867456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2020-07-27 14:58 - 2020-07-27 14:58 - 001104896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2020-07-27 14:58 - 2020-07-27 14:58 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2020-07-27 14:58 - 2020-07-27 14:58 - 003668480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2020-07-27 14:58 - 2020-07-27 14:58 - 000517120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlModels.dll
2020-07-27 14:58 - 2020-07-27 14:58 - 000051712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlWorkerScript.dll
2020-07-27 14:58 - 2020-07-27 14:58 - 004228608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2020-07-27 14:58 - 2020-07-27 14:58 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2020-07-27 14:58 - 2020-07-27 14:58 - 001085440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2020-07-27 14:58 - 2020-07-27 14:58 - 000205824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2020-07-27 14:58 - 2020-07-27 14:58 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2020-07-27 14:58 - 2020-07-27 14:58 - 000390656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2020-07-27 14:58 - 2020-07-27 14:58 - 095598080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2020-07-27 14:58 - 2020-07-27 14:58 - 000127488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2020-07-27 14:58 - 2020-07-27 14:58 - 005587968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2020-07-27 14:58 - 2020-07-27 14:58 - 000462848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2020-07-27 14:58 - 2020-07-27 14:58 - 000188928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2020-07-27 14:58 - 2020-07-27 14:58 - 002878464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2020-07-27 14:58 - 2020-07-27 14:58 - 000055808 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2020-07-27 14:58 - 2020-07-27 14:58 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2020-07-27 14:58 - 2020-07-27 14:58 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQml\qmlplugin.dll
2020-07-27 14:58 - 2020-07-27 14:58 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2020-07-27 14:58 - 2020-07-27 14:58 - 000284160 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2020-07-27 14:58 - 2020-07-27 14:58 - 000333824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2020-07-27 14:58 - 2020-07-27 14:58 - 000136704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2020-07-27 14:58 - 2020-07-27 14:58 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2020-07-27 14:58 - 2020-07-27 14:58 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2020-07-27 14:58 - 2020-07-27 14:58 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-12-04 08:02 - 2020-12-04 08:02 - 000091648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll
2021-10-26 09:53 - 2021-10-26 09:53 - 000046592 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\bearer\qgenericbearer.dll
2021-10-26 09:53 - 2021-10-26 09:53 - 006270976 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Core.dll
2021-10-26 09:53 - 2021-10-26 09:53 - 001389568 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Network.dll
2021-10-26 09:53 - 2021-10-26 09:53 - 000157184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5WebSockets.dll
2021-10-26 09:53 - 2021-10-26 09:53 - 000210432 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.21.9.25\coIEPlg.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2021-09-15] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2021-09-15] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine32\22.21.9.25\coIEPlg.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.21.9.25\coIEPlg.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.21.9.25\coIEPlg.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\sharepoint.com -> hxxps://eskola-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2020-12-25 13:14 - 000000039 ____N C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
Network Binding:
=============
VPN - VPN Client: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
VPN - VPN Client: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
VirtualBox Host-Only Network: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Připojení k místní síti: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Připojení k místní síti: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_32C7B48F92CD06D05B6EE9E3E54CA62B"
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\StartupApproved\Run: => "electron.app.Honey Miner"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{762E22DE-3C23-45B0-ADDA-AE582D217DA3}] => (Allow) E:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{AC27C5D5-81BE-4E45-898A-2FD0996D71D7}] => (Allow) E:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{3334B8D4-2A96-4403-99D3-B71758C6846C}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{9C0BC41B-0C8F-44C6-A0F7-2E965ABAEC29}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{760ECFED-30C9-49BD-9630-AAA043E016AF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3E17CF80-0AA3-4FE8-913A-AE1A4C7EBDB2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{84BBAACE-28A3-4ECC-BBE5-15BF34A07BB3}] => (Allow) E:\Steam\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{50821D0C-0447-48CB-A305-D85745520898}] => (Allow) E:\Steam\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{E17B764B-F9AD-4A05-987C-19EFC6E142DE}] => (Allow) E:\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{73C2C48B-808A-4E41-8187-64CA631164F6}] => (Allow) E:\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{812E963D-F288-4D0C-A1CA-B183E9049DAD}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{A7A89DC4-3D6F-44A1-96DE-FFDE56C92B9A}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [TCP Query User{64C85F5C-4424-48D0-B97A-29C6E3031580}C:\program files\amd\cnext\cnext\radeonsoftware.exe] => (Allow) C:\program files\amd\cnext\cnext\radeonsoftware.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [UDP Query User{D29A3B5D-9CDD-41E1-B3AA-8E1D69E20D37}C:\program files\amd\cnext\cnext\radeonsoftware.exe] => (Allow) C:\program files\amd\cnext\cnext\radeonsoftware.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [{5E3162C5-FB3B-45E7-AAAE-B99BBBFA3A63}] => (Allow) E:\SoftEthernet\SoftEther VPN Client\vpncmd_x64.exe => No File
FirewallRules: [{E5EC2341-7ED7-4F7E-8555-79B95634CB49}] => (Allow) E:\SoftEthernet\SoftEther VPN Client\vpnclient_x64.exe => No File
FirewallRules: [{47E25583-68A0-4111-BB48-6F39AD17B137}] => (Allow) E:\SoftEthernet\SoftEther VPN Client\vpncmgr.exe => No File
FirewallRules: [{EFEC4CE0-8B9E-409B-8622-914211F82434}] => (Allow) E:\SoftEthernet\SoftEther VPN Client\vpncmgr_x64.exe => No File
FirewallRules: [{99C490BB-AA39-4CA9-8ED6-450BDB66A588}] => (Allow) E:\SoftEthernet\SoftEther VPN Client\vpncmd.exe => No File
FirewallRules: [{682F572A-EFA7-4090-A033-78E564E49883}] => (Allow) E:\SoftEthernet\SoftEther VPN Client\vpnclient.exe => No File
FirewallRules: [{AB7CE6E2-DA04-416A-BBC6-6587895A9067}] => (Allow) E:\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{C5A72D48-42F2-4142-BCDE-08C47DC7A684}] => (Allow) E:\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{931FD824-1193-4640-9031-A0AAB32B9DBF}] => (Allow) E:\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe () [File not signed]
FirewallRules: [{498FABEE-2903-4791-A288-B2483BA54951}] => (Allow) E:\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe () [File not signed]
FirewallRules: [{9F4BC991-69AE-47B7-BD36-A123C383E16D}] => (Allow) C:\Users\Draeg\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{D5651ECA-3978-43E1-97DC-8531CFA7DEDF}] => (Allow) C:\Users\Draeg\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{D49A019F-2BD0-40C0-8AF0-3F415E2C1FA6}] => (Allow) E:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [{FF558230-5D62-4F98-A35F-7AB0029D50AC}] => (Allow) E:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [{8137D1EB-C72E-4366-975B-DEB43C7FD01C}] => (Allow) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E6323F55-855F-4D22-AA6E-4B983BEE74B3}] => (Allow) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E05E572F-4218-43AA-9D43-D7D39C1E980E}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{8D59CBD9-2718-4D22-88E6-0510686D4465}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{809F83AB-4D26-4A4C-8A09-476AB28CC1E0}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{34E249B1-D8CF-414D-8E91-05DE7B44EC9B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{1DAD2631-B15E-4D40-9007-DB544DC4979C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{54F649E5-948A-42FF-B328-A3E9DD76DB0F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{2FA5BB3E-0633-47D4-AE80-8EB0C1796C88}] => (Allow) E:\Steam\steamapps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{9E5DCF8E-193C-4302-A802-43CCC87F09A7}] => (Allow) E:\Steam\steamapps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{D5C8311D-1671-4395-BBC2-58B580DD0442}] => (Allow) E:\Steam\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
FirewallRules: [{EF9504C1-CC1F-4460-94DC-1CFD979BDA8F}] => (Allow) E:\Steam\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
FirewallRules: [{EFBACA34-F7A1-4822-954B-E8CA986E602D}] => (Allow) E:\Steam\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [{F1F7682C-675B-41C8-8AAD-9DB00CBF31FB}] => (Allow) E:\Steam\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [{014AE090-6ECB-45B2-B151-13C8E2F930B1}] => (Allow) E:\Steam\steamapps\common\Business Tour\BusinessTour.exe () [File not signed]
FirewallRules: [{81A51F57-493D-46E3-9D14-6A5C30D987C2}] => (Allow) E:\Steam\steamapps\common\Business Tour\BusinessTour.exe () [File not signed]
FirewallRules: [{45111B9F-D6D0-47B8-ABB8-6E8AD53BE625}] => (Allow) E:\Steam\steamapps\common\Battlerite\Battlerite.exe (Stunlock Studios AB -> )
FirewallRules: [{942D62ED-92B6-40C4-ABBC-1CDE66984410}] => (Allow) E:\Steam\steamapps\common\Battlerite\Battlerite.exe (Stunlock Studios AB -> )
FirewallRules: [{9AFAE17B-DF8E-4B6A-A7CD-F8C2A184AB7E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F63471CA-A3EC-4DDA-AE36-432EEF3FCF6A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B846B665-9E6A-4D4A-9E7F-5F5A97078F9A}] => (Allow) E:\Steam\steamapps\common\Black Desert Online\BlackDesertLauncher.exe (Pearl abyss Corp -> Pearlabyss)
FirewallRules: [{98676DB0-E980-4597-893D-4DC59EF42BA7}] => (Allow) E:\Steam\steamapps\common\Black Desert Online\BlackDesertLauncher.exe (Pearl abyss Corp -> Pearlabyss)
FirewallRules: [{F47493F5-143B-4FBD-83C1-B2298DC9EEF9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7A77F393-6B0A-475F-B245-C9C0071AD51C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BB23C26E-280E-47FE-BC51-F78C79C526A4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{627BBCC0-4C4C-4BCB-9532-7A4F0D5D2367}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F696734C-8A40-4807-9E3A-9AE5CC79779D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AF0D3F48-306F-4C53-9C3A-0F0F84D0821A}] => (Allow) E:\Steam\steamapps\common\New World\NewWorldLauncher.exe (Amazon.com Services LLC -> EasyAntiCheat Ltd)
FirewallRules: [{A7915891-C99B-4086-9A18-E5A4ACC385C9}] => (Allow) E:\Steam\steamapps\common\New World\NewWorldLauncher.exe (Amazon.com Services LLC -> EasyAntiCheat Ltd)
FirewallRules: [{21EA6D8C-555E-49D1-B61C-75EF33BCEADE}] => (Allow) E:\Steam\steamapps\common\Don't Starve Together\bin64\dontstarve_steam_x64.exe () [File not signed]
FirewallRules: [{02D2F8EA-6573-4E78-B69F-7572F260490B}] => (Allow) E:\Steam\steamapps\common\Don't Starve Together\bin64\dontstarve_steam_x64.exe () [File not signed]
FirewallRules: [{BF63DA8D-F86E-4204-95A9-3117CE6F6967}] => (Allow) E:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{0D10659E-C9A7-47C9-B87E-C4CCBC91AFE1}] => (Allow) E:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{66335E88-D49B-4A40-BCD6-8991A6651793}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1FE7B9AC-93CB-4B01-AD0D-44DF89FAB698}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8A09538A-F76B-4F1E-AF56-7D8641AFA205}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5DB6380D-4654-4A9D-80B1-FCE5F78123DE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{92ECD51C-4BEE-4E37-AC69-4EE8BA05CA88}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A19D2F62-5289-4628-95C6-6B43332FD57E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BC11C8D7-DCA0-4196-90B8-B90BB8E0F540}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B3219114-AF6B-4986-BE96-DD5236579555}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D0D5EBFF-BBF0-4AA9-87AB-25948CFEFB3C}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\95.0.1020.30\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{203FFD7D-98EB-424C-8828-5DE9D117A253}] => (Allow) C:\Program Files (x86)\Overwolf\0.180.0.6\OverwolfBrowser.exe => No File
FirewallRules: [{D6663BC8-10E9-4CB9-898C-120EE826D723}] => (Allow) C:\Program Files (x86)\Overwolf\0.180.0.6\OverwolfBrowser.exe => No File
FirewallRules: [{CFCE9CF9-5C96-414D-BC51-F2DA5199F54E}] => (Block) C:\Program Files (x86)\Overwolf\0.180.0.6\OverwolfBrowser.exe => No File
FirewallRules: [{D76DF6E4-E186-4FDB-BC40-512054C83168}] => (Block) C:\Program Files (x86)\Overwolf\0.180.0.6\OverwolfBrowser.exe => No File
FirewallRules: [{4FCD05E5-5F8B-4035-AEBD-7332B9A07E84}] => (Allow) C:\Program Files (x86)\Overwolf\0.181.0.11\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{B24396F9-057B-4825-BEFE-993349D29E84}] => (Allow) C:\Program Files (x86)\Overwolf\0.181.0.11\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{459FC2DC-74D8-44B9-A14F-EA3F22D124C1}] => (Block) C:\Program Files (x86)\Overwolf\0.181.0.11\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{02160530-8DC3-4E04-9ED0-2806A01F87B1}] => (Block) C:\Program Files (x86)\Overwolf\0.181.0.11\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{ED58B9FD-CB8A-41BC-A8A4-B1DEE0E44744}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:111.29 GB) (Free:29.02 GB) (26%)
==================== Faulty Device Manager Devices ============
Name: VPN Client Adapter - VPN
Description: VPN Client Adapter - VPN
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: SoftEther Corporation
Service: Neo_VPN
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (10/25/2021 10:24:56 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-AS0B6H5)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (10/25/2021 09:44:40 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-AS0B6H5)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (10/25/2021 09:44:22 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-AS0B6H5)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (10/25/2021 09:41:50 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-AS0B6H5)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (10/25/2021 09:40:06 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-AS0B6H5)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (10/25/2021 09:22:33 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-AS0B6H5)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (10/25/2021 09:22:10 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-AS0B6H5)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (10/25/2021 09:20:12 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-AS0B6H5)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
System errors:
=============
Error: (10/26/2021 10:09:03 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Gaming Services byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/26/2021 09:52:00 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba EraserSvc11912 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (10/26/2021 09:52:00 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba EraserSvc11911 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (10/26/2021 09:51:52 AM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: Ovladač zjistil interní chybu ovladače na \Device\VBoxNetLwf.
Error: (10/26/2021 09:51:04 AM) (Source: Microsoft-Windows-Bits-Client) (EventID: 16392) (User: NT AUTHORITY)
Description: Službu BITS se nezdařilo spustit. Chyba 2147500053.
Error: (10/26/2021 09:43:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hotspot Shield Service 10.22.4 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (10/26/2021 09:43:03 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (10/26/2021 09:43:03 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP Print Scan Doctor Service byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.
CodeIntegrity:
===============
Date: 2021-10-26 09:55:11
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume6\Program Files\Norton Security\Engine\22.21.9.25\symamsi.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. F52 08/03/2020
Motherboard: Gigabyte Technology Co., Ltd. A320M-S2H-CF
Processor: AMD Ryzen 5 2600X Six-Core Processor
Percentage of memory in use: 39%
Total physical RAM: 16335.43 MB
Available physical RAM: 9919.68 MB
Total Virtual: 25039.43 MB
Available Virtual: 14542.61 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.29 GB) (Free:29.02 GB) NTFS
Drive d: (škola) (Fixed) (Total:37.27 GB) (Free:33.22 GB) NTFS
Drive e: (Nový svazek) (Fixed) (Total:931.4 GB) (Free:210.74 GB) NTFS
\\?\Volume{1a613d24-dd4d-40d1-8387-07f300dc213d}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
\\?\Volume{bf37e43f-f555-c906-93c7-a1f771a2cef9}\ () (Fixed) (Total:0.41 GB) (Free:0 GB) NTFS
\\?\Volume{126f0fba-3125-46dd-b0d9-efcbe18e62db}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 37.3 GB) (Disk ID: A49DC55B)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 54B26478)
Partition: GPT.
==========================================================
Disk: 2 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)
Partition: GPT.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 3.
==================== End of Addition.txt =======================
zde z frst:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-10-2021
Ran by Draeg (administrator) on DESKTOP-AS0B6H5 (Gigabyte Technology Co., Ltd. A320M-S2H) (26-10-2021 10:15:10)
Running from E:\Stažené soubory
Loaded Profiles: Draeg
Platform: Microsoft Windows 10 Pro Version 20H2 19042.1288 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361901.inf_amd64_204a65b18f2a904a\B361909\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0361901.inf_amd64_204a65b18f2a904a\B361909\atiesrxx.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe
(Electronic Arts, Inc. -> Electronic Arts) E:\origin\OriginWebHelperService.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <30>
(HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Draeg\AppData\Local\Microsoft\OneDrive\21.205.1003.0003\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Draeg\AppData\Local\Microsoft\Teams\current\Teams.exe <9>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2109.6305.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.58.14001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(NortonLifeLock Inc. -> Broadcom) C:\Program Files\Norton Security\Engine\22.21.9.25\NortonSecurity.exe <2>
(NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security\Engine\22.21.9.25\nsWscSvc.exe
(OOO "XMAC" -> ) E:\HoneyGain\Honeygain.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.181.0.11\OverwolfHelper.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.181.0.11\OverwolfHelper64.exe
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\0.181.0.11\OverwolfBrowser.exe <3>
(Overwolf Ltd -> Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Pango Inc. -> Pango Inc.) C:\Program Files (x86)\Hotspot Shield\10.22.4\bin\cmw_srv.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) E:\Steam\steam.exe
(ZONER software, a.s. -> ZONER software) C:\Users\Draeg\AppData\Local\Programs\Zoner\ZPS X\binary\Program32\ZPSTray.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [961824 2019-08-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [101284632 2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-19\...\Run: [] => [X]
HKU\S-1-5-20\...\Run: [] => [X]
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Run: [GoogleChromeAutoLaunch_32C7B48F92CD06D05B6EE9E3E54CA62B] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Run: [Steam] => E:\Steam\steam.exe [4267928 2021-10-13] (Valve -> Valve Corporation)
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Run: [EpicGamesLauncher] => E:\EpicGames\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33310688 2021-09-07] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Draeg\AppData\Local\Microsoft\Teams\Update.exe [2455256 2021-10-01] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1806680 2021-10-07] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Run: [] => [X]
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Users\Draeg\AppData\Local\Programs\Zoner\ZPS X\binary\Program32\ZPSTRAY.EXE [811680 2021-06-18] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-18\...\Run: [] => [X]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\95.0.4638.54\Installer\chrmstp.exe [2021-10-26] (Google LLC -> Google LLC)
Startup: C:\Users\Draeg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HoneygainUpdater.lnk [2021-06-02]
ShortcutTarget: HoneygainUpdater.lnk -> E:\HoneyGain\HoneygainUpdater.exe (OOO "XMAC" -> Honeygain)
Startup: C:\Users\Draeg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2021-04-07]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {187122C7-08CD-44C4-A7D8-DFD39170CB14} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1710472 2020-12-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {1B8DA55F-A5A7-47ED-806B-B9262D21A383} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-25] (Google LLC -> Google LLC)
Task: {2177EF77-AD1E-42A9-A0E1-2509F11B2CCF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5729224 2021-10-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {254BDDD3-167E-4B2B-B3ED-B3D0628E8C8B} - System32\Tasks\AutoStartTask => C:\Users\Draeg\AppData\Local\DriverAssist\app-5.0.0-retail0017\DriverAssist.exe
Task: {2B1D3125-1C73-4FB4-B2FC-0DC129FBDE27} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-12-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {332B38CB-A22B-4F87-9AC0-57991BEE5A7C} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2353000 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {395904E9-A4A6-4B4D-83F6-B47877F91FA8} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.21.9.25\WSCStub.exe [646520 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {3F0BB5CC-070F-44BA-8BF0-715268CCA792} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-25] (Google LLC -> Google LLC)
Task: {4C641AD1-18F6-4EAD-8463-885D3127B507} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.21.9.25\SymErr.exe [108752 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {63AF28E3-D229-4AFF-BDF0-4CA046E23D04} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1710472 2020-12-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {70C2E10E-127A-4831-A023-DF1DCCE29D03} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5729224 2021-10-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {797E78AB-E220-4922-B6C5-9BE90D22E6CC} - System32\Tasks\Zoner.Updater.S-1-5-21-2893592886-4133754699-2489620301-1001 => C:\ProgramData\Zoner\Zoner.Installer.Core\Updater.exe [1602464 2021-07-09] (ZONER software, a.s. -> ZONER software, a.s.)
Task: {80D5F719-0A51-4268-A179-BDB6741A5413} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-12-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {939E8F2F-8E79-40DA-A6DC-5C3EAD837995} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [134504 2021-10-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {A5C9DA60-5A61-4C88-ADE1-A79F4512CEB4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [134504 2021-10-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {AE08FBEE-02AD-4C3A-903E-187C7905814A} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2484568 2021-10-07] (Overwolf Ltd -> Overwolf LTD)
Task: {B2BAFC0F-CEAE-48F2-B5E3-C1B7693CC993} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.21.9.25\SymErr.exe [108752 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {B77A2B5D-971A-4531-B1E4-78984196B0CE} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21978504 2021-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {DC81F515-3543-4BF3-BB51-7815F5A4F631} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [1145 2020-12-04] () [File not signed]
Task: {E734585E-F45C-4941-B21D-A61A36536769} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21978504 2021-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {F3BF519F-8D76-4D1E-8B2A-15B30C1226D3} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.21.9.25\SymErr.exe [108752 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {F5CC1621-B5B8-4462-AB50-CB949F4AB376} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NoUACCheck
Task: {FD4DE7DC-9A49-4528-B5C9-9AFEFCC735F9} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1710472 2020-12-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{01e84170-00bb-4287-a61e-bf149ab03eaf}: [DhcpNameServer] 192.168.0.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Draeg\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-25]
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2021-09-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2021-09-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [File not signed]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default [2021-10-26]
CHR DownloadDir: E:\Stažené soubory
CHR HomePage: Default -> hxxps//www.seznam.cz/
CHR StartupUrls: Default -> "hxxp//www.omniboxes.com/?type=hp&ts=142409595 ... oogle.com/"
CHR Extension: (Prezentace) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-12-25]
CHR Extension: (Dokumenty) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-12-25]
CHR Extension: (Disk Google) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-25]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2021-10-26]
CHR Extension: (YouTube) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-12-25]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-09-01]
CHR Extension: (Watch2Gether) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\cimpffimgeipdhnhjohpbehjkcdpjolg [2021-06-01]
CHR Extension: (Tampermonkey) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2021-06-04]
CHR Extension: (Anti Testportal) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpgfbfopkfdfmlfdpmoanamopdnibhkl [2021-02-25]
CHR Extension: (Tabulky) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-12-25]
CHR Extension: (Norton Safe Web) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnpbeacklnhmkkilekogeiekaglbmmka [2021-10-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-14]
CHR Extension: (Hangouts Google) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2021-08-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-25]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9251696 2021-10-11] (Microsoft Corporation -> Microsoft Corporation)
R2 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [9846680 2021-10-26] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2021-10-01] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [926176 2021-03-16] (Epic Games Inc. -> Epic Games, Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-08] (HP Inc. -> HP Inc.)
R2 hshld_10.22.4; C:\Program Files (x86)\Hotspot Shield\10.22.4\bin\cmw_srv.exe [242776 2021-10-22] (Pango Inc. -> Pango Inc.)
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.21.9.25\NortonSecurity.exe [343336 2021-09-29] (NortonLifeLock Inc. -> Broadcom)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.21.9.25\nsWscSvc.exe [1058664 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 Origin Client Service; E:\origin\OriginClientService.exe [2533952 2021-01-21] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; E:\origin\OriginWebHelperService.exe [3479624 2021-01-21] (Electronic Arts, Inc. -> Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2484568 2021-10-07] (Overwolf Ltd -> Overwolf LTD)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2021-03-22] (Even Balance, Inc. -> )
S3 Rockstar Service; E:\Rockstar Games\Launcher\RockstarService.exe [1934744 2021-07-22] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5414976 2021-10-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 VBoxSDS; E:\oracle\Virtual Box\VBoxSDS.exe [746504 2020-10-16] (Oracle Corporation -> Oracle Corporation)
S3 wampapache64; E:\wamp64\bin\apache\apache2.4.41\bin\httpd.exe [29696 2019-08-09] (Apache Software Foundation) [File not signed]
S3 wampmariadb64; E:\wamp64\bin\mariadb\mariadb10.4.10\bin\mysqld.exe [15837608 2019-11-07] (MariaDB Corporation Ab -> )
S3 wampmysqld64; E:\wamp64\bin\mysql\mysql8.0.18\bin\mysqld.exe [48781920 2019-09-20] (Oracle America, Inc. -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2108.7-0\NisSrv.exe [2772856 2021-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2108.7-0\MsMpEng.exe [136640 2021-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 EraserSvc11911; "C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\NortonSecurity.exe" /h ccCommon [X]
S2 EraserSvc11912; "C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\NortonSecurity.exe" /h ccCommon [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AMDXE; C:\Windows\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.20.5.40\Definitions\BASHDefs\20211020.011\BHDrvx64.sys [2018784 2021-09-15] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 ccSet_NGC; C:\Windows\System32\drivers\NGCx64\1615090.019\ccSetx64.sys [192256 2021-09-29] (Symantec Corporation -> Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [516168 2021-10-14] (Symantec Corporation -> Broadcom)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153672 2021-02-10] (Symantec Corporation -> Broadcom)
S3 gdrv2; C:\Windows\gdrv2.sys [32600 2020-12-25] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R3 hsstap; C:\Windows\System32\drivers\hsstap.sys [39424 2020-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Pango)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.20.5.40\Definitions\IPSDefs\20211025.061\IDSvia64.sys [1480144 2021-09-28] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 Neo_VPN; C:\Windows\System32\drivers\Neo6_x64_VPN.sys [37824 2021-01-02] (SoftEther Corporation -> SoftEther Corporation)
R1 npcap; C:\Windows\system32\DRIVERS\npcap.sys [74616 2020-12-11] (Insecure.Com LLC -> Insecure.Com LLC.)
S3 nsvst_NGC; C:\Windows\System32\drivers\NGCx64\1615090.019\nsvst.sys [56080 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R1 pango_netfilter2; C:\Windows\System32\drivers\pango_netfilter2.sys [94600 2021-10-22] (Pango Inc. -> Pango Inc)
R1 SRTSP; C:\Windows\System32\drivers\NGCx64\1615090.019\SRTSP64.SYS [892600 2021-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SRTSPX; C:\Windows\System32\drivers\NGCx64\1615090.019\SRTSPX64.SYS [48832 2021-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R0 SymEFASI; C:\Windows\System32\drivers\NGCx64\1615090.019\SYMEFASI64.SYS [2059952 2021-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S0 SymELAM; C:\Windows\System32\drivers\NGCx64\1615090.019\SymELAM.sys [31976 2021-09-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [93152 2021-08-06] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.20.5.40\SymPlatform\SymEvnt.sys [712432 2021-07-13] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\Windows\System32\drivers\NGCx64\1615090.019\Ironx64.SYS [319176 2021-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymNetS; C:\Windows\System32\drivers\NGCx64\1615090.019\symnets.sys [575344 2021-09-29] (Symantec Corporation -> Symantec Corporation)
R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [239432 2020-10-16] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [249344 2020-10-16] (Oracle Corporation -> Oracle Corporation)
R3 vjoy; C:\Windows\system32\DRIVERS\vjoy.sys [67448 2019-07-14] (On-site Dental Systems (Justin Shafer) -> Shaul Eizikovich)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [48536 2021-09-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [433384 2021-09-18] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86264 2021-09-18] (Microsoft Windows -> Microsoft Corporation)
S3 wpCtrlDrv_NGC; C:\Windows\System32\drivers\NGCx64\1615090.019\wpCtrlDrv.sys [1015760 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
U4 npcap_wifi; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-10-26 10:02 - 2021-10-26 10:15 - 000000000 ____D C:\FRST
2021-10-26 09:45 - 2021-10-26 09:45 - 000000000 ____D C:\Windows\system32\Tasks\Remediation
2021-10-26 09:39 - 2021-10-26 09:40 - 000000000 ____D C:\AdwCleaner
2021-10-25 14:46 - 2021-10-25 14:46 - 000075712 _____ C:\Users\Draeg\Documents\sezona2021.veg
2021-10-25 12:30 - 2021-10-25 17:53 - 000000000 ____D C:\Users\Draeg\AppData\Roaming\vlc
2021-10-25 12:30 - 2021-10-25 12:30 - 000001143 _____ C:\Users\Public\Desktop\VLC media player.lnk
2021-10-25 12:30 - 2021-10-25 12:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2021-10-25 12:30 - 2021-10-25 12:30 - 000000000 ____D C:\Program Files (x86)\VideoLAN
2021-10-24 21:49 - 2021-10-24 21:49 - 000000000 ____D C:\Users\Draeg\AppData\Local\NPE
2021-10-24 13:44 - 2021-10-24 13:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
2021-10-24 13:44 - 2021-10-24 13:44 - 000000000 ____D C:\Program Files (x86)\Hotspot Shield
2021-10-24 13:44 - 2021-10-22 10:08 - 000094600 _____ (Pango Inc) C:\Windows\system32\Drivers\pango_netfilter2.sys
2021-10-22 16:47 - 2021-10-22 16:47 - 001720972 _____ C:\Windows\Minidump\102221-12781-01.dmp
2021-10-22 16:35 - 2021-10-22 16:35 - 000025576 _____ (EasyAntiCheat Oy) C:\Windows\system32\eac_usermode_138117435135266.dll
2021-10-22 09:56 - 2021-10-22 10:18 - 000000000 ____D C:\Users\Draeg\Downloads\bot
2021-10-22 09:44 - 2021-10-22 09:44 - 000000000 ____D C:\Users\Draeg\AppData\Local\Yandex
2021-10-21 19:52 - 2021-10-22 16:47 - 1560943642 _____ C:\Windows\MEMORY.DMP
2021-10-21 19:52 - 2021-10-22 16:47 - 000000000 ____D C:\Windows\Minidump
2021-10-21 19:52 - 2021-10-21 19:52 - 002520332 _____ C:\Windows\Minidump\102121-12109-01.dmp
2021-10-15 17:28 - 2021-10-15 17:28 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2021-10-15 17:28 - 2021-10-15 17:28 - 000005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2021-10-15 17:27 - 2021-10-15 17:27 - 001823296 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2021-10-15 17:27 - 2021-10-15 17:27 - 001393504 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2021-10-15 17:27 - 2021-10-15 17:27 - 000706536 _____ C:\Windows\system32\TextShaping.dll
2021-10-15 17:27 - 2021-10-15 17:27 - 000611960 _____ C:\Windows\SysWOW64\TextShaping.dll
2021-10-15 17:27 - 2021-10-15 17:27 - 000593920 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2021-10-15 17:27 - 2021-10-15 17:27 - 000570368 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2021-10-15 17:27 - 2021-10-15 17:27 - 000452096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2021-10-15 17:27 - 2021-10-15 17:27 - 000449024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2021-10-15 17:27 - 2021-10-15 17:27 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2021-10-15 17:27 - 2021-10-15 17:27 - 000203264 _____ C:\Windows\system32\uwfcfgmgmt.dll
2021-10-15 17:27 - 2021-10-15 17:27 - 000158208 _____ C:\Windows\system32\uwfcsp.dll
2021-10-15 17:27 - 2021-10-15 17:27 - 000098304 _____ C:\Windows\system32\Drivers\cimfs.sys
2021-10-15 17:27 - 2021-10-15 17:27 - 000040960 _____ C:\Windows\system32\uwfservicingapi.dll
2021-10-15 17:27 - 2021-10-15 17:27 - 000011495 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-10-15 17:20 - 2021-10-15 17:20 - 000000000 ___HD C:\$WinREAgent
2021-10-10 14:47 - 2021-10-10 14:47 - 000000605 _____ C:\Users\Draeg\Desktop\Riot Client.lnk
2021-10-09 13:49 - 2021-10-26 09:57 - 000000000 ____D C:\Windows\system32\Tasks\Norton Security
2021-10-09 13:49 - 2021-10-09 13:49 - 000003376 _____ C:\Windows\system32\Tasks\Norton WSC Integration
2021-10-09 13:49 - 2021-10-09 13:49 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2021-10-01 16:52 - 2021-10-13 18:04 - 000000000 ____D C:\Users\Draeg\AppData\Local\Persona
2021-10-01 16:52 - 2021-10-01 16:52 - 000000000 ____D C:\Users\Draeg\AppData\Roaming\AGS
2021-10-01 16:51 - 2021-10-01 16:51 - 000000000 ____D C:\Users\Draeg\AppData\Local\AGS
2021-10-01 13:10 - 2021-10-01 13:10 - 000000203 _____ C:\Users\Draeg\Desktop\New World.url
2021-09-29 20:36 - 2021-09-29 20:36 - 000002249 _____ C:\Users\Public\Desktop\EA.lnk
2021-09-28 19:41 - 2021-10-22 12:10 - 000000000 ____D C:\Users\Draeg\AppData\Roaming\Code
2021-09-28 19:41 - 2021-10-22 10:31 - 000000000 ____D C:\Users\Draeg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2021-09-28 19:41 - 2021-09-28 19:41 - 000000730 _____ C:\Users\Draeg\Desktop\Visual Studio Code.lnk
2021-09-28 19:41 - 2021-09-28 19:41 - 000000000 ____D C:\Users\Draeg\.vscode
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-10-26 10:09 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-26 10:04 - 2020-12-24 23:52 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-26 10:02 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2021-10-26 09:58 - 2020-12-24 23:35 - 001693576 _____ C:\Windows\system32\PerfStringBackup.INI
2021-10-26 09:58 - 2019-12-07 16:43 - 000716874 _____ C:\Windows\system32\perfh005.dat
2021-10-26 09:58 - 2019-12-07 16:43 - 000145052 _____ C:\Windows\system32\perfc005.dat
2021-10-26 09:52 - 2021-01-29 21:08 - 000002321 _____ C:\Users\Draeg\Desktop\Porofessor.gg.lnk
2021-10-26 09:52 - 2021-01-29 21:05 - 000000000 ____D C:\Users\Draeg\AppData\Local\Overwolf
2021-10-26 09:52 - 2020-12-25 01:01 - 000003126 _____ C:\Windows\system32\Tasks\AMDInstallLauncher
2021-10-26 09:52 - 2020-12-25 00:55 - 000000000 ___RD C:\Users\Draeg\OneDrive - Vyssi odborna skola a Stredni skola technicka Ceska Trebova
2021-10-26 09:52 - 2020-12-25 00:51 - 000003110 _____ C:\Windows\system32\Tasks\AMDLinkUpdate
2021-10-26 09:52 - 2020-12-24 23:33 - 000000000 ___RD C:\Users\Draeg\OneDrive
2021-10-26 09:52 - 2019-12-07 11:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2021-10-26 09:51 - 2020-12-24 23:56 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2021-10-26 09:51 - 2020-09-27 09:56 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-10-26 09:51 - 2020-09-27 07:55 - 000008192 ___SH C:\DumpStack.log.tmp
2021-10-26 09:51 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI
2021-10-26 09:01 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2021-10-26 08:59 - 2020-12-25 00:06 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-26 08:59 - 2020-12-25 00:06 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-10-25 22:19 - 2020-12-25 01:30 - 000000000 ____D C:\Users\Draeg\AppData\Roaming\discord
2021-10-25 22:06 - 2020-12-25 01:30 - 000000000 ____D C:\Users\Draeg\AppData\Local\Discord
2021-10-25 21:04 - 2020-09-27 07:55 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-10-25 16:21 - 2020-12-25 01:20 - 000000000 ____D C:\ProgramData\Riot Games
2021-10-25 14:46 - 2021-01-28 19:48 - 000000000 ____D C:\Users\Draeg\AppData\LocalLow\Adobe
2021-10-25 14:22 - 2020-12-24 23:34 - 000000000 ____D C:\Users\Draeg\AppData\Local\PlaceholderTileLogoFolder
2021-10-25 13:45 - 2020-12-24 23:32 - 000000000 ____D C:\Users\Draeg\AppData\Local\Packages
2021-10-25 13:43 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-10-25 12:12 - 2021-01-30 00:26 - 000000000 ____D C:\Users\Draeg\AppData\Roaming\VEGAS
2021-10-25 08:21 - 2021-01-29 21:07 - 000000000 ____D C:\Program Files (x86)\Overwolf
2021-10-24 21:49 - 2020-12-25 00:16 - 000000000 ____D C:\ProgramData\Norton
2021-10-24 16:53 - 2020-12-24 23:50 - 000000000 ____D C:\Users\Draeg\AppData\Local\D3DSCache
2021-10-24 13:44 - 2021-08-30 08:14 - 000001251 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk
2021-10-24 13:44 - 2021-01-02 13:12 - 000000000 ____D C:\ProgramData\Hotspot Shield
2021-10-24 13:44 - 2020-12-25 00:18 - 000000000 ____D C:\ProgramData\Package Cache
2021-10-22 23:22 - 2020-12-24 23:30 - 000000000 ____D C:\Users\Draeg
2021-10-22 19:49 - 2020-12-25 14:41 - 002220488 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2021-10-22 19:49 - 2020-12-25 14:41 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2021-10-22 19:48 - 2020-12-25 14:41 - 000324048 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2021-10-22 19:48 - 2020-12-25 14:41 - 000217544 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy.dll
2021-10-22 19:48 - 2020-12-25 14:41 - 000197040 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2021-10-22 19:48 - 2020-12-25 14:41 - 000061896 _____ (Microsoft Corporation) C:\Windows\system32\gamemodcontrol.exe
2021-10-22 18:42 - 2020-09-27 09:58 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-10-22 18:42 - 2020-09-27 09:58 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-10-22 13:26 - 2020-12-25 01:36 - 000000000 ____D C:\Users\Draeg\AppData\Roaming\TS3Client
2021-10-22 09:45 - 2021-01-13 13:59 - 000000000 ____D C:\Users\Draeg\AppData\Local\CrashDumps
2021-10-21 19:31 - 2020-12-24 23:33 - 000003380 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2893592886-4133754699-2489620301-1001
2021-10-21 19:31 - 2020-12-24 23:30 - 000002381 _____ C:\Users\Draeg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-10-21 19:30 - 2020-12-25 00:53 - 000000000 ____D C:\Users\Draeg\AppData\Local\AMD_Common
2021-10-19 18:27 - 2020-12-25 01:21 - 000000000 ____D C:\Program Files\Microsoft Office
2021-10-15 19:04 - 2020-09-27 07:55 - 000533528 _____ C:\Windows\system32\FNTCACHE.DAT
2021-10-15 19:03 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-10-15 19:03 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\UNP
2021-10-15 19:03 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-10-15 19:03 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2021-10-15 19:03 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2021-10-15 19:03 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2021-10-15 19:03 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2021-10-15 19:03 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-10-15 19:03 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\DiagTrack
2021-10-15 19:03 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2021-10-15 17:30 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2021-10-14 18:47 - 2020-12-24 23:38 - 000000000 ____D C:\Windows\system32\MRT
2021-10-14 18:45 - 2020-12-24 23:38 - 139806512 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-10-13 15:12 - 2020-12-25 13:02 - 000000000 ____D C:\ProgramData\Zoner
2021-10-12 18:55 - 2020-12-27 16:28 - 000000000 ____D C:\Users\Draeg\AppData\Roaming\.minecraft
2021-10-12 14:43 - 2020-09-27 09:59 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-10-10 14:47 - 2020-12-25 01:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2021-10-10 12:36 - 2020-09-27 09:58 - 000003584 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-10 12:36 - 2020-09-27 09:58 - 000003460 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-10-09 16:08 - 2020-12-25 01:42 - 000000000 ____D C:\Program Files\Common Files\AV
2021-10-09 13:49 - 2020-12-25 00:23 - 000002420 _____ C:\Users\Public\Desktop\Norton Security.lnk
2021-10-09 13:49 - 2020-12-25 00:16 - 000000000 ____D C:\Windows\system32\Drivers\NGCx64
2021-10-01 17:59 - 2020-12-24 23:52 - 000003474 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-10-01 17:59 - 2020-12-24 23:52 - 000003350 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-10-01 16:51 - 2021-03-25 11:45 - 000000000 ____D C:\Users\Draeg\AppData\Roaming\EasyAntiCheat
2021-10-01 16:32 - 2020-12-25 12:17 - 000002368 _____ C:\Users\Draeg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-10-01 16:32 - 2020-12-25 12:17 - 000002360 _____ C:\Users\Draeg\Desktop\Microsoft Teams.lnk
2021-10-01 14:48 - 2021-02-12 18:02 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-10-01 13:42 - 2020-12-24 23:32 - 000000000 ____D C:\Users\Draeg\AppData\Local\ConnectedDevicesPlatform
2021-10-01 13:10 - 2021-06-16 08:00 - 000000000 ____D C:\Users\Draeg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-09-29 20:36 - 2021-03-19 09:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2021-09-29 19:29 - 2020-12-25 01:30 - 000002231 _____ C:\Users\Draeg\Desktop\Discord.lnk
==================== Files in the root of some directories ========
2021-01-28 19:48 - 2021-03-11 20:05 - 000000033 _____ () C:\Users\Draeg\AppData\Roaming\AdobeWLCMCache.dat
2021-01-20 09:24 - 2021-01-20 09:24 - 000000110 _____ () C:\Users\Draeg\AppData\Roaming\debug.log
2021-01-31 10:52 - 2021-05-20 11:21 - 000007380 _____ () C:\Users\Draeg\AppData\Local\oobelibMkey.log
2021-09-21 21:03 - 2021-09-21 21:03 - 000000715 _____ () C:\Users\Draeg\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
mám pocit že mám něco v počítači, malware nejspíš, logy v příspěvku
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: mám pocit že mám něco v počítači, malware nejspíš, logy v příspěvku
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: mám pocit že mám něco v počítači, malware nejspíš, logy v příspěvku
zde je log z programu
# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-10-08.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-26-2021
# Duration: 00:00:01
# OS: Windows 10 Pro
# Cleaned: 10
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
Deleted Seznam doplněk - Email - bgjpfhpjcgdppjbgnpnjllokbmcdllig
***** [ Chromium URLs ] *****
Deleted WebSearch
Deleted WebSearch
Deleted http://www.mystartsearch.com/?type=hp&t ... 9255592555
Deleted http://www.mystartsearch.com/?type=hp&t ... 9255592555
Deleted http://www.mystartsearch.com/?type=hp&t ... 9255592555
Deleted http://www.mystartsearch.com/?type=hp&t ... 9255592555
Deleted http://www.omniboxes.com/?type=hp&ts=14 ... 9255592555
Deleted http://www.oursurfing.com/?type=hp&ts=1 ... 9255592555
Deleted oursurfing
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1405 octets] - [26/10/2021 09:42:44]
AdwCleaner[C00].txt - [1613 octets] - [26/10/2021 09:43:03]
AdwCleaner[S01].txt - [2542 octets] - [26/10/2021 11:31:42]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-10-08.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-26-2021
# Duration: 00:00:01
# OS: Windows 10 Pro
# Cleaned: 10
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
Deleted Seznam doplněk - Email - bgjpfhpjcgdppjbgnpnjllokbmcdllig
***** [ Chromium URLs ] *****
Deleted WebSearch
Deleted WebSearch
Deleted http://www.mystartsearch.com/?type=hp&t ... 9255592555
Deleted http://www.mystartsearch.com/?type=hp&t ... 9255592555
Deleted http://www.mystartsearch.com/?type=hp&t ... 9255592555
Deleted http://www.mystartsearch.com/?type=hp&t ... 9255592555
Deleted http://www.omniboxes.com/?type=hp&ts=14 ... 9255592555
Deleted http://www.oursurfing.com/?type=hp&ts=1 ... 9255592555
Deleted oursurfing
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1405 octets] - [26/10/2021 09:42:44]
AdwCleaner[C00].txt - [1613 octets] - [26/10/2021 09:43:03]
AdwCleaner[S01].txt - [2542 octets] - [26/10/2021 11:31:42]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: mám pocit že mám něco v počítači, malware nejspíš, logy v příspěvku
OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: mám pocit že mám něco v počítači, malware nejspíš, logy v příspěvku
addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-10-2021
Ran by Draeg (26-10-2021 14:41:33)
Running from E:\Stažené soubory
Microsoft Windows 10 Pro Version 20H2 19042.1288 (X64) (2020-12-24 21:28:58)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2893592886-4133754699-2489620301-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2893592886-4133754699-2489620301-503 - Limited - Disabled)
Draeg (S-1-5-21-2893592886-4133754699-2489620301-1001 - Administrator - Enabled) => C:\Users\Draeg
Guest (S-1-5-21-2893592886-4133754699-2489620301-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2893592886-4133754699-2489620301-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Security (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security (Enabled - Up to date) {AECE2126-F4E7-6909-11F2-1B69D1FBCBD0}
AV: Norton Security (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A}
FW: Norton Security (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}
FW: Norton Security (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1}
FW: Norton Security (Enabled) {96F5A003-BE88-6851-3AAD-B25C2F288CAB}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\uTorrent) (Version: 3.5.5.45852 - BitTorrent Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.0.327 - Adobe Systems Incorporated)
Adobe Illustrator CC 2017 (HKLM-x32\...\ILST_21_0_0) (Version: 21.0.0 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.12.1 - Advanced Micro Devices, Inc.)
Anaconda3 2021.05 (Python 3.8.8 64-bit) (HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Anaconda3 2021.05 (Python 3.8.8 64-bit)) (Version: 2021.05 - Anaconda, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
Cisco Packet Tracer 8.0 64Bit (HKLM\...\Cisco Packet Tracer 8.0 64Bit_is1) (Version: - Cisco Systems, Inc.)
Dia (pouze odstranit) (HKLM-x32\...\Dia) (Version: - )
Discord (HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 12.0.148.5025 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{d3e84f4a-a180-492d-985f-40cdbc8681a1}) (Version: 12.0.148.5025 - Electronic Arts)
Epic Games Launcher (HKLM-x32\...\{FEF3A9BA-A962-4469-AD62-04839D4BB847}) (Version: 1.1.298.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{0B736177-814A-4ADE-81D1-66A0FDD55BB4}) (Version: 1.1.11.0 - Epic Games, Inc.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
GlassFish Server Open Source Edition 4.1.1 (HKLM\...\nbi-glassfish-mod-4.1.1.0.1) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 95.0.4638.54 - Google LLC)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Honeygain (HKLM-x32\...\{C1922E93-B15E-460D-9C01-53E71109C2C6}) (Version: 0.10.2.0 - Honeygain)
Hotspot Shield 10.22.4 (HKLM-x32\...\{4de134ec-1612-4548-bed4-35bf05f8cfe2}) (Version: 10.22.4.12022 - Pango Inc.)
Hotspot Shield 10.22.4 (HKLM-x32\...\{AF599C42-A2E5-4251-B7EE-4925F287F119}) (Version: 10.22.4.12022 - Pango Inc.) Hidden
Hotspot Shield 10.22.4 (HKLM-x32\...\HotspotShield) (Version: 10.22.4 - Pango Inc.) Hidden
HotspotShield TAP-Windows 9.24.4 (HKLM\...\HotspotShield TAP-Windows) (Version: 9.24.4 - Pango Inc.) Hidden
Cheat Engine 7.2 (HKLM\...\Cheat Engine_is1) (Version: - Cheat Engine)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java SE Development Kit 8 Update 101 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180101}) (Version: 8.0.1010.13 - Oracle Corporation)
JavaFX Scene Builder 2.0 (HKLM-x32\...\{B4665EB1-1F7A-44F5-AD07-C20A938E8BC2}) (Version: 2.0 - Oracle)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.14430.20306 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 95.0.1020.30 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 95.0.1020.30 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\OneDriveSetup.exe) (Version: 21.205.1003.0003 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Teams) (Version: 1.4.00.26376 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.61.2 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{27B34E47-68AE-4802-822A-9F0C187AF84A}) (Version: 1.0.0.0 - Mojang)
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts)
NetBeans IDE 8.1 (HKLM\...\nbi-nb-base-8.1.0.0.201510222201) (Version: 8.1 - NetBeans.org)
Norton Security (HKLM-x32\...\NGC) (Version: 22.21.9.25 - NortonLifeLock Inc)
Npcap (HKLM-x32\...\NpcapInst) (Version: 1.10 - Nmap Project)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.1.1 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14430.20306 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14430.20306 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 6.1.16 (HKLM\...\{8979282D-1F43-4810-B819-AA1B06F2C085}) (Version: 6.1.16 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.91.46291 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.181.0.11 - Overwolf Ltd.)
Porofessor.gg (HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Overwolf_pibhbkkgefgheeglaeemkkfjlhidhcedalapdggh) (Version: 2.7.43 - Overwolf app)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 5.0.4.543 - Jan Fiala)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Python 3.9.6 (64-bit) (HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\{178e8fd0-1b1d-4cdf-8e5c-f5f53d25e0e4}) (Version: 3.9.6150.0 - Python Software Foundation)
Python 3.9.6 Core Interpreter (64-bit) (HKLM\...\{C4B7FF79-1195-436F-AA85-28EE995151B7}) (Version: 3.9.6150.0 - Python Software Foundation) Hidden
Python 3.9.6 Development Libraries (64-bit) (HKLM\...\{D6580352-5B95-49A9-B2F3-313D12D13968}) (Version: 3.9.6150.0 - Python Software Foundation) Hidden
Python 3.9.6 Documentation (64-bit) (HKLM\...\{2994270E-FE74-49E5-98BB-E65F5F0EC304}) (Version: 3.9.6150.0 - Python Software Foundation) Hidden
Python 3.9.6 Executables (64-bit) (HKLM\...\{9BE9E7F0-F9F1-487B-A2FC-790CD2898388}) (Version: 3.9.6150.0 - Python Software Foundation) Hidden
Python 3.9.6 pip Bootstrap (64-bit) (HKLM\...\{69BCB7EC-54AF-47F2-A891-D335CE44A530}) (Version: 3.9.6150.0 - Python Software Foundation) Hidden
Python 3.9.6 Standard Library (64-bit) (HKLM\...\{4DD10049-CC97-48AE-BE76-4CB6E3111F7B}) (Version: 3.9.6150.0 - Python Software Foundation) Hidden
Python 3.9.6 Tcl/Tk Support (64-bit) (HKLM\...\{7C56D977-225C-4EBA-8308-E47DF9FA867F}) (Version: 3.9.6150.0 - Python Software Foundation) Hidden
Python 3.9.6 Test Suite (64-bit) (HKLM\...\{5C5B7907-C4E8-4E09-8CD6-3E844C7D65E2}) (Version: 3.9.6150.0 - Python Software Foundation) Hidden
Python 3.9.6 Utility Scripts (64-bit) (HKLM\...\{511119D2-41C4-48E1-A3DA-0A6A1E68AC76}) (Version: 3.9.6150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{3CC89AD9-6FF2-40BE-ADF4-8ADDD3030FCE}) (Version: 3.9.7483.0 - Python Software Foundation)
Quest Software Toad Data Modeler Freeware 2.25 (HKLM-x32\...\Quest Software Toad Data Modeler Freeware 2.25_is1) (Version: - Quest Software, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.32.1206.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8773.1 - Realtek Semiconductor Corp.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.42.369 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.8.5 - Rockstar Games)
SPEEDLINK STRIKE Gamepad (HKLM-x32\...\{DFF7CD2E-2BB5-40C3-9592-078F64677EFF}) (Version: 1.00.0000 - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.26064 - Microsoft Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 117.0.10324 - Ubisoft)
USB RACING WHEEL (HKLM-x32\...\{DED994FF-D39B-4937-9DB9-87EC4E91B316}) (Version: 1.00.0000 - Y-J-R)
VEGAS Pro 18.0 (HKLM\...\{75111FE1-CE55-11EA-8B12-00155D43CFCE}) (Version: 18.0.284 - VEGAS)
vJoy Device Driver 2.1.9.1 (HKLM\...\{8E31F76F-74C3-47F1-9550-E041EEDC5FBB}_is1) (Version: 2.1.9.1 - Shaul Eizikovich)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Vzum (HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\6cfa0c5674100ff8) (Version: 1.0.0.38 - Vzum)
Wampserver64 3.2.0 (HKLM\...\{wampserver64}_is1) (Version: 3.2.0 - Dominique Ottello aka Otomatic)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Wireshark 3.4.3 64-bit (HKLM-x32\...\Wireshark) (Version: 3.4.3 - The Wireshark developer community, hxxps//www.wireshark.org)
Zoner Callisto 5 FREE (HKLM-x32\...\ZonerCallisto5_CZ_is1) (Version: 5.0.5000.16 - ZONER software)
Zoner Photo Studio X CS (HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\ZPS X) (Version: 19.2103.2.324 - ZONER software)
Packages:
=========
1938 MG TA Midget -> C:\Program Files\WindowsApps\Microsoft.MGTA38_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
1966 Volkswagen Double Cab Pick-Up -> C:\Program Files\WindowsApps\Microsoft.VWDoubleCab61_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
1970 Triumph TR6 PI -> C:\Program Files\WindowsApps\Microsoft.TRITR670_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
1972 Lamborghini Jarama S -> C:\Program Files\WindowsApps\Microsoft.LAMJarama76_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
2017 Ferrari GTC4Lusso -> C:\Program Files\WindowsApps\Microsoft.ERGTC4Lusso_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
2018 Chevrolet Camaro ZL1 1LE -> C:\Program Files\WindowsApps\Microsoft.CHECamaro1LE18_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
2018 Morgan Aero GT -> C:\Program Files\WindowsApps\Microsoft.MORAeroGT19_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
2019 Chevrolet Corvette ZR1 -> C:\Program Files\WindowsApps\Microsoft.CHECorvetteZR_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-10-25] (Microsoft Corporation)
Forza Horizon 4 1965 Peel Trident -> C:\Program Files\WindowsApps\Microsoft.PEETrident_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2005 Honda NSX-R GT -> C:\Program Files\WindowsApps\Microsoft.HONNSXRGT_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 -> C:\Program Files\WindowsApps\Microsoft.SunriseBaseGame_1.474.687.2_x64__8wekyb3d8bbwe [2021-08-30] (Microsoft Studios)
Forza Horizon 4 1929 Mercedes-Benz SSK -> C:\Program Files\WindowsApps\Microsoft.MercedesBenzSSK_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 1953 Jaguar C-Type -> C:\Program Files\WindowsApps\Microsoft.JAGCType_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 1959 Cadillac Eldorado Biarritz Convertible -> C:\Program Files\WindowsApps\Microsoft.CADElDorado_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 1959 Porsche 356A Coupe -> C:\Program Files\WindowsApps\Microsoft.ForzaHorizon41959Porsche356ACoupe_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 1962 Triumph TR3B -> C:\Program Files\WindowsApps\Microsoft.TriumphTR3B_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 1963 Opel Kadett A -> C:\Program Files\WindowsApps\Microsoft.OpelKadettA_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 1965 Ford Transit -> C:\Program Files\WindowsApps\Microsoft.FORTransit_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 1966 Hillman Imp -> C:\Program Files\WindowsApps\Microsoft.SUNImp_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 1968 Ford Mustang GT 2+2 Fastback -> C:\Program Files\WindowsApps\Microsoft.FORMustangGT390_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 1974 Honda Civic RS -> C:\Program Files\WindowsApps\Microsoft.HONCivicRS_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 1977 Hoonigan Ford Gymkhana 10 F-150 -> C:\Program Files\WindowsApps\Microsoft.FordGymkhana_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 1985 Porsche #186 959 Paris-Dakar -> C:\Program Files\WindowsApps\Microsoft.Porsche186ParisDakar_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 1993 Hoonigan Ford Escort Cosworth Group A -> C:\Program Files\WindowsApps\Microsoft.HooniganFordEscort_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 1993 Porsche 968 Turbo S -> C:\Program Files\WindowsApps\Microsoft.POR968TurboS_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2002 Mazda RX-7 Spirit R Type-A -> C:\Program Files\WindowsApps\Microsoft.MazdaRX7SpiritR_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2003 Honda S2000 -> C:\Program Files\WindowsApps\Microsoft.HondaS2000_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2004 Vauxhall VX220 -> C:\Program Files\WindowsApps\Microsoft.VauxhallVX220_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2005 Ferrari FXX -> C:\Program Files\WindowsApps\Microsoft.FerrariFXX_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2010 Vauxhall Insignia VXR -> C:\Program Files\WindowsApps\Microsoft.VauxhallInsigniaVXR_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2012 Lamborghini Gallardo LP570-4 Spyder Performante -> C:\Program Files\WindowsApps\Microsoft.LamborghiniGallardoLP5704_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2014 McLaren 650S Spider -> C:\Program Files\WindowsApps\Microsoft.MCL650SSpider_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2016 Honda Civic Coupe GRC -> C:\Program Files\WindowsApps\Microsoft.ForzaHorizon42016HondaCivicCoupeGRC_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2017 Koenigsegg Agera RS -> C:\Program Files\WindowsApps\Microsoft.ForzaHorizon42017KoenigseggAgeraRS_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2018 Alfa Romeo Stelvio Quadrifoglio -> C:\Program Files\WindowsApps\Microsoft.AlfaStevio_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2018 Aston Martin Vantage -> C:\Program Files\WindowsApps\Microsoft.ASTVantage18_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2018 Can-Am Maverick X3 X RS Turbo R -> C:\Program Files\WindowsApps\Microsoft.CanAmMaverick_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2018 Ford Deberti Design Mustang Fastback -> C:\Program Files\WindowsApps\Microsoft.ForzaHorizon2018FordDebertiDesignMustang_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2018 Chevrolet Silverado 1500 DeBerti Design Drift Truck -> C:\Program Files\WindowsApps\Microsoft.CHEDebertiDriftTruck_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2018 Nissan SentraNismo -> C:\Program Files\WindowsApps\Microsoft.ForzaHorizon42018NissanSentraNismo_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2018 TVR Griffith -> C:\Program Files\WindowsApps\Microsoft.TVRGriffith18_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2019 BMW i8 Roadster -> C:\Program Files\WindowsApps\Microsoft.BMWi8Roadster_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2019 Porsche 911 Carrera S -> C:\Program Files\WindowsApps\Microsoft.POR992_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 Barrett Jackson Car Pack -> C:\Program Files\WindowsApps\Microsoft.BJCarPack_1.0.1.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 Best of Bond Car Pack -> C:\Program Files\WindowsApps\Microsoft.Day1CarPackBits_1.0.5.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 Formula Drift Car Pack -> C:\Program Files\WindowsApps\Microsoft.FormulaDriftCarPack_1.0.3.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 Fortune Island -> C:\Program Files\WindowsApps\Microsoft.Expansion1_1.225.171.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 LEGO Speed Champions -> C:\Program Files\WindowsApps\Microsoft.Expansion2_1.312.645.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 VIP -> C:\Program Files\WindowsApps\Microsoft.ForzaHorizon4VIP_1.0.3.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_131.1.242.0_x64__v10z8vjag6ke6 [2021-09-29] (HP Inc.)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.9220.0_x64__8wekyb3d8bbwe [2021-10-09] (Microsoft Studios) [MS Ad]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.4.188.0_x64__dt26b99r8h8gj [2020-12-25] (Realtek Semiconductor Corp)
Sea of Thieves -> C:\Program Files\WindowsApps\Microsoft.SeaofThieves_2.105.3872.2_x64__8wekyb3d8bbwe [2021-10-21] (ms-resource:PublisherDisplayName)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0 [2021-10-13] (Spotify AB) [Startup Task]
Telly TV -> C:\Program Files\WindowsApps\4NET.TV.DIGI2GO_1.1.6.0_x64__2epghj4njp6fy [2021-01-23] (4NET.TV)
The Touryst -> C:\Program Files\WindowsApps\Shinen.TheTouryst_1.0.6.0_x64__9y1eezmggh3fe [2021-02-01] (Shin'en)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2893592886-4133754699-2489620301-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-2893592886-4133754699-2489620301-1001_Classes\CLSID\{04271989-C4D2-4FF5-359E-7F768727B0C6} -> [OneDrive - Vyssi odborna skola a Stredni skola technicka Ceska Trebova] => C:\Users\Draeg\OneDrive - Vyssi odborna skola a Stredni skola technicka Ceska Trebova [2020-12-25 00:55]
CustomCLSID: HKU\S-1-5-21-2893592886-4133754699-2489620301-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Draeg\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21161.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2893592886-4133754699-2489620301-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Draeg\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
CustomCLSID: HKU\S-1-5-21-2893592886-4133754699-2489620301-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-2893592886-4133754699-2489620301-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.21.9.25\NavShExt.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.21.9.25\NavShExt.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Windows\System32\atiacm64.dll [2020-12-07] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.21.9.25\NavShExt.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-2893592886-4133754699-2489620301-1001: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Draeg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Hangouts Google.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=knipolnnllmklapflnccelgolnpehhpl
ShortcutWithArgument: C:\Users\Draeg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Anaconda Prompt (anaconda).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" E:\anaconda\Scripts\activate.bat E:\anaconda
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.21.9.25\coIEPlg.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2021-09-15] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2021-09-15] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine32\22.21.9.25\coIEPlg.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.21.9.25\coIEPlg.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.21.9.25\coIEPlg.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\sharepoint.com -> hxxps://eskola-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2020-12-25 13:14 - 000000039 ____N C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
Network Binding:
=============
VPN - VPN Client: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
VPN - VPN Client: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
VirtualBox Host-Only Network: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Připojení k místní síti: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Připojení k místní síti: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_32C7B48F92CD06D05B6EE9E3E54CA62B"
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\StartupApproved\Run: => "electron.app.Honey Miner"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{762E22DE-3C23-45B0-ADDA-AE582D217DA3}] => (Allow) E:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{AC27C5D5-81BE-4E45-898A-2FD0996D71D7}] => (Allow) E:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{3334B8D4-2A96-4403-99D3-B71758C6846C}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{9C0BC41B-0C8F-44C6-A0F7-2E965ABAEC29}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{760ECFED-30C9-49BD-9630-AAA043E016AF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3E17CF80-0AA3-4FE8-913A-AE1A4C7EBDB2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{84BBAACE-28A3-4ECC-BBE5-15BF34A07BB3}] => (Allow) E:\Steam\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{50821D0C-0447-48CB-A305-D85745520898}] => (Allow) E:\Steam\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{E17B764B-F9AD-4A05-987C-19EFC6E142DE}] => (Allow) E:\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{73C2C48B-808A-4E41-8187-64CA631164F6}] => (Allow) E:\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{812E963D-F288-4D0C-A1CA-B183E9049DAD}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{A7A89DC4-3D6F-44A1-96DE-FFDE56C92B9A}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [TCP Query User{64C85F5C-4424-48D0-B97A-29C6E3031580}C:\program files\amd\cnext\cnext\radeonsoftware.exe] => (Allow) C:\program files\amd\cnext\cnext\radeonsoftware.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [UDP Query User{D29A3B5D-9CDD-41E1-B3AA-8E1D69E20D37}C:\program files\amd\cnext\cnext\radeonsoftware.exe] => (Allow) C:\program files\amd\cnext\cnext\radeonsoftware.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [{5E3162C5-FB3B-45E7-AAAE-B99BBBFA3A63}] => (Allow) E:\SoftEthernet\SoftEther VPN Client\vpncmd_x64.exe => No File
FirewallRules: [{E5EC2341-7ED7-4F7E-8555-79B95634CB49}] => (Allow) E:\SoftEthernet\SoftEther VPN Client\vpnclient_x64.exe => No File
FirewallRules: [{47E25583-68A0-4111-BB48-6F39AD17B137}] => (Allow) E:\SoftEthernet\SoftEther VPN Client\vpncmgr.exe => No File
FirewallRules: [{EFEC4CE0-8B9E-409B-8622-914211F82434}] => (Allow) E:\SoftEthernet\SoftEther VPN Client\vpncmgr_x64.exe => No File
FirewallRules: [{99C490BB-AA39-4CA9-8ED6-450BDB66A588}] => (Allow) E:\SoftEthernet\SoftEther VPN Client\vpncmd.exe => No File
FirewallRules: [{682F572A-EFA7-4090-A033-78E564E49883}] => (Allow) E:\SoftEthernet\SoftEther VPN Client\vpnclient.exe => No File
FirewallRules: [{AB7CE6E2-DA04-416A-BBC6-6587895A9067}] => (Allow) E:\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{C5A72D48-42F2-4142-BCDE-08C47DC7A684}] => (Allow) E:\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{931FD824-1193-4640-9031-A0AAB32B9DBF}] => (Allow) E:\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe () [File not signed]
FirewallRules: [{498FABEE-2903-4791-A288-B2483BA54951}] => (Allow) E:\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe () [File not signed]
FirewallRules: [{9F4BC991-69AE-47B7-BD36-A123C383E16D}] => (Allow) C:\Users\Draeg\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{D5651ECA-3978-43E1-97DC-8531CFA7DEDF}] => (Allow) C:\Users\Draeg\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{D49A019F-2BD0-40C0-8AF0-3F415E2C1FA6}] => (Allow) E:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [{FF558230-5D62-4F98-A35F-7AB0029D50AC}] => (Allow) E:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [{8137D1EB-C72E-4366-975B-DEB43C7FD01C}] => (Allow) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E6323F55-855F-4D22-AA6E-4B983BEE74B3}] => (Allow) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E05E572F-4218-43AA-9D43-D7D39C1E980E}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{8D59CBD9-2718-4D22-88E6-0510686D4465}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{809F83AB-4D26-4A4C-8A09-476AB28CC1E0}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{34E249B1-D8CF-414D-8E91-05DE7B44EC9B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{1DAD2631-B15E-4D40-9007-DB544DC4979C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{54F649E5-948A-42FF-B328-A3E9DD76DB0F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{2FA5BB3E-0633-47D4-AE80-8EB0C1796C88}] => (Allow) E:\Steam\steamapps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{9E5DCF8E-193C-4302-A802-43CCC87F09A7}] => (Allow) E:\Steam\steamapps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{D5C8311D-1671-4395-BBC2-58B580DD0442}] => (Allow) E:\Steam\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
FirewallRules: [{EF9504C1-CC1F-4460-94DC-1CFD979BDA8F}] => (Allow) E:\Steam\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
FirewallRules: [{EFBACA34-F7A1-4822-954B-E8CA986E602D}] => (Allow) E:\Steam\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [{F1F7682C-675B-41C8-8AAD-9DB00CBF31FB}] => (Allow) E:\Steam\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [{014AE090-6ECB-45B2-B151-13C8E2F930B1}] => (Allow) E:\Steam\steamapps\common\Business Tour\BusinessTour.exe () [File not signed]
FirewallRules: [{81A51F57-493D-46E3-9D14-6A5C30D987C2}] => (Allow) E:\Steam\steamapps\common\Business Tour\BusinessTour.exe () [File not signed]
FirewallRules: [{45111B9F-D6D0-47B8-ABB8-6E8AD53BE625}] => (Allow) E:\Steam\steamapps\common\Battlerite\Battlerite.exe (Stunlock Studios AB -> )
FirewallRules: [{942D62ED-92B6-40C4-ABBC-1CDE66984410}] => (Allow) E:\Steam\steamapps\common\Battlerite\Battlerite.exe (Stunlock Studios AB -> )
FirewallRules: [{9AFAE17B-DF8E-4B6A-A7CD-F8C2A184AB7E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F63471CA-A3EC-4DDA-AE36-432EEF3FCF6A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B846B665-9E6A-4D4A-9E7F-5F5A97078F9A}] => (Allow) E:\Steam\steamapps\common\Black Desert Online\BlackDesertLauncher.exe (Pearl abyss Corp -> Pearlabyss)
FirewallRules: [{98676DB0-E980-4597-893D-4DC59EF42BA7}] => (Allow) E:\Steam\steamapps\common\Black Desert Online\BlackDesertLauncher.exe (Pearl abyss Corp -> Pearlabyss)
FirewallRules: [{F47493F5-143B-4FBD-83C1-B2298DC9EEF9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7A77F393-6B0A-475F-B245-C9C0071AD51C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BB23C26E-280E-47FE-BC51-F78C79C526A4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{627BBCC0-4C4C-4BCB-9532-7A4F0D5D2367}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F696734C-8A40-4807-9E3A-9AE5CC79779D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AF0D3F48-306F-4C53-9C3A-0F0F84D0821A}] => (Allow) E:\Steam\steamapps\common\New World\NewWorldLauncher.exe (Amazon.com Services LLC -> EasyAntiCheat Ltd)
FirewallRules: [{A7915891-C99B-4086-9A18-E5A4ACC385C9}] => (Allow) E:\Steam\steamapps\common\New World\NewWorldLauncher.exe (Amazon.com Services LLC -> EasyAntiCheat Ltd)
FirewallRules: [{21EA6D8C-555E-49D1-B61C-75EF33BCEADE}] => (Allow) E:\Steam\steamapps\common\Don't Starve Together\bin64\dontstarve_steam_x64.exe () [File not signed]
FirewallRules: [{02D2F8EA-6573-4E78-B69F-7572F260490B}] => (Allow) E:\Steam\steamapps\common\Don't Starve Together\bin64\dontstarve_steam_x64.exe () [File not signed]
FirewallRules: [{BF63DA8D-F86E-4204-95A9-3117CE6F6967}] => (Allow) E:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{0D10659E-C9A7-47C9-B87E-C4CCBC91AFE1}] => (Allow) E:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{66335E88-D49B-4A40-BCD6-8991A6651793}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1FE7B9AC-93CB-4B01-AD0D-44DF89FAB698}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8A09538A-F76B-4F1E-AF56-7D8641AFA205}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5DB6380D-4654-4A9D-80B1-FCE5F78123DE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{92ECD51C-4BEE-4E37-AC69-4EE8BA05CA88}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A19D2F62-5289-4628-95C6-6B43332FD57E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BC11C8D7-DCA0-4196-90B8-B90BB8E0F540}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B3219114-AF6B-4986-BE96-DD5236579555}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D0D5EBFF-BBF0-4AA9-87AB-25948CFEFB3C}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\95.0.1020.30\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{203FFD7D-98EB-424C-8828-5DE9D117A253}] => (Allow) C:\Program Files (x86)\Overwolf\0.180.0.6\OverwolfBrowser.exe => No File
FirewallRules: [{D6663BC8-10E9-4CB9-898C-120EE826D723}] => (Allow) C:\Program Files (x86)\Overwolf\0.180.0.6\OverwolfBrowser.exe => No File
FirewallRules: [{CFCE9CF9-5C96-414D-BC51-F2DA5199F54E}] => (Block) C:\Program Files (x86)\Overwolf\0.180.0.6\OverwolfBrowser.exe => No File
FirewallRules: [{D76DF6E4-E186-4FDB-BC40-512054C83168}] => (Block) C:\Program Files (x86)\Overwolf\0.180.0.6\OverwolfBrowser.exe => No File
FirewallRules: [{4FCD05E5-5F8B-4035-AEBD-7332B9A07E84}] => (Allow) C:\Program Files (x86)\Overwolf\0.181.0.11\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{B24396F9-057B-4825-BEFE-993349D29E84}] => (Allow) C:\Program Files (x86)\Overwolf\0.181.0.11\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{459FC2DC-74D8-44B9-A14F-EA3F22D124C1}] => (Block) C:\Program Files (x86)\Overwolf\0.181.0.11\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{02160530-8DC3-4E04-9ED0-2806A01F87B1}] => (Block) C:\Program Files (x86)\Overwolf\0.181.0.11\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{ED58B9FD-CB8A-41BC-A8A4-B1DEE0E44744}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:111.29 GB) (Free:28.75 GB) (26%)
==================== Faulty Device Manager Devices ============
Name: VPN Client Adapter - VPN
Description: VPN Client Adapter - VPN
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: SoftEther Corporation
Service: Neo_VPN
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (10/25/2021 10:24:56 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-AS0B6H5)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (10/25/2021 09:44:40 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-AS0B6H5)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (10/25/2021 09:44:22 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-AS0B6H5)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (10/25/2021 09:41:50 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-AS0B6H5)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (10/25/2021 09:40:06 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-AS0B6H5)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (10/25/2021 09:22:33 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-AS0B6H5)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (10/25/2021 09:22:10 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-AS0B6H5)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (10/25/2021 09:20:12 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-AS0B6H5)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
System errors:
=============
Error: (10/26/2021 11:33:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hotspot Shield Service 10.22.4 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (10/26/2021 11:33:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba EABackgroundService byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/26/2021 11:33:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Steam Client Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/26/2021 11:33:50 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (10/26/2021 11:33:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Origin Web Helper Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/26/2021 11:33:50 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Realtek Audio Universal Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (10/26/2021 11:33:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AdobeUpdateService byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/26/2021 11:33:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba PnkBstrA byla neočekávaně ukončena. Tento stav nastal již 1krát.
CodeIntegrity:
===============
Date: 2021-10-26 09:55:11
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume6\Program Files\Norton Security\Engine\22.21.9.25\symamsi.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. F52 08/03/2020
Motherboard: Gigabyte Technology Co., Ltd. A320M-S2H-CF
Processor: AMD Ryzen 5 2600X Six-Core Processor
Percentage of memory in use: 38%
Total physical RAM: 16335.43 MB
Available physical RAM: 10080.98 MB
Total Virtual: 25039.43 MB
Available Virtual: 15883.08 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.29 GB) (Free:28.75 GB) NTFS
Drive d: (škola) (Fixed) (Total:37.27 GB) (Free:33.22 GB) NTFS
Drive e: (Nový svazek) (Fixed) (Total:931.4 GB) (Free:210.74 GB) NTFS
\\?\Volume{1a613d24-dd4d-40d1-8387-07f300dc213d}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
\\?\Volume{bf37e43f-f555-c906-93c7-a1f771a2cef9}\ () (Fixed) (Total:0.41 GB) (Free:0 GB) NTFS
\\?\Volume{126f0fba-3125-46dd-b0d9-efcbe18e62db}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 37.3 GB) (Disk ID: A49DC55B)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 54B26478)
Partition: GPT.
==========================================================
Disk: 2 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)
Partition: GPT.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 3.
==================== End of Addition.txt =======================
frst:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-10-2021
Ran by Draeg (administrator) on DESKTOP-AS0B6H5 (Gigabyte Technology Co., Ltd. A320M-S2H) (26-10-2021 14:40:45)
Running from E:\Stažené soubory
Loaded Profiles: Draeg
Platform: Microsoft Windows 10 Pro Version 20H2 19042.1288 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <32>
(HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Draeg\AppData\Local\Microsoft\Teams\current\Teams.exe <9>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.58.14001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NortonLifeLock Inc. -> Broadcom) C:\Program Files\Norton Security\Engine\22.21.9.25\NortonSecurity.exe <2>
(NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security\Engine\22.21.9.25\nsWscSvc.exe
(Pango Inc. -> Pango Inc.) C:\Program Files (x86)\Hotspot Shield\10.22.4\bin\cmw_srv.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [961824 2019-08-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [101284632 2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-19\...\Run: [] => [X]
HKU\S-1-5-20\...\Run: [] => [X]
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Run: [GoogleChromeAutoLaunch_32C7B48F92CD06D05B6EE9E3E54CA62B] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Run: [Steam] => E:\Steam\steam.exe [4267928 2021-10-13] (Valve -> Valve Corporation)
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Run: [EpicGamesLauncher] => E:\EpicGames\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33310688 2021-09-07] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Draeg\AppData\Local\Microsoft\Teams\Update.exe [2455256 2021-10-01] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1806680 2021-10-07] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Run: [] => [X]
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Users\Draeg\AppData\Local\Programs\Zoner\ZPS X\binary\Program32\ZPSTRAY.EXE [811680 2021-06-18] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-18\...\Run: [] => [X]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\95.0.4638.54\Installer\chrmstp.exe [2021-10-26] (Google LLC -> Google LLC)
Startup: C:\Users\Draeg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HoneygainUpdater.lnk [2021-06-02]
ShortcutTarget: HoneygainUpdater.lnk -> E:\HoneyGain\HoneygainUpdater.exe (OOO "XMAC" -> Honeygain)
Startup: C:\Users\Draeg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2021-04-07]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {187122C7-08CD-44C4-A7D8-DFD39170CB14} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1710472 2020-12-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {1B8DA55F-A5A7-47ED-806B-B9262D21A383} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-25] (Google LLC -> Google LLC)
Task: {2177EF77-AD1E-42A9-A0E1-2509F11B2CCF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5729224 2021-10-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {254BDDD3-167E-4B2B-B3ED-B3D0628E8C8B} - System32\Tasks\AutoStartTask => C:\Users\Draeg\AppData\Local\DriverAssist\app-5.0.0-retail0017\DriverAssist.exe
Task: {2B1D3125-1C73-4FB4-B2FC-0DC129FBDE27} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-12-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {395904E9-A4A6-4B4D-83F6-B47877F91FA8} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.21.9.25\WSCStub.exe [646520 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {3F0BB5CC-070F-44BA-8BF0-715268CCA792} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-25] (Google LLC -> Google LLC)
Task: {427137F2-96CC-4880-A148-9D0C9D6C18E2} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.21.9.25\SymErr.exe [108752 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {4C641AD1-18F6-4EAD-8463-885D3127B507} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.21.9.25\SymErr.exe [108752 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {54286CFD-4534-4191-B07A-D658D624B255} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2353000 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {63AF28E3-D229-4AFF-BDF0-4CA046E23D04} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1710472 2020-12-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {70C2E10E-127A-4831-A023-DF1DCCE29D03} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5729224 2021-10-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {797E78AB-E220-4922-B6C5-9BE90D22E6CC} - System32\Tasks\Zoner.Updater.S-1-5-21-2893592886-4133754699-2489620301-1001 => C:\ProgramData\Zoner\Zoner.Installer.Core\Updater.exe [1602464 2021-07-09] (ZONER software, a.s. -> ZONER software, a.s.)
Task: {80D5F719-0A51-4268-A179-BDB6741A5413} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-12-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {939E8F2F-8E79-40DA-A6DC-5C3EAD837995} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [134504 2021-10-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {A5C9DA60-5A61-4C88-ADE1-A79F4512CEB4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [134504 2021-10-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {AE08FBEE-02AD-4C3A-903E-187C7905814A} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2484568 2021-10-07] (Overwolf Ltd -> Overwolf LTD)
Task: {B77A2B5D-971A-4531-B1E4-78984196B0CE} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21978504 2021-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {DC81F515-3543-4BF3-BB51-7815F5A4F631} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [1145 2020-12-04] () [File not signed]
Task: {E734585E-F45C-4941-B21D-A61A36536769} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21978504 2021-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {F3BF519F-8D76-4D1E-8B2A-15B30C1226D3} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.21.9.25\SymErr.exe [108752 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {F5CC1621-B5B8-4462-AB50-CB949F4AB376} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NoUACCheck
Task: {FD4DE7DC-9A49-4528-B5C9-9AFEFCC735F9} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1710472 2020-12-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{01e84170-00bb-4287-a61e-bf149ab03eaf}: [DhcpNameServer] 192.168.0.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Draeg\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-25]
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2021-09-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2021-09-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [File not signed]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default [2021-10-26]
CHR DownloadDir: E:\Stažené soubory
CHR HomePage: Default -> hxxps//www.seznam.cz/
CHR StartupUrls: Default -> "hxxp//www.omniboxes.com/?type=hp&ts=142409595 ... oogle.com/"
CHR Extension: (Prezentace) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-12-25]
CHR Extension: (Dokumenty) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-12-25]
CHR Extension: (Disk Google) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-25]
CHR Extension: (JSON Formatter) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcjindcccaagfpapjjmafapmmgkkhgoa [2021-10-26]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2021-10-26]
CHR Extension: (YouTube) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-12-25]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-09-01]
CHR Extension: (Watch2Gether) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\cimpffimgeipdhnhjohpbehjkcdpjolg [2021-06-01]
CHR Extension: (Tampermonkey) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2021-06-04]
CHR Extension: (Anti Testportal) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpgfbfopkfdfmlfdpmoanamopdnibhkl [2021-02-25]
CHR Extension: (Tabulky) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-12-25]
CHR Extension: (Norton Safe Web) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnpbeacklnhmkkilekogeiekaglbmmka [2021-10-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-14]
CHR Extension: (Hangouts Google) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2021-08-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-25]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9251696 2021-10-11] (Microsoft Corporation -> Microsoft Corporation)
S2 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [9846680 2021-10-26] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2021-10-01] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [926176 2021-03-16] (Epic Games Inc. -> Epic Games, Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-08] (HP Inc. -> HP Inc.)
R2 hshld_10.22.4; C:\Program Files (x86)\Hotspot Shield\10.22.4\bin\cmw_srv.exe [242776 2021-10-22] (Pango Inc. -> Pango Inc.)
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.21.9.25\NortonSecurity.exe [343336 2021-09-29] (NortonLifeLock Inc. -> Broadcom)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.21.9.25\nsWscSvc.exe [1058664 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 Origin Client Service; E:\origin\OriginClientService.exe [2533952 2021-01-21] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; E:\origin\OriginWebHelperService.exe [3479624 2021-01-21] (Electronic Arts, Inc. -> Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2484568 2021-10-07] (Overwolf Ltd -> Overwolf LTD)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2021-03-22] (Even Balance, Inc. -> )
S3 Rockstar Service; E:\Rockstar Games\Launcher\RockstarService.exe [1934744 2021-07-22] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5414976 2021-10-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 VBoxSDS; E:\oracle\Virtual Box\VBoxSDS.exe [746504 2020-10-16] (Oracle Corporation -> Oracle Corporation)
S3 wampapache64; E:\wamp64\bin\apache\apache2.4.41\bin\httpd.exe [29696 2019-08-09] (Apache Software Foundation) [File not signed]
S3 wampmariadb64; E:\wamp64\bin\mariadb\mariadb10.4.10\bin\mysqld.exe [15837608 2019-11-07] (MariaDB Corporation Ab -> )
S3 wampmysqld64; E:\wamp64\bin\mysql\mysql8.0.18\bin\mysqld.exe [48781920 2019-09-20] (Oracle America, Inc. -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2108.7-0\NisSrv.exe [2772856 2021-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2108.7-0\MsMpEng.exe [136640 2021-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 EraserSvc11911; "C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\NortonSecurity.exe" /h ccCommon [X]
S2 EraserSvc11912; "C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\NortonSecurity.exe" /h ccCommon [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AMDXE; C:\Windows\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.20.5.40\Definitions\BASHDefs\20211020.011\BHDrvx64.sys [2018784 2021-09-15] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 ccSet_NGC; C:\Windows\System32\drivers\NGCx64\1615090.019\ccSetx64.sys [192256 2021-09-29] (Symantec Corporation -> Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [516168 2021-10-14] (Symantec Corporation -> Broadcom)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153672 2021-02-10] (Symantec Corporation -> Broadcom)
S3 gdrv2; C:\Windows\gdrv2.sys [32600 2020-12-25] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R3 hsstap; C:\Windows\System32\drivers\hsstap.sys [39424 2020-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Pango)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.20.5.40\Definitions\IPSDefs\20211025.061\IDSvia64.sys [1480144 2021-09-28] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 Neo_VPN; C:\Windows\System32\drivers\Neo6_x64_VPN.sys [37824 2021-01-02] (SoftEther Corporation -> SoftEther Corporation)
R1 npcap; C:\Windows\system32\DRIVERS\npcap.sys [74616 2020-12-11] (Insecure.Com LLC -> Insecure.Com LLC.)
S3 nsvst_NGC; C:\Windows\System32\drivers\NGCx64\1615090.019\nsvst.sys [56080 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R1 pango_netfilter2; C:\Windows\System32\drivers\pango_netfilter2.sys [94600 2021-10-22] (Pango Inc. -> Pango Inc)
R1 SRTSP; C:\Windows\System32\drivers\NGCx64\1615090.019\SRTSP64.SYS [892600 2021-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SRTSPX; C:\Windows\System32\drivers\NGCx64\1615090.019\SRTSPX64.SYS [48832 2021-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R0 SymEFASI; C:\Windows\System32\drivers\NGCx64\1615090.019\SYMEFASI64.SYS [2059952 2021-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S0 SymELAM; C:\Windows\System32\drivers\NGCx64\1615090.019\SymELAM.sys [31976 2021-09-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [93152 2021-08-06] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.20.5.40\SymPlatform\SymEvnt.sys [712432 2021-07-13] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\Windows\System32\drivers\NGCx64\1615090.019\Ironx64.SYS [319176 2021-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymNetS; C:\Windows\System32\drivers\NGCx64\1615090.019\symnets.sys [575344 2021-09-29] (Symantec Corporation -> Symantec Corporation)
R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [239432 2020-10-16] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [249344 2020-10-16] (Oracle Corporation -> Oracle Corporation)
R3 vjoy; C:\Windows\system32\DRIVERS\vjoy.sys [67448 2019-07-14] (On-site Dental Systems (Justin Shafer) -> Shaul Eizikovich)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [48536 2021-09-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [433384 2021-09-18] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86264 2021-09-18] (Microsoft Windows -> Microsoft Corporation)
S3 wpCtrlDrv_NGC; C:\Windows\System32\drivers\NGCx64\1615090.019\wpCtrlDrv.sys [1015760 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
U4 npcap_wifi; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-10-26 14:36 - 2021-10-26 14:36 - 000000000 ____D C:\Windows\system32\Tasks\Remediation
2021-10-26 10:02 - 2021-10-26 14:40 - 000000000 ____D C:\FRST
2021-10-26 09:39 - 2021-10-26 09:40 - 000000000 ____D C:\AdwCleaner
2021-10-25 14:46 - 2021-10-25 14:46 - 000075712 _____ C:\Users\Draeg\Documents\sezona2021.veg
2021-10-25 12:30 - 2021-10-25 17:53 - 000000000 ____D C:\Users\Draeg\AppData\Roaming\vlc
2021-10-25 12:30 - 2021-10-25 12:30 - 000001143 _____ C:\Users\Public\Desktop\VLC media player.lnk
2021-10-25 12:30 - 2021-10-25 12:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2021-10-25 12:30 - 2021-10-25 12:30 - 000000000 ____D C:\Program Files (x86)\VideoLAN
2021-10-24 21:49 - 2021-10-24 21:49 - 000000000 ____D C:\Users\Draeg\AppData\Local\NPE
2021-10-24 13:44 - 2021-10-24 13:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
2021-10-24 13:44 - 2021-10-24 13:44 - 000000000 ____D C:\Program Files (x86)\Hotspot Shield
2021-10-24 13:44 - 2021-10-22 10:08 - 000094600 _____ (Pango Inc) C:\Windows\system32\Drivers\pango_netfilter2.sys
2021-10-22 16:47 - 2021-10-22 16:47 - 001720972 _____ C:\Windows\Minidump\102221-12781-01.dmp
2021-10-22 16:35 - 2021-10-22 16:35 - 000025576 _____ (EasyAntiCheat Oy) C:\Windows\system32\eac_usermode_138117435135266.dll
2021-10-22 09:56 - 2021-10-22 10:18 - 000000000 ____D C:\Users\Draeg\Downloads\bot
2021-10-22 09:44 - 2021-10-22 09:44 - 000000000 ____D C:\Users\Draeg\AppData\Local\Yandex
2021-10-21 19:52 - 2021-10-22 16:47 - 1560943642 _____ C:\Windows\MEMORY.DMP
2021-10-21 19:52 - 2021-10-22 16:47 - 000000000 ____D C:\Windows\Minidump
2021-10-21 19:52 - 2021-10-21 19:52 - 002520332 _____ C:\Windows\Minidump\102121-12109-01.dmp
2021-10-15 17:28 - 2021-10-15 17:28 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2021-10-15 17:28 - 2021-10-15 17:28 - 000005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2021-10-15 17:27 - 2021-10-15 17:27 - 001823296 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2021-10-15 17:27 - 2021-10-15 17:27 - 001393504 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2021-10-15 17:27 - 2021-10-15 17:27 - 000706536 _____ C:\Windows\system32\TextShaping.dll
2021-10-15 17:27 - 2021-10-15 17:27 - 000611960 _____ C:\Windows\SysWOW64\TextShaping.dll
2021-10-15 17:27 - 2021-10-15 17:27 - 000593920 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2021-10-15 17:27 - 2021-10-15 17:27 - 000570368 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2021-10-15 17:27 - 2021-10-15 17:27 - 000452096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2021-10-15 17:27 - 2021-10-15 17:27 - 000449024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2021-10-15 17:27 - 2021-10-15 17:27 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2021-10-15 17:27 - 2021-10-15 17:27 - 000203264 _____ C:\Windows\system32\uwfcfgmgmt.dll
2021-10-15 17:27 - 2021-10-15 17:27 - 000158208 _____ C:\Windows\system32\uwfcsp.dll
2021-10-15 17:27 - 2021-10-15 17:27 - 000098304 _____ C:\Windows\system32\Drivers\cimfs.sys
2021-10-15 17:27 - 2021-10-15 17:27 - 000040960 _____ C:\Windows\system32\uwfservicingapi.dll
2021-10-15 17:27 - 2021-10-15 17:27 - 000011495 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-10-15 17:20 - 2021-10-15 17:20 - 000000000 ___HD C:\$WinREAgent
2021-10-10 14:47 - 2021-10-10 14:47 - 000000605 _____ C:\Users\Draeg\Desktop\Riot Client.lnk
2021-10-09 13:49 - 2021-10-26 12:03 - 000000000 ____D C:\Windows\system32\Tasks\Norton Security
2021-10-09 13:49 - 2021-10-09 13:49 - 000003376 _____ C:\Windows\system32\Tasks\Norton WSC Integration
2021-10-09 13:49 - 2021-10-09 13:49 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2021-10-01 16:52 - 2021-10-13 18:04 - 000000000 ____D C:\Users\Draeg\AppData\Local\Persona
2021-10-01 16:52 - 2021-10-01 16:52 - 000000000 ____D C:\Users\Draeg\AppData\Roaming\AGS
2021-10-01 16:51 - 2021-10-01 16:51 - 000000000 ____D C:\Users\Draeg\AppData\Local\AGS
2021-10-01 13:10 - 2021-10-01 13:10 - 000000203 _____ C:\Users\Draeg\Desktop\New World.url
2021-09-29 20:36 - 2021-09-29 20:36 - 000002249 _____ C:\Users\Public\Desktop\EA.lnk
2021-09-28 19:41 - 2021-10-26 11:33 - 000000000 ____D C:\Users\Draeg\AppData\Roaming\Code
2021-09-28 19:41 - 2021-10-22 10:31 - 000000000 ____D C:\Users\Draeg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2021-09-28 19:41 - 2021-09-28 19:41 - 000000730 _____ C:\Users\Draeg\Desktop\Visual Studio Code.lnk
2021-09-28 19:41 - 2021-09-28 19:41 - 000000000 ____D C:\Users\Draeg\.vscode
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-10-26 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-26 14:05 - 2020-12-24 23:52 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-26 13:58 - 2020-09-27 07:55 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-10-26 11:55 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-10-26 11:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2021-10-26 10:02 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2021-10-26 09:58 - 2020-12-24 23:35 - 001693576 _____ C:\Windows\system32\PerfStringBackup.INI
2021-10-26 09:58 - 2019-12-07 16:43 - 000716874 _____ C:\Windows\system32\perfh005.dat
2021-10-26 09:58 - 2019-12-07 16:43 - 000145052 _____ C:\Windows\system32\perfc005.dat
2021-10-26 09:52 - 2021-01-29 21:08 - 000002321 _____ C:\Users\Draeg\Desktop\Porofessor.gg.lnk
2021-10-26 09:52 - 2021-01-29 21:05 - 000000000 ____D C:\Users\Draeg\AppData\Local\Overwolf
2021-10-26 09:52 - 2020-12-25 01:01 - 000003126 _____ C:\Windows\system32\Tasks\AMDInstallLauncher
2021-10-26 09:52 - 2020-12-25 00:55 - 000000000 ___RD C:\Users\Draeg\OneDrive - Vyssi odborna skola a Stredni skola technicka Ceska Trebova
2021-10-26 09:52 - 2020-12-25 00:51 - 000003110 _____ C:\Windows\system32\Tasks\AMDLinkUpdate
2021-10-26 09:52 - 2020-12-24 23:33 - 000000000 ___RD C:\Users\Draeg\OneDrive
2021-10-26 09:52 - 2019-12-07 11:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2021-10-26 09:51 - 2020-12-24 23:56 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2021-10-26 09:51 - 2020-09-27 09:56 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-10-26 09:51 - 2020-09-27 07:55 - 000008192 ___SH C:\DumpStack.log.tmp
2021-10-26 09:51 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI
2021-10-26 08:59 - 2020-12-25 00:06 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-26 08:59 - 2020-12-25 00:06 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-10-25 22:19 - 2020-12-25 01:30 - 000000000 ____D C:\Users\Draeg\AppData\Roaming\discord
2021-10-25 22:06 - 2020-12-25 01:30 - 000000000 ____D C:\Users\Draeg\AppData\Local\Discord
2021-10-25 16:21 - 2020-12-25 01:20 - 000000000 ____D C:\ProgramData\Riot Games
2021-10-25 14:46 - 2021-01-28 19:48 - 000000000 ____D C:\Users\Draeg\AppData\LocalLow\Adobe
2021-10-25 14:22 - 2020-12-24 23:34 - 000000000 ____D C:\Users\Draeg\AppData\Local\PlaceholderTileLogoFolder
2021-10-25 13:45 - 2020-12-24 23:32 - 000000000 ____D C:\Users\Draeg\AppData\Local\Packages
2021-10-25 12:12 - 2021-01-30 00:26 - 000000000 ____D C:\Users\Draeg\AppData\Roaming\VEGAS
2021-10-25 08:21 - 2021-01-29 21:07 - 000000000 ____D C:\Program Files (x86)\Overwolf
2021-10-24 21:49 - 2020-12-25 00:16 - 000000000 ____D C:\ProgramData\Norton
2021-10-24 16:53 - 2020-12-24 23:50 - 000000000 ____D C:\Users\Draeg\AppData\Local\D3DSCache
2021-10-24 13:44 - 2021-08-30 08:14 - 000001251 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk
2021-10-24 13:44 - 2021-01-02 13:12 - 000000000 ____D C:\ProgramData\Hotspot Shield
2021-10-24 13:44 - 2020-12-25 00:18 - 000000000 ____D C:\ProgramData\Package Cache
2021-10-22 23:22 - 2020-12-24 23:30 - 000000000 ____D C:\Users\Draeg
2021-10-22 19:49 - 2020-12-25 14:41 - 002220488 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2021-10-22 19:49 - 2020-12-25 14:41 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2021-10-22 19:48 - 2020-12-25 14:41 - 000324048 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2021-10-22 19:48 - 2020-12-25 14:41 - 000217544 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy.dll
2021-10-22 19:48 - 2020-12-25 14:41 - 000197040 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2021-10-22 19:48 - 2020-12-25 14:41 - 000061896 _____ (Microsoft Corporation) C:\Windows\system32\gamemodcontrol.exe
2021-10-22 18:42 - 2020-09-27 09:58 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-10-22 18:42 - 2020-09-27 09:58 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-10-22 13:26 - 2020-12-25 01:36 - 000000000 ____D C:\Users\Draeg\AppData\Roaming\TS3Client
2021-10-22 09:45 - 2021-01-13 13:59 - 000000000 ____D C:\Users\Draeg\AppData\Local\CrashDumps
2021-10-21 19:31 - 2020-12-24 23:33 - 000003380 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2893592886-4133754699-2489620301-1001
2021-10-21 19:31 - 2020-12-24 23:30 - 000002381 _____ C:\Users\Draeg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-10-21 19:30 - 2020-12-25 00:53 - 000000000 ____D C:\Users\Draeg\AppData\Local\AMD_Common
2021-10-19 18:27 - 2020-12-25 01:21 - 000000000 ____D C:\Program Files\Microsoft Office
2021-10-15 19:04 - 2020-09-27 07:55 - 000533528 _____ C:\Windows\system32\FNTCACHE.DAT
2021-10-15 19:03 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-10-15 19:03 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\UNP
2021-10-15 19:03 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-10-15 19:03 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2021-10-15 19:03 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2021-10-15 19:03 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2021-10-15 19:03 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2021-10-15 19:03 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-10-15 19:03 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\DiagTrack
2021-10-15 19:03 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2021-10-15 17:30 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2021-10-14 18:47 - 2020-12-24 23:38 - 000000000 ____D C:\Windows\system32\MRT
2021-10-14 18:45 - 2020-12-24 23:38 - 139806512 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-10-13 15:12 - 2020-12-25 13:02 - 000000000 ____D C:\ProgramData\Zoner
2021-10-12 18:55 - 2020-12-27 16:28 - 000000000 ____D C:\Users\Draeg\AppData\Roaming\.minecraft
2021-10-12 14:43 - 2020-09-27 09:59 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-10-10 14:47 - 2020-12-25 01:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2021-10-10 12:36 - 2020-09-27 09:58 - 000003584 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-10 12:36 - 2020-09-27 09:58 - 000003460 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-10-09 16:08 - 2020-12-25 01:42 - 000000000 ____D C:\Program Files\Common Files\AV
2021-10-09 13:49 - 2020-12-25 00:23 - 000002420 _____ C:\Users\Public\Desktop\Norton Security.lnk
2021-10-09 13:49 - 2020-12-25 00:16 - 000000000 ____D C:\Windows\system32\Drivers\NGCx64
2021-10-01 17:59 - 2020-12-24 23:52 - 000003474 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-10-01 17:59 - 2020-12-24 23:52 - 000003350 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-10-01 16:51 - 2021-03-25 11:45 - 000000000 ____D C:\Users\Draeg\AppData\Roaming\EasyAntiCheat
2021-10-01 16:32 - 2020-12-25 12:17 - 000002368 _____ C:\Users\Draeg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-10-01 16:32 - 2020-12-25 12:17 - 000002360 _____ C:\Users\Draeg\Desktop\Microsoft Teams.lnk
2021-10-01 14:48 - 2021-02-12 18:02 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-10-01 13:42 - 2020-12-24 23:32 - 000000000 ____D C:\Users\Draeg\AppData\Local\ConnectedDevicesPlatform
2021-10-01 13:10 - 2021-06-16 08:00 - 000000000 ____D C:\Users\Draeg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-09-29 20:36 - 2021-03-19 09:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2021-09-29 19:29 - 2020-12-25 01:30 - 000002231 _____ C:\Users\Draeg\Desktop\Discord.lnk
==================== Files in the root of some directories ========
2021-01-28 19:48 - 2021-03-11 20:05 - 000000033 _____ () C:\Users\Draeg\AppData\Roaming\AdobeWLCMCache.dat
2021-01-20 09:24 - 2021-01-20 09:24 - 000000110 _____ () C:\Users\Draeg\AppData\Roaming\debug.log
2021-01-31 10:52 - 2021-05-20 11:21 - 000007380 _____ () C:\Users\Draeg\AppData\Local\oobelibMkey.log
2021-09-21 21:03 - 2021-09-21 21:03 - 000000715 _____ () C:\Users\Draeg\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-10-2021
Ran by Draeg (26-10-2021 14:41:33)
Running from E:\Stažené soubory
Microsoft Windows 10 Pro Version 20H2 19042.1288 (X64) (2020-12-24 21:28:58)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2893592886-4133754699-2489620301-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2893592886-4133754699-2489620301-503 - Limited - Disabled)
Draeg (S-1-5-21-2893592886-4133754699-2489620301-1001 - Administrator - Enabled) => C:\Users\Draeg
Guest (S-1-5-21-2893592886-4133754699-2489620301-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2893592886-4133754699-2489620301-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Security (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security (Enabled - Up to date) {AECE2126-F4E7-6909-11F2-1B69D1FBCBD0}
AV: Norton Security (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A}
FW: Norton Security (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}
FW: Norton Security (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1}
FW: Norton Security (Enabled) {96F5A003-BE88-6851-3AAD-B25C2F288CAB}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\uTorrent) (Version: 3.5.5.45852 - BitTorrent Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.0.327 - Adobe Systems Incorporated)
Adobe Illustrator CC 2017 (HKLM-x32\...\ILST_21_0_0) (Version: 21.0.0 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.12.1 - Advanced Micro Devices, Inc.)
Anaconda3 2021.05 (Python 3.8.8 64-bit) (HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Anaconda3 2021.05 (Python 3.8.8 64-bit)) (Version: 2021.05 - Anaconda, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
Cisco Packet Tracer 8.0 64Bit (HKLM\...\Cisco Packet Tracer 8.0 64Bit_is1) (Version: - Cisco Systems, Inc.)
Dia (pouze odstranit) (HKLM-x32\...\Dia) (Version: - )
Discord (HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
EA app (HKLM\...\{C2622085-ABD2-49E5-8AB9-D3D6A642C091}) (Version: 12.0.148.5025 - Electronic Arts) Hidden
EA app (HKLM-x32\...\{d3e84f4a-a180-492d-985f-40cdbc8681a1}) (Version: 12.0.148.5025 - Electronic Arts)
Epic Games Launcher (HKLM-x32\...\{FEF3A9BA-A962-4469-AD62-04839D4BB847}) (Version: 1.1.298.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{0B736177-814A-4ADE-81D1-66A0FDD55BB4}) (Version: 1.1.11.0 - Epic Games, Inc.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
GlassFish Server Open Source Edition 4.1.1 (HKLM\...\nbi-glassfish-mod-4.1.1.0.1) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 95.0.4638.54 - Google LLC)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Honeygain (HKLM-x32\...\{C1922E93-B15E-460D-9C01-53E71109C2C6}) (Version: 0.10.2.0 - Honeygain)
Hotspot Shield 10.22.4 (HKLM-x32\...\{4de134ec-1612-4548-bed4-35bf05f8cfe2}) (Version: 10.22.4.12022 - Pango Inc.)
Hotspot Shield 10.22.4 (HKLM-x32\...\{AF599C42-A2E5-4251-B7EE-4925F287F119}) (Version: 10.22.4.12022 - Pango Inc.) Hidden
Hotspot Shield 10.22.4 (HKLM-x32\...\HotspotShield) (Version: 10.22.4 - Pango Inc.) Hidden
HotspotShield TAP-Windows 9.24.4 (HKLM\...\HotspotShield TAP-Windows) (Version: 9.24.4 - Pango Inc.) Hidden
Cheat Engine 7.2 (HKLM\...\Cheat Engine_is1) (Version: - Cheat Engine)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java SE Development Kit 8 Update 101 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180101}) (Version: 8.0.1010.13 - Oracle Corporation)
JavaFX Scene Builder 2.0 (HKLM-x32\...\{B4665EB1-1F7A-44F5-AD07-C20A938E8BC2}) (Version: 2.0 - Oracle)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.14430.20306 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 95.0.1020.30 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 95.0.1020.30 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\OneDriveSetup.exe) (Version: 21.205.1003.0003 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Teams) (Version: 1.4.00.26376 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.61.2 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{27B34E47-68AE-4802-822A-9F0C187AF84A}) (Version: 1.0.0.0 - Mojang)
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts)
NetBeans IDE 8.1 (HKLM\...\nbi-nb-base-8.1.0.0.201510222201) (Version: 8.1 - NetBeans.org)
Norton Security (HKLM-x32\...\NGC) (Version: 22.21.9.25 - NortonLifeLock Inc)
Npcap (HKLM-x32\...\NpcapInst) (Version: 1.10 - Nmap Project)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.1.1 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14430.20306 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14430.20306 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 6.1.16 (HKLM\...\{8979282D-1F43-4810-B819-AA1B06F2C085}) (Version: 6.1.16 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.91.46291 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.181.0.11 - Overwolf Ltd.)
Porofessor.gg (HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Overwolf_pibhbkkgefgheeglaeemkkfjlhidhcedalapdggh) (Version: 2.7.43 - Overwolf app)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 5.0.4.543 - Jan Fiala)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Python 3.9.6 (64-bit) (HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\{178e8fd0-1b1d-4cdf-8e5c-f5f53d25e0e4}) (Version: 3.9.6150.0 - Python Software Foundation)
Python 3.9.6 Core Interpreter (64-bit) (HKLM\...\{C4B7FF79-1195-436F-AA85-28EE995151B7}) (Version: 3.9.6150.0 - Python Software Foundation) Hidden
Python 3.9.6 Development Libraries (64-bit) (HKLM\...\{D6580352-5B95-49A9-B2F3-313D12D13968}) (Version: 3.9.6150.0 - Python Software Foundation) Hidden
Python 3.9.6 Documentation (64-bit) (HKLM\...\{2994270E-FE74-49E5-98BB-E65F5F0EC304}) (Version: 3.9.6150.0 - Python Software Foundation) Hidden
Python 3.9.6 Executables (64-bit) (HKLM\...\{9BE9E7F0-F9F1-487B-A2FC-790CD2898388}) (Version: 3.9.6150.0 - Python Software Foundation) Hidden
Python 3.9.6 pip Bootstrap (64-bit) (HKLM\...\{69BCB7EC-54AF-47F2-A891-D335CE44A530}) (Version: 3.9.6150.0 - Python Software Foundation) Hidden
Python 3.9.6 Standard Library (64-bit) (HKLM\...\{4DD10049-CC97-48AE-BE76-4CB6E3111F7B}) (Version: 3.9.6150.0 - Python Software Foundation) Hidden
Python 3.9.6 Tcl/Tk Support (64-bit) (HKLM\...\{7C56D977-225C-4EBA-8308-E47DF9FA867F}) (Version: 3.9.6150.0 - Python Software Foundation) Hidden
Python 3.9.6 Test Suite (64-bit) (HKLM\...\{5C5B7907-C4E8-4E09-8CD6-3E844C7D65E2}) (Version: 3.9.6150.0 - Python Software Foundation) Hidden
Python 3.9.6 Utility Scripts (64-bit) (HKLM\...\{511119D2-41C4-48E1-A3DA-0A6A1E68AC76}) (Version: 3.9.6150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{3CC89AD9-6FF2-40BE-ADF4-8ADDD3030FCE}) (Version: 3.9.7483.0 - Python Software Foundation)
Quest Software Toad Data Modeler Freeware 2.25 (HKLM-x32\...\Quest Software Toad Data Modeler Freeware 2.25_is1) (Version: - Quest Software, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.32.1206.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8773.1 - Realtek Semiconductor Corp.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.42.369 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.8.5 - Rockstar Games)
SPEEDLINK STRIKE Gamepad (HKLM-x32\...\{DFF7CD2E-2BB5-40C3-9592-078F64677EFF}) (Version: 1.00.0000 - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.26064 - Microsoft Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 117.0.10324 - Ubisoft)
USB RACING WHEEL (HKLM-x32\...\{DED994FF-D39B-4937-9DB9-87EC4E91B316}) (Version: 1.00.0000 - Y-J-R)
VEGAS Pro 18.0 (HKLM\...\{75111FE1-CE55-11EA-8B12-00155D43CFCE}) (Version: 18.0.284 - VEGAS)
vJoy Device Driver 2.1.9.1 (HKLM\...\{8E31F76F-74C3-47F1-9550-E041EEDC5FBB}_is1) (Version: 2.1.9.1 - Shaul Eizikovich)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Vzum (HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\6cfa0c5674100ff8) (Version: 1.0.0.38 - Vzum)
Wampserver64 3.2.0 (HKLM\...\{wampserver64}_is1) (Version: 3.2.0 - Dominique Ottello aka Otomatic)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Wireshark 3.4.3 64-bit (HKLM-x32\...\Wireshark) (Version: 3.4.3 - The Wireshark developer community, hxxps//www.wireshark.org)
Zoner Callisto 5 FREE (HKLM-x32\...\ZonerCallisto5_CZ_is1) (Version: 5.0.5000.16 - ZONER software)
Zoner Photo Studio X CS (HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\ZPS X) (Version: 19.2103.2.324 - ZONER software)
Packages:
=========
1938 MG TA Midget -> C:\Program Files\WindowsApps\Microsoft.MGTA38_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
1966 Volkswagen Double Cab Pick-Up -> C:\Program Files\WindowsApps\Microsoft.VWDoubleCab61_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
1970 Triumph TR6 PI -> C:\Program Files\WindowsApps\Microsoft.TRITR670_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
1972 Lamborghini Jarama S -> C:\Program Files\WindowsApps\Microsoft.LAMJarama76_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
2017 Ferrari GTC4Lusso -> C:\Program Files\WindowsApps\Microsoft.ERGTC4Lusso_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
2018 Chevrolet Camaro ZL1 1LE -> C:\Program Files\WindowsApps\Microsoft.CHECamaro1LE18_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
2018 Morgan Aero GT -> C:\Program Files\WindowsApps\Microsoft.MORAeroGT19_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
2019 Chevrolet Corvette ZR1 -> C:\Program Files\WindowsApps\Microsoft.CHECorvetteZR_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-10-25] (Microsoft Corporation)
Forza Horizon 4 1965 Peel Trident -> C:\Program Files\WindowsApps\Microsoft.PEETrident_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2005 Honda NSX-R GT -> C:\Program Files\WindowsApps\Microsoft.HONNSXRGT_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 -> C:\Program Files\WindowsApps\Microsoft.SunriseBaseGame_1.474.687.2_x64__8wekyb3d8bbwe [2021-08-30] (Microsoft Studios)
Forza Horizon 4 1929 Mercedes-Benz SSK -> C:\Program Files\WindowsApps\Microsoft.MercedesBenzSSK_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 1953 Jaguar C-Type -> C:\Program Files\WindowsApps\Microsoft.JAGCType_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 1959 Cadillac Eldorado Biarritz Convertible -> C:\Program Files\WindowsApps\Microsoft.CADElDorado_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 1959 Porsche 356A Coupe -> C:\Program Files\WindowsApps\Microsoft.ForzaHorizon41959Porsche356ACoupe_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 1962 Triumph TR3B -> C:\Program Files\WindowsApps\Microsoft.TriumphTR3B_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 1963 Opel Kadett A -> C:\Program Files\WindowsApps\Microsoft.OpelKadettA_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 1965 Ford Transit -> C:\Program Files\WindowsApps\Microsoft.FORTransit_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 1966 Hillman Imp -> C:\Program Files\WindowsApps\Microsoft.SUNImp_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 1968 Ford Mustang GT 2+2 Fastback -> C:\Program Files\WindowsApps\Microsoft.FORMustangGT390_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 1974 Honda Civic RS -> C:\Program Files\WindowsApps\Microsoft.HONCivicRS_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 1977 Hoonigan Ford Gymkhana 10 F-150 -> C:\Program Files\WindowsApps\Microsoft.FordGymkhana_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 1985 Porsche #186 959 Paris-Dakar -> C:\Program Files\WindowsApps\Microsoft.Porsche186ParisDakar_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 1993 Hoonigan Ford Escort Cosworth Group A -> C:\Program Files\WindowsApps\Microsoft.HooniganFordEscort_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 1993 Porsche 968 Turbo S -> C:\Program Files\WindowsApps\Microsoft.POR968TurboS_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2002 Mazda RX-7 Spirit R Type-A -> C:\Program Files\WindowsApps\Microsoft.MazdaRX7SpiritR_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2003 Honda S2000 -> C:\Program Files\WindowsApps\Microsoft.HondaS2000_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2004 Vauxhall VX220 -> C:\Program Files\WindowsApps\Microsoft.VauxhallVX220_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2005 Ferrari FXX -> C:\Program Files\WindowsApps\Microsoft.FerrariFXX_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2010 Vauxhall Insignia VXR -> C:\Program Files\WindowsApps\Microsoft.VauxhallInsigniaVXR_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2012 Lamborghini Gallardo LP570-4 Spyder Performante -> C:\Program Files\WindowsApps\Microsoft.LamborghiniGallardoLP5704_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2014 McLaren 650S Spider -> C:\Program Files\WindowsApps\Microsoft.MCL650SSpider_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2016 Honda Civic Coupe GRC -> C:\Program Files\WindowsApps\Microsoft.ForzaHorizon42016HondaCivicCoupeGRC_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2017 Koenigsegg Agera RS -> C:\Program Files\WindowsApps\Microsoft.ForzaHorizon42017KoenigseggAgeraRS_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2018 Alfa Romeo Stelvio Quadrifoglio -> C:\Program Files\WindowsApps\Microsoft.AlfaStevio_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2018 Aston Martin Vantage -> C:\Program Files\WindowsApps\Microsoft.ASTVantage18_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2018 Can-Am Maverick X3 X RS Turbo R -> C:\Program Files\WindowsApps\Microsoft.CanAmMaverick_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2018 Ford Deberti Design Mustang Fastback -> C:\Program Files\WindowsApps\Microsoft.ForzaHorizon2018FordDebertiDesignMustang_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2018 Chevrolet Silverado 1500 DeBerti Design Drift Truck -> C:\Program Files\WindowsApps\Microsoft.CHEDebertiDriftTruck_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2018 Nissan SentraNismo -> C:\Program Files\WindowsApps\Microsoft.ForzaHorizon42018NissanSentraNismo_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2018 TVR Griffith -> C:\Program Files\WindowsApps\Microsoft.TVRGriffith18_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2019 BMW i8 Roadster -> C:\Program Files\WindowsApps\Microsoft.BMWi8Roadster_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 2019 Porsche 911 Carrera S -> C:\Program Files\WindowsApps\Microsoft.POR992_1.0.0.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 Barrett Jackson Car Pack -> C:\Program Files\WindowsApps\Microsoft.BJCarPack_1.0.1.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 Best of Bond Car Pack -> C:\Program Files\WindowsApps\Microsoft.Day1CarPackBits_1.0.5.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 Formula Drift Car Pack -> C:\Program Files\WindowsApps\Microsoft.FormulaDriftCarPack_1.0.3.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 Fortune Island -> C:\Program Files\WindowsApps\Microsoft.Expansion1_1.225.171.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 LEGO Speed Champions -> C:\Program Files\WindowsApps\Microsoft.Expansion2_1.312.645.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
Forza Horizon 4 VIP -> C:\Program Files\WindowsApps\Microsoft.ForzaHorizon4VIP_1.0.3.2_neutral__8wekyb3d8bbwe [2021-01-16] (Microsoft Studios)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_131.1.242.0_x64__v10z8vjag6ke6 [2021-09-29] (HP Inc.)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.9220.0_x64__8wekyb3d8bbwe [2021-10-09] (Microsoft Studios) [MS Ad]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.4.188.0_x64__dt26b99r8h8gj [2020-12-25] (Realtek Semiconductor Corp)
Sea of Thieves -> C:\Program Files\WindowsApps\Microsoft.SeaofThieves_2.105.3872.2_x64__8wekyb3d8bbwe [2021-10-21] (ms-resource:PublisherDisplayName)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0 [2021-10-13] (Spotify AB) [Startup Task]
Telly TV -> C:\Program Files\WindowsApps\4NET.TV.DIGI2GO_1.1.6.0_x64__2epghj4njp6fy [2021-01-23] (4NET.TV)
The Touryst -> C:\Program Files\WindowsApps\Shinen.TheTouryst_1.0.6.0_x64__9y1eezmggh3fe [2021-02-01] (Shin'en)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2893592886-4133754699-2489620301-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-2893592886-4133754699-2489620301-1001_Classes\CLSID\{04271989-C4D2-4FF5-359E-7F768727B0C6} -> [OneDrive - Vyssi odborna skola a Stredni skola technicka Ceska Trebova] => C:\Users\Draeg\OneDrive - Vyssi odborna skola a Stredni skola technicka Ceska Trebova [2020-12-25 00:55]
CustomCLSID: HKU\S-1-5-21-2893592886-4133754699-2489620301-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Draeg\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21161.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2893592886-4133754699-2489620301-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Draeg\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
CustomCLSID: HKU\S-1-5-21-2893592886-4133754699-2489620301-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-2893592886-4133754699-2489620301-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.21.9.25\NavShExt.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.21.9.25\NavShExt.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Windows\System32\atiacm64.dll [2020-12-07] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.21.9.25\buShell.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [NortonLifeLock.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.21.9.25\NavShExt.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-2893592886-4133754699-2489620301-1001: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Draeg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Hangouts Google.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=knipolnnllmklapflnccelgolnpehhpl
ShortcutWithArgument: C:\Users\Draeg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Anaconda Prompt (anaconda).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" E:\anaconda\Scripts\activate.bat E:\anaconda
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.21.9.25\coIEPlg.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2021-09-15] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2021-09-15] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine32\22.21.9.25\coIEPlg.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.21.9.25\coIEPlg.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.21.9.25\coIEPlg.dll [2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-30] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\sharepoint.com -> hxxps://eskola-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2020-12-25 13:14 - 000000039 ____N C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
Network Binding:
=============
VPN - VPN Client: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
VPN - VPN Client: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
VirtualBox Host-Only Network: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Připojení k místní síti: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
Připojení k místní síti: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_32C7B48F92CD06D05B6EE9E3E54CA62B"
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\StartupApproved\Run: => "electron.app.Honey Miner"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{762E22DE-3C23-45B0-ADDA-AE582D217DA3}] => (Allow) E:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{AC27C5D5-81BE-4E45-898A-2FD0996D71D7}] => (Allow) E:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{3334B8D4-2A96-4403-99D3-B71758C6846C}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{9C0BC41B-0C8F-44C6-A0F7-2E965ABAEC29}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{760ECFED-30C9-49BD-9630-AAA043E016AF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3E17CF80-0AA3-4FE8-913A-AE1A4C7EBDB2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{84BBAACE-28A3-4ECC-BBE5-15BF34A07BB3}] => (Allow) E:\Steam\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{50821D0C-0447-48CB-A305-D85745520898}] => (Allow) E:\Steam\steamapps\common\Red Dead Redemption 2\PlayRDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{E17B764B-F9AD-4A05-987C-19EFC6E142DE}] => (Allow) E:\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{73C2C48B-808A-4E41-8187-64CA631164F6}] => (Allow) E:\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{812E963D-F288-4D0C-A1CA-B183E9049DAD}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{A7A89DC4-3D6F-44A1-96DE-FFDE56C92B9A}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [TCP Query User{64C85F5C-4424-48D0-B97A-29C6E3031580}C:\program files\amd\cnext\cnext\radeonsoftware.exe] => (Allow) C:\program files\amd\cnext\cnext\radeonsoftware.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [UDP Query User{D29A3B5D-9CDD-41E1-B3AA-8E1D69E20D37}C:\program files\amd\cnext\cnext\radeonsoftware.exe] => (Allow) C:\program files\amd\cnext\cnext\radeonsoftware.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
FirewallRules: [{5E3162C5-FB3B-45E7-AAAE-B99BBBFA3A63}] => (Allow) E:\SoftEthernet\SoftEther VPN Client\vpncmd_x64.exe => No File
FirewallRules: [{E5EC2341-7ED7-4F7E-8555-79B95634CB49}] => (Allow) E:\SoftEthernet\SoftEther VPN Client\vpnclient_x64.exe => No File
FirewallRules: [{47E25583-68A0-4111-BB48-6F39AD17B137}] => (Allow) E:\SoftEthernet\SoftEther VPN Client\vpncmgr.exe => No File
FirewallRules: [{EFEC4CE0-8B9E-409B-8622-914211F82434}] => (Allow) E:\SoftEthernet\SoftEther VPN Client\vpncmgr_x64.exe => No File
FirewallRules: [{99C490BB-AA39-4CA9-8ED6-450BDB66A588}] => (Allow) E:\SoftEthernet\SoftEther VPN Client\vpncmd.exe => No File
FirewallRules: [{682F572A-EFA7-4090-A033-78E564E49883}] => (Allow) E:\SoftEthernet\SoftEther VPN Client\vpnclient.exe => No File
FirewallRules: [{AB7CE6E2-DA04-416A-BBC6-6587895A9067}] => (Allow) E:\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{C5A72D48-42F2-4142-BCDE-08C47DC7A684}] => (Allow) E:\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{931FD824-1193-4640-9031-A0AAB32B9DBF}] => (Allow) E:\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe () [File not signed]
FirewallRules: [{498FABEE-2903-4791-A288-B2483BA54951}] => (Allow) E:\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe () [File not signed]
FirewallRules: [{9F4BC991-69AE-47B7-BD36-A123C383E16D}] => (Allow) C:\Users\Draeg\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{D5651ECA-3978-43E1-97DC-8531CFA7DEDF}] => (Allow) C:\Users\Draeg\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{D49A019F-2BD0-40C0-8AF0-3F415E2C1FA6}] => (Allow) E:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [{FF558230-5D62-4F98-A35F-7AB0029D50AC}] => (Allow) E:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [{8137D1EB-C72E-4366-975B-DEB43C7FD01C}] => (Allow) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E6323F55-855F-4D22-AA6E-4B983BEE74B3}] => (Allow) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E05E572F-4218-43AA-9D43-D7D39C1E980E}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{8D59CBD9-2718-4D22-88E6-0510686D4465}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FirewallRules: [{809F83AB-4D26-4A4C-8A09-476AB28CC1E0}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{34E249B1-D8CF-414D-8E91-05DE7B44EC9B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{1DAD2631-B15E-4D40-9007-DB544DC4979C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{54F649E5-948A-42FF-B328-A3E9DD76DB0F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{2FA5BB3E-0633-47D4-AE80-8EB0C1796C88}] => (Allow) E:\Steam\steamapps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{9E5DCF8E-193C-4302-A802-43CCC87F09A7}] => (Allow) E:\Steam\steamapps\common\Fall Guys\FallGuys_client.exe (EasyAntiCheat Oy -> Epic Games, Inc)
FirewallRules: [{D5C8311D-1671-4395-BBC2-58B580DD0442}] => (Allow) E:\Steam\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
FirewallRules: [{EF9504C1-CC1F-4460-94DC-1CFD979BDA8F}] => (Allow) E:\Steam\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
FirewallRules: [{EFBACA34-F7A1-4822-954B-E8CA986E602D}] => (Allow) E:\Steam\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [{F1F7682C-675B-41C8-8AAD-9DB00CBF31FB}] => (Allow) E:\Steam\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [{014AE090-6ECB-45B2-B151-13C8E2F930B1}] => (Allow) E:\Steam\steamapps\common\Business Tour\BusinessTour.exe () [File not signed]
FirewallRules: [{81A51F57-493D-46E3-9D14-6A5C30D987C2}] => (Allow) E:\Steam\steamapps\common\Business Tour\BusinessTour.exe () [File not signed]
FirewallRules: [{45111B9F-D6D0-47B8-ABB8-6E8AD53BE625}] => (Allow) E:\Steam\steamapps\common\Battlerite\Battlerite.exe (Stunlock Studios AB -> )
FirewallRules: [{942D62ED-92B6-40C4-ABBC-1CDE66984410}] => (Allow) E:\Steam\steamapps\common\Battlerite\Battlerite.exe (Stunlock Studios AB -> )
FirewallRules: [{9AFAE17B-DF8E-4B6A-A7CD-F8C2A184AB7E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F63471CA-A3EC-4DDA-AE36-432EEF3FCF6A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B846B665-9E6A-4D4A-9E7F-5F5A97078F9A}] => (Allow) E:\Steam\steamapps\common\Black Desert Online\BlackDesertLauncher.exe (Pearl abyss Corp -> Pearlabyss)
FirewallRules: [{98676DB0-E980-4597-893D-4DC59EF42BA7}] => (Allow) E:\Steam\steamapps\common\Black Desert Online\BlackDesertLauncher.exe (Pearl abyss Corp -> Pearlabyss)
FirewallRules: [{F47493F5-143B-4FBD-83C1-B2298DC9EEF9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7A77F393-6B0A-475F-B245-C9C0071AD51C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BB23C26E-280E-47FE-BC51-F78C79C526A4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{627BBCC0-4C4C-4BCB-9532-7A4F0D5D2367}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F696734C-8A40-4807-9E3A-9AE5CC79779D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AF0D3F48-306F-4C53-9C3A-0F0F84D0821A}] => (Allow) E:\Steam\steamapps\common\New World\NewWorldLauncher.exe (Amazon.com Services LLC -> EasyAntiCheat Ltd)
FirewallRules: [{A7915891-C99B-4086-9A18-E5A4ACC385C9}] => (Allow) E:\Steam\steamapps\common\New World\NewWorldLauncher.exe (Amazon.com Services LLC -> EasyAntiCheat Ltd)
FirewallRules: [{21EA6D8C-555E-49D1-B61C-75EF33BCEADE}] => (Allow) E:\Steam\steamapps\common\Don't Starve Together\bin64\dontstarve_steam_x64.exe () [File not signed]
FirewallRules: [{02D2F8EA-6573-4E78-B69F-7572F260490B}] => (Allow) E:\Steam\steamapps\common\Don't Starve Together\bin64\dontstarve_steam_x64.exe () [File not signed]
FirewallRules: [{BF63DA8D-F86E-4204-95A9-3117CE6F6967}] => (Allow) E:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{0D10659E-C9A7-47C9-B87E-C4CCBC91AFE1}] => (Allow) E:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe () [File not signed]
FirewallRules: [{66335E88-D49B-4A40-BCD6-8991A6651793}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1FE7B9AC-93CB-4B01-AD0D-44DF89FAB698}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8A09538A-F76B-4F1E-AF56-7D8641AFA205}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5DB6380D-4654-4A9D-80B1-FCE5F78123DE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{92ECD51C-4BEE-4E37-AC69-4EE8BA05CA88}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A19D2F62-5289-4628-95C6-6B43332FD57E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BC11C8D7-DCA0-4196-90B8-B90BB8E0F540}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B3219114-AF6B-4986-BE96-DD5236579555}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.170.610.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D0D5EBFF-BBF0-4AA9-87AB-25948CFEFB3C}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\95.0.1020.30\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{203FFD7D-98EB-424C-8828-5DE9D117A253}] => (Allow) C:\Program Files (x86)\Overwolf\0.180.0.6\OverwolfBrowser.exe => No File
FirewallRules: [{D6663BC8-10E9-4CB9-898C-120EE826D723}] => (Allow) C:\Program Files (x86)\Overwolf\0.180.0.6\OverwolfBrowser.exe => No File
FirewallRules: [{CFCE9CF9-5C96-414D-BC51-F2DA5199F54E}] => (Block) C:\Program Files (x86)\Overwolf\0.180.0.6\OverwolfBrowser.exe => No File
FirewallRules: [{D76DF6E4-E186-4FDB-BC40-512054C83168}] => (Block) C:\Program Files (x86)\Overwolf\0.180.0.6\OverwolfBrowser.exe => No File
FirewallRules: [{4FCD05E5-5F8B-4035-AEBD-7332B9A07E84}] => (Allow) C:\Program Files (x86)\Overwolf\0.181.0.11\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{B24396F9-057B-4825-BEFE-993349D29E84}] => (Allow) C:\Program Files (x86)\Overwolf\0.181.0.11\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{459FC2DC-74D8-44B9-A14F-EA3F22D124C1}] => (Block) C:\Program Files (x86)\Overwolf\0.181.0.11\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{02160530-8DC3-4E04-9ED0-2806A01F87B1}] => (Block) C:\Program Files (x86)\Overwolf\0.181.0.11\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{ED58B9FD-CB8A-41BC-A8A4-B1DEE0E44744}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:111.29 GB) (Free:28.75 GB) (26%)
==================== Faulty Device Manager Devices ============
Name: VPN Client Adapter - VPN
Description: VPN Client Adapter - VPN
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: SoftEther Corporation
Service: Neo_VPN
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (10/25/2021 10:24:56 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-AS0B6H5)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (10/25/2021 09:44:40 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-AS0B6H5)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (10/25/2021 09:44:22 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-AS0B6H5)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (10/25/2021 09:41:50 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-AS0B6H5)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (10/25/2021 09:40:06 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-AS0B6H5)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (10/25/2021 09:22:33 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-AS0B6H5)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (10/25/2021 09:22:10 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-AS0B6H5)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (10/25/2021 09:20:12 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-AS0B6H5)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
System errors:
=============
Error: (10/26/2021 11:33:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hotspot Shield Service 10.22.4 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (10/26/2021 11:33:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba EABackgroundService byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/26/2021 11:33:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Steam Client Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/26/2021 11:33:50 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (10/26/2021 11:33:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Origin Web Helper Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/26/2021 11:33:50 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Realtek Audio Universal Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (10/26/2021 11:33:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AdobeUpdateService byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/26/2021 11:33:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba PnkBstrA byla neočekávaně ukončena. Tento stav nastal již 1krát.
CodeIntegrity:
===============
Date: 2021-10-26 09:55:11
Description:
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume6\Program Files\Norton Security\Engine\22.21.9.25\symamsi.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. F52 08/03/2020
Motherboard: Gigabyte Technology Co., Ltd. A320M-S2H-CF
Processor: AMD Ryzen 5 2600X Six-Core Processor
Percentage of memory in use: 38%
Total physical RAM: 16335.43 MB
Available physical RAM: 10080.98 MB
Total Virtual: 25039.43 MB
Available Virtual: 15883.08 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.29 GB) (Free:28.75 GB) NTFS
Drive d: (škola) (Fixed) (Total:37.27 GB) (Free:33.22 GB) NTFS
Drive e: (Nový svazek) (Fixed) (Total:931.4 GB) (Free:210.74 GB) NTFS
\\?\Volume{1a613d24-dd4d-40d1-8387-07f300dc213d}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
\\?\Volume{bf37e43f-f555-c906-93c7-a1f771a2cef9}\ () (Fixed) (Total:0.41 GB) (Free:0 GB) NTFS
\\?\Volume{126f0fba-3125-46dd-b0d9-efcbe18e62db}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 37.3 GB) (Disk ID: A49DC55B)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 54B26478)
Partition: GPT.
==========================================================
Disk: 2 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)
Partition: GPT.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 3.
==================== End of Addition.txt =======================
frst:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-10-2021
Ran by Draeg (administrator) on DESKTOP-AS0B6H5 (Gigabyte Technology Co., Ltd. A320M-S2H) (26-10-2021 14:40:45)
Running from E:\Stažené soubory
Loaded Profiles: Draeg
Platform: Microsoft Windows 10 Pro Version 20H2 19042.1288 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <32>
(HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Draeg\AppData\Local\Microsoft\Teams\current\Teams.exe <9>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.58.14001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NortonLifeLock Inc. -> Broadcom) C:\Program Files\Norton Security\Engine\22.21.9.25\NortonSecurity.exe <2>
(NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security\Engine\22.21.9.25\nsWscSvc.exe
(Pango Inc. -> Pango Inc.) C:\Program Files (x86)\Hotspot Shield\10.22.4\bin\cmw_srv.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [961824 2019-08-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [101284632 2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-19\...\Run: [] => [X]
HKU\S-1-5-20\...\Run: [] => [X]
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Run: [GoogleChromeAutoLaunch_32C7B48F92CD06D05B6EE9E3E54CA62B] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Run: [Steam] => E:\Steam\steam.exe [4267928 2021-10-13] (Valve -> Valve Corporation)
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Run: [EpicGamesLauncher] => E:\EpicGames\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33310688 2021-09-07] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Draeg\AppData\Local\Microsoft\Teams\Update.exe [2455256 2021-10-01] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1806680 2021-10-07] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Run: [] => [X]
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Users\Draeg\AppData\Local\Programs\Zoner\ZPS X\binary\Program32\ZPSTRAY.EXE [811680 2021-06-18] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-18\...\Run: [] => [X]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\95.0.4638.54\Installer\chrmstp.exe [2021-10-26] (Google LLC -> Google LLC)
Startup: C:\Users\Draeg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HoneygainUpdater.lnk [2021-06-02]
ShortcutTarget: HoneygainUpdater.lnk -> E:\HoneyGain\HoneygainUpdater.exe (OOO "XMAC" -> Honeygain)
Startup: C:\Users\Draeg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2021-04-07]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {187122C7-08CD-44C4-A7D8-DFD39170CB14} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1710472 2020-12-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {1B8DA55F-A5A7-47ED-806B-B9262D21A383} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-25] (Google LLC -> Google LLC)
Task: {2177EF77-AD1E-42A9-A0E1-2509F11B2CCF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5729224 2021-10-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {254BDDD3-167E-4B2B-B3ED-B3D0628E8C8B} - System32\Tasks\AutoStartTask => C:\Users\Draeg\AppData\Local\DriverAssist\app-5.0.0-retail0017\DriverAssist.exe
Task: {2B1D3125-1C73-4FB4-B2FC-0DC129FBDE27} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-12-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {395904E9-A4A6-4B4D-83F6-B47877F91FA8} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.21.9.25\WSCStub.exe [646520 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {3F0BB5CC-070F-44BA-8BF0-715268CCA792} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-25] (Google LLC -> Google LLC)
Task: {427137F2-96CC-4880-A148-9D0C9D6C18E2} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.21.9.25\SymErr.exe [108752 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {4C641AD1-18F6-4EAD-8463-885D3127B507} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.21.9.25\SymErr.exe [108752 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {54286CFD-4534-4191-B07A-D658D624B255} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2353000 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {63AF28E3-D229-4AFF-BDF0-4CA046E23D04} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1710472 2020-12-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {70C2E10E-127A-4831-A023-DF1DCCE29D03} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5729224 2021-10-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {797E78AB-E220-4922-B6C5-9BE90D22E6CC} - System32\Tasks\Zoner.Updater.S-1-5-21-2893592886-4133754699-2489620301-1001 => C:\ProgramData\Zoner\Zoner.Installer.Core\Updater.exe [1602464 2021-07-09] (ZONER software, a.s. -> ZONER software, a.s.)
Task: {80D5F719-0A51-4268-A179-BDB6741A5413} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-12-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {939E8F2F-8E79-40DA-A6DC-5C3EAD837995} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [134504 2021-10-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {A5C9DA60-5A61-4C88-ADE1-A79F4512CEB4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [134504 2021-10-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {AE08FBEE-02AD-4C3A-903E-187C7905814A} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2484568 2021-10-07] (Overwolf Ltd -> Overwolf LTD)
Task: {B77A2B5D-971A-4531-B1E4-78984196B0CE} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21978504 2021-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {DC81F515-3543-4BF3-BB51-7815F5A4F631} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [1145 2020-12-04] () [File not signed]
Task: {E734585E-F45C-4941-B21D-A61A36536769} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21978504 2021-10-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {F3BF519F-8D76-4D1E-8B2A-15B30C1226D3} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.21.9.25\SymErr.exe [108752 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {F5CC1621-B5B8-4462-AB50-CB949F4AB376} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NoUACCheck
Task: {FD4DE7DC-9A49-4528-B5C9-9AFEFCC735F9} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1710472 2020-12-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{01e84170-00bb-4287-a61e-bf149ab03eaf}: [DhcpNameServer] 192.168.0.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Draeg\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-25]
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2021-09-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2021-09-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [File not signed]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-12] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default [2021-10-26]
CHR DownloadDir: E:\Stažené soubory
CHR HomePage: Default -> hxxps//www.seznam.cz/
CHR StartupUrls: Default -> "hxxp//www.omniboxes.com/?type=hp&ts=142409595 ... oogle.com/"
CHR Extension: (Prezentace) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-12-25]
CHR Extension: (Dokumenty) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-12-25]
CHR Extension: (Disk Google) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-25]
CHR Extension: (JSON Formatter) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcjindcccaagfpapjjmafapmmgkkhgoa [2021-10-26]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2021-10-26]
CHR Extension: (YouTube) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-12-25]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-09-01]
CHR Extension: (Watch2Gether) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\cimpffimgeipdhnhjohpbehjkcdpjolg [2021-06-01]
CHR Extension: (Tampermonkey) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2021-06-04]
CHR Extension: (Anti Testportal) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpgfbfopkfdfmlfdpmoanamopdnibhkl [2021-02-25]
CHR Extension: (Tabulky) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-12-25]
CHR Extension: (Norton Safe Web) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnpbeacklnhmkkilekogeiekaglbmmka [2021-10-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-14]
CHR Extension: (Hangouts Google) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2021-08-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\Draeg\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-25]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9251696 2021-10-11] (Microsoft Corporation -> Microsoft Corporation)
S2 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [9846680 2021-10-26] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2021-10-01] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [926176 2021-03-16] (Epic Games Inc. -> Epic Games, Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-08] (HP Inc. -> HP Inc.)
R2 hshld_10.22.4; C:\Program Files (x86)\Hotspot Shield\10.22.4\bin\cmw_srv.exe [242776 2021-10-22] (Pango Inc. -> Pango Inc.)
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.21.9.25\NortonSecurity.exe [343336 2021-09-29] (NortonLifeLock Inc. -> Broadcom)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.21.9.25\nsWscSvc.exe [1058664 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 Origin Client Service; E:\origin\OriginClientService.exe [2533952 2021-01-21] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; E:\origin\OriginWebHelperService.exe [3479624 2021-01-21] (Electronic Arts, Inc. -> Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2484568 2021-10-07] (Overwolf Ltd -> Overwolf LTD)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2021-03-22] (Even Balance, Inc. -> )
S3 Rockstar Service; E:\Rockstar Games\Launcher\RockstarService.exe [1934744 2021-07-22] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5414976 2021-10-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 VBoxSDS; E:\oracle\Virtual Box\VBoxSDS.exe [746504 2020-10-16] (Oracle Corporation -> Oracle Corporation)
S3 wampapache64; E:\wamp64\bin\apache\apache2.4.41\bin\httpd.exe [29696 2019-08-09] (Apache Software Foundation) [File not signed]
S3 wampmariadb64; E:\wamp64\bin\mariadb\mariadb10.4.10\bin\mysqld.exe [15837608 2019-11-07] (MariaDB Corporation Ab -> )
S3 wampmysqld64; E:\wamp64\bin\mysql\mysql8.0.18\bin\mysqld.exe [48781920 2019-09-20] (Oracle America, Inc. -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2108.7-0\NisSrv.exe [2772856 2021-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2108.7-0\MsMpEng.exe [136640 2021-09-18] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 EraserSvc11911; "C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\NortonSecurity.exe" /h ccCommon [X]
S2 EraserSvc11912; "C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\NortonSecurity.exe" /h ccCommon [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AMDXE; C:\Windows\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.20.5.40\Definitions\BASHDefs\20211020.011\BHDrvx64.sys [2018784 2021-09-15] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 ccSet_NGC; C:\Windows\System32\drivers\NGCx64\1615090.019\ccSetx64.sys [192256 2021-09-29] (Symantec Corporation -> Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [516168 2021-10-14] (Symantec Corporation -> Broadcom)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153672 2021-02-10] (Symantec Corporation -> Broadcom)
S3 gdrv2; C:\Windows\gdrv2.sys [32600 2020-12-25] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R3 hsstap; C:\Windows\System32\drivers\hsstap.sys [39424 2020-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Pango)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.20.5.40\Definitions\IPSDefs\20211025.061\IDSvia64.sys [1480144 2021-09-28] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 Neo_VPN; C:\Windows\System32\drivers\Neo6_x64_VPN.sys [37824 2021-01-02] (SoftEther Corporation -> SoftEther Corporation)
R1 npcap; C:\Windows\system32\DRIVERS\npcap.sys [74616 2020-12-11] (Insecure.Com LLC -> Insecure.Com LLC.)
S3 nsvst_NGC; C:\Windows\System32\drivers\NGCx64\1615090.019\nsvst.sys [56080 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R1 pango_netfilter2; C:\Windows\System32\drivers\pango_netfilter2.sys [94600 2021-10-22] (Pango Inc. -> Pango Inc)
R1 SRTSP; C:\Windows\System32\drivers\NGCx64\1615090.019\SRTSP64.SYS [892600 2021-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SRTSPX; C:\Windows\System32\drivers\NGCx64\1615090.019\SRTSPX64.SYS [48832 2021-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R0 SymEFASI; C:\Windows\System32\drivers\NGCx64\1615090.019\SYMEFASI64.SYS [2059952 2021-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S0 SymELAM; C:\Windows\System32\drivers\NGCx64\1615090.019\SymELAM.sys [31976 2021-09-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [93152 2021-08-06] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.20.5.40\SymPlatform\SymEvnt.sys [712432 2021-07-13] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\Windows\System32\drivers\NGCx64\1615090.019\Ironx64.SYS [319176 2021-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymNetS; C:\Windows\System32\drivers\NGCx64\1615090.019\symnets.sys [575344 2021-09-29] (Symantec Corporation -> Symantec Corporation)
R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [239432 2020-10-16] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [249344 2020-10-16] (Oracle Corporation -> Oracle Corporation)
R3 vjoy; C:\Windows\system32\DRIVERS\vjoy.sys [67448 2019-07-14] (On-site Dental Systems (Justin Shafer) -> Shaul Eizikovich)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [48536 2021-09-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [433384 2021-09-18] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86264 2021-09-18] (Microsoft Windows -> Microsoft Corporation)
S3 wpCtrlDrv_NGC; C:\Windows\System32\drivers\NGCx64\1615090.019\wpCtrlDrv.sys [1015760 2021-09-29] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
U4 npcap_wifi; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-10-26 14:36 - 2021-10-26 14:36 - 000000000 ____D C:\Windows\system32\Tasks\Remediation
2021-10-26 10:02 - 2021-10-26 14:40 - 000000000 ____D C:\FRST
2021-10-26 09:39 - 2021-10-26 09:40 - 000000000 ____D C:\AdwCleaner
2021-10-25 14:46 - 2021-10-25 14:46 - 000075712 _____ C:\Users\Draeg\Documents\sezona2021.veg
2021-10-25 12:30 - 2021-10-25 17:53 - 000000000 ____D C:\Users\Draeg\AppData\Roaming\vlc
2021-10-25 12:30 - 2021-10-25 12:30 - 000001143 _____ C:\Users\Public\Desktop\VLC media player.lnk
2021-10-25 12:30 - 2021-10-25 12:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2021-10-25 12:30 - 2021-10-25 12:30 - 000000000 ____D C:\Program Files (x86)\VideoLAN
2021-10-24 21:49 - 2021-10-24 21:49 - 000000000 ____D C:\Users\Draeg\AppData\Local\NPE
2021-10-24 13:44 - 2021-10-24 13:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
2021-10-24 13:44 - 2021-10-24 13:44 - 000000000 ____D C:\Program Files (x86)\Hotspot Shield
2021-10-24 13:44 - 2021-10-22 10:08 - 000094600 _____ (Pango Inc) C:\Windows\system32\Drivers\pango_netfilter2.sys
2021-10-22 16:47 - 2021-10-22 16:47 - 001720972 _____ C:\Windows\Minidump\102221-12781-01.dmp
2021-10-22 16:35 - 2021-10-22 16:35 - 000025576 _____ (EasyAntiCheat Oy) C:\Windows\system32\eac_usermode_138117435135266.dll
2021-10-22 09:56 - 2021-10-22 10:18 - 000000000 ____D C:\Users\Draeg\Downloads\bot
2021-10-22 09:44 - 2021-10-22 09:44 - 000000000 ____D C:\Users\Draeg\AppData\Local\Yandex
2021-10-21 19:52 - 2021-10-22 16:47 - 1560943642 _____ C:\Windows\MEMORY.DMP
2021-10-21 19:52 - 2021-10-22 16:47 - 000000000 ____D C:\Windows\Minidump
2021-10-21 19:52 - 2021-10-21 19:52 - 002520332 _____ C:\Windows\Minidump\102121-12109-01.dmp
2021-10-15 17:28 - 2021-10-15 17:28 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2021-10-15 17:28 - 2021-10-15 17:28 - 000005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2021-10-15 17:27 - 2021-10-15 17:27 - 001823296 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2021-10-15 17:27 - 2021-10-15 17:27 - 001393504 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2021-10-15 17:27 - 2021-10-15 17:27 - 000706536 _____ C:\Windows\system32\TextShaping.dll
2021-10-15 17:27 - 2021-10-15 17:27 - 000611960 _____ C:\Windows\SysWOW64\TextShaping.dll
2021-10-15 17:27 - 2021-10-15 17:27 - 000593920 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2021-10-15 17:27 - 2021-10-15 17:27 - 000570368 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2021-10-15 17:27 - 2021-10-15 17:27 - 000452096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2021-10-15 17:27 - 2021-10-15 17:27 - 000449024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2021-10-15 17:27 - 2021-10-15 17:27 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2021-10-15 17:27 - 2021-10-15 17:27 - 000203264 _____ C:\Windows\system32\uwfcfgmgmt.dll
2021-10-15 17:27 - 2021-10-15 17:27 - 000158208 _____ C:\Windows\system32\uwfcsp.dll
2021-10-15 17:27 - 2021-10-15 17:27 - 000098304 _____ C:\Windows\system32\Drivers\cimfs.sys
2021-10-15 17:27 - 2021-10-15 17:27 - 000040960 _____ C:\Windows\system32\uwfservicingapi.dll
2021-10-15 17:27 - 2021-10-15 17:27 - 000011495 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-10-15 17:20 - 2021-10-15 17:20 - 000000000 ___HD C:\$WinREAgent
2021-10-10 14:47 - 2021-10-10 14:47 - 000000605 _____ C:\Users\Draeg\Desktop\Riot Client.lnk
2021-10-09 13:49 - 2021-10-26 12:03 - 000000000 ____D C:\Windows\system32\Tasks\Norton Security
2021-10-09 13:49 - 2021-10-09 13:49 - 000003376 _____ C:\Windows\system32\Tasks\Norton WSC Integration
2021-10-09 13:49 - 2021-10-09 13:49 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2021-10-01 16:52 - 2021-10-13 18:04 - 000000000 ____D C:\Users\Draeg\AppData\Local\Persona
2021-10-01 16:52 - 2021-10-01 16:52 - 000000000 ____D C:\Users\Draeg\AppData\Roaming\AGS
2021-10-01 16:51 - 2021-10-01 16:51 - 000000000 ____D C:\Users\Draeg\AppData\Local\AGS
2021-10-01 13:10 - 2021-10-01 13:10 - 000000203 _____ C:\Users\Draeg\Desktop\New World.url
2021-09-29 20:36 - 2021-09-29 20:36 - 000002249 _____ C:\Users\Public\Desktop\EA.lnk
2021-09-28 19:41 - 2021-10-26 11:33 - 000000000 ____D C:\Users\Draeg\AppData\Roaming\Code
2021-09-28 19:41 - 2021-10-22 10:31 - 000000000 ____D C:\Users\Draeg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2021-09-28 19:41 - 2021-09-28 19:41 - 000000730 _____ C:\Users\Draeg\Desktop\Visual Studio Code.lnk
2021-09-28 19:41 - 2021-09-28 19:41 - 000000000 ____D C:\Users\Draeg\.vscode
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-10-26 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-26 14:05 - 2020-12-24 23:52 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-26 13:58 - 2020-09-27 07:55 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-10-26 11:55 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-10-26 11:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2021-10-26 10:02 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2021-10-26 09:58 - 2020-12-24 23:35 - 001693576 _____ C:\Windows\system32\PerfStringBackup.INI
2021-10-26 09:58 - 2019-12-07 16:43 - 000716874 _____ C:\Windows\system32\perfh005.dat
2021-10-26 09:58 - 2019-12-07 16:43 - 000145052 _____ C:\Windows\system32\perfc005.dat
2021-10-26 09:52 - 2021-01-29 21:08 - 000002321 _____ C:\Users\Draeg\Desktop\Porofessor.gg.lnk
2021-10-26 09:52 - 2021-01-29 21:05 - 000000000 ____D C:\Users\Draeg\AppData\Local\Overwolf
2021-10-26 09:52 - 2020-12-25 01:01 - 000003126 _____ C:\Windows\system32\Tasks\AMDInstallLauncher
2021-10-26 09:52 - 2020-12-25 00:55 - 000000000 ___RD C:\Users\Draeg\OneDrive - Vyssi odborna skola a Stredni skola technicka Ceska Trebova
2021-10-26 09:52 - 2020-12-25 00:51 - 000003110 _____ C:\Windows\system32\Tasks\AMDLinkUpdate
2021-10-26 09:52 - 2020-12-24 23:33 - 000000000 ___RD C:\Users\Draeg\OneDrive
2021-10-26 09:52 - 2019-12-07 11:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2021-10-26 09:51 - 2020-12-24 23:56 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2021-10-26 09:51 - 2020-09-27 09:56 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-10-26 09:51 - 2020-09-27 07:55 - 000008192 ___SH C:\DumpStack.log.tmp
2021-10-26 09:51 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI
2021-10-26 08:59 - 2020-12-25 00:06 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-26 08:59 - 2020-12-25 00:06 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-10-25 22:19 - 2020-12-25 01:30 - 000000000 ____D C:\Users\Draeg\AppData\Roaming\discord
2021-10-25 22:06 - 2020-12-25 01:30 - 000000000 ____D C:\Users\Draeg\AppData\Local\Discord
2021-10-25 16:21 - 2020-12-25 01:20 - 000000000 ____D C:\ProgramData\Riot Games
2021-10-25 14:46 - 2021-01-28 19:48 - 000000000 ____D C:\Users\Draeg\AppData\LocalLow\Adobe
2021-10-25 14:22 - 2020-12-24 23:34 - 000000000 ____D C:\Users\Draeg\AppData\Local\PlaceholderTileLogoFolder
2021-10-25 13:45 - 2020-12-24 23:32 - 000000000 ____D C:\Users\Draeg\AppData\Local\Packages
2021-10-25 12:12 - 2021-01-30 00:26 - 000000000 ____D C:\Users\Draeg\AppData\Roaming\VEGAS
2021-10-25 08:21 - 2021-01-29 21:07 - 000000000 ____D C:\Program Files (x86)\Overwolf
2021-10-24 21:49 - 2020-12-25 00:16 - 000000000 ____D C:\ProgramData\Norton
2021-10-24 16:53 - 2020-12-24 23:50 - 000000000 ____D C:\Users\Draeg\AppData\Local\D3DSCache
2021-10-24 13:44 - 2021-08-30 08:14 - 000001251 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk
2021-10-24 13:44 - 2021-01-02 13:12 - 000000000 ____D C:\ProgramData\Hotspot Shield
2021-10-24 13:44 - 2020-12-25 00:18 - 000000000 ____D C:\ProgramData\Package Cache
2021-10-22 23:22 - 2020-12-24 23:30 - 000000000 ____D C:\Users\Draeg
2021-10-22 19:49 - 2020-12-25 14:41 - 002220488 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2021-10-22 19:49 - 2020-12-25 14:41 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2021-10-22 19:48 - 2020-12-25 14:41 - 000324048 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2021-10-22 19:48 - 2020-12-25 14:41 - 000217544 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy.dll
2021-10-22 19:48 - 2020-12-25 14:41 - 000197040 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2021-10-22 19:48 - 2020-12-25 14:41 - 000061896 _____ (Microsoft Corporation) C:\Windows\system32\gamemodcontrol.exe
2021-10-22 18:42 - 2020-09-27 09:58 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-10-22 18:42 - 2020-09-27 09:58 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-10-22 13:26 - 2020-12-25 01:36 - 000000000 ____D C:\Users\Draeg\AppData\Roaming\TS3Client
2021-10-22 09:45 - 2021-01-13 13:59 - 000000000 ____D C:\Users\Draeg\AppData\Local\CrashDumps
2021-10-21 19:31 - 2020-12-24 23:33 - 000003380 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2893592886-4133754699-2489620301-1001
2021-10-21 19:31 - 2020-12-24 23:30 - 000002381 _____ C:\Users\Draeg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-10-21 19:30 - 2020-12-25 00:53 - 000000000 ____D C:\Users\Draeg\AppData\Local\AMD_Common
2021-10-19 18:27 - 2020-12-25 01:21 - 000000000 ____D C:\Program Files\Microsoft Office
2021-10-15 19:04 - 2020-09-27 07:55 - 000533528 _____ C:\Windows\system32\FNTCACHE.DAT
2021-10-15 19:03 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-10-15 19:03 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\UNP
2021-10-15 19:03 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-10-15 19:03 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2021-10-15 19:03 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2021-10-15 19:03 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2021-10-15 19:03 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2021-10-15 19:03 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-10-15 19:03 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\DiagTrack
2021-10-15 19:03 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2021-10-15 17:30 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2021-10-14 18:47 - 2020-12-24 23:38 - 000000000 ____D C:\Windows\system32\MRT
2021-10-14 18:45 - 2020-12-24 23:38 - 139806512 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-10-13 15:12 - 2020-12-25 13:02 - 000000000 ____D C:\ProgramData\Zoner
2021-10-12 18:55 - 2020-12-27 16:28 - 000000000 ____D C:\Users\Draeg\AppData\Roaming\.minecraft
2021-10-12 14:43 - 2020-09-27 09:59 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-10-10 14:47 - 2020-12-25 01:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2021-10-10 12:36 - 2020-09-27 09:58 - 000003584 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-10 12:36 - 2020-09-27 09:58 - 000003460 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-10-09 16:08 - 2020-12-25 01:42 - 000000000 ____D C:\Program Files\Common Files\AV
2021-10-09 13:49 - 2020-12-25 00:23 - 000002420 _____ C:\Users\Public\Desktop\Norton Security.lnk
2021-10-09 13:49 - 2020-12-25 00:16 - 000000000 ____D C:\Windows\system32\Drivers\NGCx64
2021-10-01 17:59 - 2020-12-24 23:52 - 000003474 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-10-01 17:59 - 2020-12-24 23:52 - 000003350 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-10-01 16:51 - 2021-03-25 11:45 - 000000000 ____D C:\Users\Draeg\AppData\Roaming\EasyAntiCheat
2021-10-01 16:32 - 2020-12-25 12:17 - 000002368 _____ C:\Users\Draeg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-10-01 16:32 - 2020-12-25 12:17 - 000002360 _____ C:\Users\Draeg\Desktop\Microsoft Teams.lnk
2021-10-01 14:48 - 2021-02-12 18:02 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-10-01 13:42 - 2020-12-24 23:32 - 000000000 ____D C:\Users\Draeg\AppData\Local\ConnectedDevicesPlatform
2021-10-01 13:10 - 2021-06-16 08:00 - 000000000 ____D C:\Users\Draeg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-09-29 20:36 - 2021-03-19 09:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
2021-09-29 19:29 - 2020-12-25 01:30 - 000002231 _____ C:\Users\Draeg\Desktop\Discord.lnk
==================== Files in the root of some directories ========
2021-01-28 19:48 - 2021-03-11 20:05 - 000000033 _____ () C:\Users\Draeg\AppData\Roaming\AdobeWLCMCache.dat
2021-01-20 09:24 - 2021-01-20 09:24 - 000000110 _____ () C:\Users\Draeg\AppData\Roaming\debug.log
2021-01-31 10:52 - 2021-05-20 11:21 - 000007380 _____ () C:\Users\Draeg\AppData\Local\oobelibMkey.log
2021-09-21 21:03 - 2021-09-21 21:03 - 000000715 _____ () C:\Users\Draeg\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: mám pocit že mám něco v počítači, malware nejspíš, logy v příspěvku
Otevřte poznámkový blok a zkopírujte do něj:
Uložte do E:\Stažené soubory jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
CustomCLSID: HKU\S-1-5-21-2893592886-4133754699-2489620301-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Draeg\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
FirewallRules: [{3334B8D4-2A96-4403-99D3-B71758C6846C}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{9C0BC41B-0C8F-44C6-A0F7-2E965ABAEC29}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{5E3162C5-FB3B-45E7-AAAE-B99BBBFA3A63}] => (Allow) E:\SoftEthernet\SoftEther VPN Client\vpncmd_x64.exe => No File
FirewallRules: [{E5EC2341-7ED7-4F7E-8555-79B95634CB49}] => (Allow) E:\SoftEthernet\SoftEther VPN Client\vpnclient_x64.exe => No File
FirewallRules: [{47E25583-68A0-4111-BB48-6F39AD17B137}] => (Allow) E:\SoftEthernet\SoftEther VPN Client\vpncmgr.exe => No File
FirewallRules: [{EFEC4CE0-8B9E-409B-8622-914211F82434}] => (Allow) E:\SoftEthernet\SoftEther VPN Client\vpncmgr_x64.exe => No File
FirewallRules: [{99C490BB-AA39-4CA9-8ED6-450BDB66A588}] => (Allow) E:\SoftEthernet\SoftEther VPN Client\vpncmd.exe => No File
FirewallRules: [{682F572A-EFA7-4090-A033-78E564E49883}] => (Allow) E:\SoftEthernet\SoftEther VPN Client\vpnclient.exe => No File
FirewallRules: [{203FFD7D-98EB-424C-8828-5DE9D117A253}] => (Allow) C:\Program Files (x86)\Overwolf\0.180.0.6\OverwolfBrowser.exe => No File
FirewallRules: [{D6663BC8-10E9-4CB9-898C-120EE826D723}] => (Allow) C:\Program Files (x86)\Overwolf\0.180.0.6\OverwolfBrowser.exe => No File
FirewallRules: [{CFCE9CF9-5C96-414D-BC51-F2DA5199F54E}] => (Block) C:\Program Files (x86)\Overwolf\0.180.0.6\OverwolfBrowser.exe => No File
FirewallRules: [{D76DF6E4-E186-4FDB-BC40-512054C83168}] => (Block) C:\Program Files (x86)\Overwolf\0.180.0.6\OverwolfBrowser.exe => No File
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-19\...\Run: [] => [X]
HKU\S-1-5-20\...\Run: [] => [X]
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Run: [] => [X]
HKU\S-1-5-18\...\Run: [] => [X]
Task: {1B8DA55F-A5A7-47ED-806B-B9262D21A383} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-25] (Google LLC -> Google LLC)
Task: {3F0BB5CC-070F-44BA-8BF0-715268CCA792} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-25] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
U4 npcap_wifi; no ImagePath
C:\Users\Draeg\AppData\Local\Yandex
C:\DumpStack.log.tmp
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: mám pocit že mám něco v počítači, malware nejspíš, logy v příspěvku
fixlog:
Fix result of Farbar Recovery Scan Tool (x64) Version: 20-10-2021
Ran by Draeg (26-10-2021 16:24:38) Run:1
Running from E:\Stažené soubory
Loaded Profiles: Draeg
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CustomCLSID: HKU\S-1-5-21-2893592886-4133754699-2489620301-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Draeg\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
FirewallRules: [{3334B8D4-2A96-4403-99D3-B71758C6846C}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{9C0BC41B-0C8F-44C6-A0F7-2E965ABAEC29}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{5E3162C5-FB3B-45E7-AAAE-B99BBBFA3A63}] => (Allow) E:\SoftEthernet\SoftEther VPN Client\vpncmd_x64.exe => No File
FirewallRules: [{E5EC2341-7ED7-4F7E-8555-79B95634CB49}] => (Allow) E:\SoftEthernet\SoftEther VPN Client\vpnclient_x64.exe => No File
FirewallRules: [{47E25583-68A0-4111-BB48-6F39AD17B137}] => (Allow) E:\SoftEthernet\SoftEther VPN Client\vpncmgr.exe => No File
FirewallRules: [{EFEC4CE0-8B9E-409B-8622-914211F82434}] => (Allow) E:\SoftEthernet\SoftEther VPN Client\vpncmgr_x64.exe => No File
FirewallRules: [{99C490BB-AA39-4CA9-8ED6-450BDB66A588}] => (Allow) E:\SoftEthernet\SoftEther VPN Client\vpncmd.exe => No File
FirewallRules: [{682F572A-EFA7-4090-A033-78E564E49883}] => (Allow) E:\SoftEthernet\SoftEther VPN Client\vpnclient.exe => No File
FirewallRules: [{203FFD7D-98EB-424C-8828-5DE9D117A253}] => (Allow) C:\Program Files (x86)\Overwolf\0.180.0.6\OverwolfBrowser.exe => No File
FirewallRules: [{D6663BC8-10E9-4CB9-898C-120EE826D723}] => (Allow) C:\Program Files (x86)\Overwolf\0.180.0.6\OverwolfBrowser.exe => No File
FirewallRules: [{CFCE9CF9-5C96-414D-BC51-F2DA5199F54E}] => (Block) C:\Program Files (x86)\Overwolf\0.180.0.6\OverwolfBrowser.exe => No File
FirewallRules: [{D76DF6E4-E186-4FDB-BC40-512054C83168}] => (Block) C:\Program Files (x86)\Overwolf\0.180.0.6\OverwolfBrowser.exe => No File
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-19\...\Run: [] => [X]
HKU\S-1-5-20\...\Run: [] => [X]
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Run: [] => [X]
HKU\S-1-5-18\...\Run: [] => [X]
Task: {1B8DA55F-A5A7-47ED-806B-B9262D21A383} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-25] (Google LLC -> Google LLC)
Task: {3F0BB5CC-070F-44BA-8BF0-715268CCA792} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-25] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
U4 npcap_wifi; no ImagePath
C:\Users\Draeg\AppData\Local\Yandex
C:\DumpStack.log.tmp
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
EmptyTemp:
End
*****************
Processes closed successfully.
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92} => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3334B8D4-2A96-4403-99D3-B71758C6846C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9C0BC41B-0C8F-44C6-A0F7-2E965ABAEC29}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5E3162C5-FB3B-45E7-AAAE-B99BBBFA3A63}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E5EC2341-7ED7-4F7E-8555-79B95634CB49}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{47E25583-68A0-4111-BB48-6F39AD17B137}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EFEC4CE0-8B9E-409B-8622-914211F82434}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{99C490BB-AA39-4CA9-8ED6-450BDB66A588}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{682F572A-EFA7-4090-A033-78E564E49883}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{203FFD7D-98EB-424C-8828-5DE9D117A253}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D6663BC8-10E9-4CB9-898C-120EE826D723}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CFCE9CF9-5C96-414D-BC51-F2DA5199F54E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D76DF6E4-E186-4FDB-BC40-512054C83168}" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
"HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1B8DA55F-A5A7-47ED-806B-B9262D21A383}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1B8DA55F-A5A7-47ED-806B-B9262D21A383}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3F0BB5CC-070F-44BA-8BF0-715268CCA792}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F0BB5CC-070F-44BA-8BF0-715268CCA792}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
HKLM\System\CurrentControlSet\Services\npcap_wifi => removed successfully
npcap_wifi => service removed successfully
C:\Users\Draeg\AppData\Local\Yandex => moved successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
=========== EmptyTemp: ==========
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 584871552 B
Java, Flash, Steam htmlcache => 317584937 B
Windows/system/drivers => 8571769 B
Edge => 0 B
Chrome => 3368841441 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 249984 B
NetworkService => 259002 B
Draeg => 53979746 B
RecycleBin => 2174 B
EmptyTemp: => 4 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 26-10-2021 16:27:20)
C:\DumpStack.log.tmp => Could not move
==== End of Fixlog 16:27:20 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 20-10-2021
Ran by Draeg (26-10-2021 16:24:38) Run:1
Running from E:\Stažené soubory
Loaded Profiles: Draeg
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CustomCLSID: HKU\S-1-5-21-2893592886-4133754699-2489620301-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Draeg\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
FirewallRules: [{3334B8D4-2A96-4403-99D3-B71758C6846C}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{9C0BC41B-0C8F-44C6-A0F7-2E965ABAEC29}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{5E3162C5-FB3B-45E7-AAAE-B99BBBFA3A63}] => (Allow) E:\SoftEthernet\SoftEther VPN Client\vpncmd_x64.exe => No File
FirewallRules: [{E5EC2341-7ED7-4F7E-8555-79B95634CB49}] => (Allow) E:\SoftEthernet\SoftEther VPN Client\vpnclient_x64.exe => No File
FirewallRules: [{47E25583-68A0-4111-BB48-6F39AD17B137}] => (Allow) E:\SoftEthernet\SoftEther VPN Client\vpncmgr.exe => No File
FirewallRules: [{EFEC4CE0-8B9E-409B-8622-914211F82434}] => (Allow) E:\SoftEthernet\SoftEther VPN Client\vpncmgr_x64.exe => No File
FirewallRules: [{99C490BB-AA39-4CA9-8ED6-450BDB66A588}] => (Allow) E:\SoftEthernet\SoftEther VPN Client\vpncmd.exe => No File
FirewallRules: [{682F572A-EFA7-4090-A033-78E564E49883}] => (Allow) E:\SoftEthernet\SoftEther VPN Client\vpnclient.exe => No File
FirewallRules: [{203FFD7D-98EB-424C-8828-5DE9D117A253}] => (Allow) C:\Program Files (x86)\Overwolf\0.180.0.6\OverwolfBrowser.exe => No File
FirewallRules: [{D6663BC8-10E9-4CB9-898C-120EE826D723}] => (Allow) C:\Program Files (x86)\Overwolf\0.180.0.6\OverwolfBrowser.exe => No File
FirewallRules: [{CFCE9CF9-5C96-414D-BC51-F2DA5199F54E}] => (Block) C:\Program Files (x86)\Overwolf\0.180.0.6\OverwolfBrowser.exe => No File
FirewallRules: [{D76DF6E4-E186-4FDB-BC40-512054C83168}] => (Block) C:\Program Files (x86)\Overwolf\0.180.0.6\OverwolfBrowser.exe => No File
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-19\...\Run: [] => [X]
HKU\S-1-5-20\...\Run: [] => [X]
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\...\Run: [] => [X]
HKU\S-1-5-18\...\Run: [] => [X]
Task: {1B8DA55F-A5A7-47ED-806B-B9262D21A383} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-25] (Google LLC -> Google LLC)
Task: {3F0BB5CC-070F-44BA-8BF0-715268CCA792} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-25] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
U4 npcap_wifi; no ImagePath
C:\Users\Draeg\AppData\Local\Yandex
C:\DumpStack.log.tmp
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
EmptyTemp:
End
*****************
Processes closed successfully.
HKU\S-1-5-21-2893592886-4133754699-2489620301-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92} => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3334B8D4-2A96-4403-99D3-B71758C6846C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9C0BC41B-0C8F-44C6-A0F7-2E965ABAEC29}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5E3162C5-FB3B-45E7-AAAE-B99BBBFA3A63}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E5EC2341-7ED7-4F7E-8555-79B95634CB49}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{47E25583-68A0-4111-BB48-6F39AD17B137}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EFEC4CE0-8B9E-409B-8622-914211F82434}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{99C490BB-AA39-4CA9-8ED6-450BDB66A588}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{682F572A-EFA7-4090-A033-78E564E49883}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{203FFD7D-98EB-424C-8828-5DE9D117A253}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D6663BC8-10E9-4CB9-898C-120EE826D723}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CFCE9CF9-5C96-414D-BC51-F2DA5199F54E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D76DF6E4-E186-4FDB-BC40-512054C83168}" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
"HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKU\S-1-5-21-2893592886-4133754699-2489620301-1001\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1B8DA55F-A5A7-47ED-806B-B9262D21A383}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1B8DA55F-A5A7-47ED-806B-B9262D21A383}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3F0BB5CC-070F-44BA-8BF0-715268CCA792}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F0BB5CC-070F-44BA-8BF0-715268CCA792}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
HKLM\System\CurrentControlSet\Services\npcap_wifi => removed successfully
npcap_wifi => service removed successfully
C:\Users\Draeg\AppData\Local\Yandex => moved successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
=========== EmptyTemp: ==========
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 584871552 B
Java, Flash, Steam htmlcache => 317584937 B
Windows/system/drivers => 8571769 B
Edge => 0 B
Chrome => 3368841441 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 249984 B
NetworkService => 259002 B
Draeg => 53979746 B
RecycleBin => 2174 B
EmptyTemp: => 4 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 26-10-2021 16:27:20)
C:\DumpStack.log.tmp => Could not move
==== End of Fixlog 16:27:20 ====
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: mám pocit že mám něco v počítači, malware nejspíš, logy v příspěvku
Smazáno, log by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: mám pocit že mám něco v počítači, malware nejspíš, logy v příspěvku
děkuju moc za radu.
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: mám pocit že mám něco v počítači, malware nejspíš, logy v příspěvku
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?