Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

probliknutí CMD po spuštení

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
pepe24
Návštěvník
Návštěvník
Příspěvky: 28
Registrován: 16 dub 2018 14:42

probliknutí CMD po spuštení

#1 Příspěvek od pepe24 »

Zdravím,
prosím o kontrolu.


==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1189.1\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1189.1\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <6>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Elaborate Bytes AG -> Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Remote Desktop\94.0.4606.27\remoting_host.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.21102.10421.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WerFault.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe <2>
(Opera Software AS -> Opera Software) C:\Users\breaker\AppData\Local\Programs\Opera\80.0.4170.72\opera_crashreporter.exe
(Opera Software AS -> Opera Software) C:\Users\breaker\AppData\Local\Programs\Opera\opera.exe <26>
(remotemouse.net) [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(RemoteMouse.net) [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
(voidtools -> voidtools) C:\Program Files\Everything\Everything.exe <2>
Failed to access process -> nvstreamsvc.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-10] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1570672 2015-05-10] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [2254152 2020-08-05] (voidtools -> voidtools)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [333784 2021-03-30] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [134936 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) [File not signed]
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [105280 2020-02-23] (Elaborate Bytes AG -> Elaborate Bytes AG)
HKU\S-1-5-21-3720380324-1310689710-1488900297-1002\...\Run: [Opera Browser Assistant] => C:\Users\breaker\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4105424 2021-10-14] (Opera Software AS -> Opera Software)
HKLM\...\Windows x64\Print Processors\HPZPP4wm: C:\Windows\System32\spool\prtprocs\x64\hpzpp4wm.DLL [231424 2007-02-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [100352 2007-05-23] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\HP B511 Status Monitor: C:\Windows\system32\hpinkstsB511LM.dll [333496 2012-12-16] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\95.0.4638.69\Installer\chrmstp.exe [2021-10-28] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\95.0.12827.70\Installer\chrmstp.exe [2021-11-04] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {5DD41640-95CC-45CD-A8C5-D8285A3DAAC3} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1778456 2021-11-04] (Avast Software s.r.o. -> Avast Software)
Task: {77433210-6C78-4417-A162-3AA1DA6BD5E3} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [193872 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
Task: {780DEAC2-F277-489F-858F-60892D649BDF} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {780DEAC2-F277-489F-858F-60892D649BDF} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {780DEAC2-F277-489F-858F-60892D649BDF} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {780DEAC2-F277-489F-858F-60892D649BDF} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore1d7138aa8a4db57" /ENABLE
Task: {780DEAC2-F277-489F-858F-60892D649BDF} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {780DEAC2-F277-489F-858F-60892D649BDF} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-3720380324-1310689710-1488900297-1002" /ENABLE
Task: {780DEAC2-F277-489F-858F-60892D649BDF} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-3720380324-1310689710-1488900297-500" /ENABLE
Task: {780DEAC2-F277-489F-858F-60892D649BDF} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\Opera scheduled assistant Autoupdate 1595468730" /ENABLE
Task: {780DEAC2-F277-489F-858F-60892D649BDF} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\Opera scheduled Autoupdate 1595468726" /ENABLE
Task: {780DEAC2-F277-489F-858F-60892D649BDF} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {7E53596C-B6BA-473F-8B33-2A0B69CDBDA8} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2495608 2021-11-01] (Avast Software s.r.o. -> AVAST Software)
Task: {9E9285BE-3329-46F7-B798-00BCAC3345A7} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4974872 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
Task: {B8A60FED-FD28-4ECE-A265-6857889870E7} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2495608 2021-11-01] (Avast Software s.r.o. -> AVAST Software)
Task: {C10895F5-DCE7-456B-AD78-E385E2132E34} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [193872 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
Task: {CF965ADA-8AF3-4D80-A48C-8238BB546269} - System32\Tasks\Opera scheduled assistant Autoupdate 1595468730 => C:\Users\breaker\AppData\Local\Programs\Opera\launcher.exe [46227664 2021-10-27] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\breaker\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {D1EF7D34-C3DE-411E-B60B-FF66E82F0614} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-10-11] (Google LLC -> Google LLC)
Task: {DD7FF5B0-5F42-4F05-B899-A3BFCAEAE1D7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-10-11] (Google LLC -> Google LLC)
Task: {F2996DC1-C756-4E7F-93A3-FF8F2411B748} - System32\Tasks\Opera scheduled Autoupdate 1595468726 => C:\Users\breaker\AppData\Local\Programs\Opera\launcher.exe [46227664 2021-10-27] (Opera Software AS -> Opera Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{08a74099-0c38-465c-ae5f-467a8db6c609}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2d35039b-3182-40e3-9979-fa0c643132b2}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{ec9e7eac-d502-40ea-8d46-c858a426d5bd}: [NameServer] 217.77.165.81,217.77.165.211

Edge:
=======
DownloadDir: C:\Users\breaker\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\breaker\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-03]
Edge DownloadDir: Default -> C:\Users\breaker\Downloads

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1189.1\npAvastBrowserUpdate3.dll [2021-11-04] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1189.1\npAvastBrowserUpdate3.dll [2021-11-04] (Avast Software s.r.o. -> AVAST Software)

Chrome:
=======
CHR Profile: C:\Users\breaker\AppData\Local\Google\Chrome\User Data\Default [2021-11-11]
CHR Extension: (Prezentace) - C:\Users\breaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-10-11]
CHR Extension: (Dokumenty) - C:\Users\breaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-10-11]
CHR Extension: (Disk Google) - C:\Users\breaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-12]
CHR Extension: (YouTube) - C:\Users\breaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-10-11]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\breaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-11-11]
CHR Extension: (Tabulky) - C:\Users\breaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-10-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\breaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-27]
CHR Extension: (Chrome Remote Desktop) - C:\Users\breaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2020-10-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\breaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-27]
CHR Extension: (Gmail) - C:\Users\breaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-12]
CHR Profile: C:\Users\breaker\AppData\Local\Google\Chrome\User Data\System Profile [2021-10-13]

Opera:
=======
OPR Profile: C:\Users\breaker\AppData\Roaming\Opera Software\Opera Stable [2021-11-11]
OPR Notifications: Opera Stable -> hxxps://livesport24.host; hxxps://meet.google.com; hxxps://www.instagram.com
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (AdBlock) - C:\Users\breaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2020-07-24]
OPR Extension: (AdBlocker for YouTube™) - C:\Users\breaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\cgdogbijachehheddakopmfjahhgmmma [2021-03-24]
OPR Extension: (Translator) - C:\Users\breaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnbpedcoekjafichoehopgaaldogogch [2021-08-23]
OPR Extension: (Hola Free VPN Proxy Unblocker) - C:\Users\breaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\ekmmelpnmfdegjhnmadddcfjcahpajnm [2021-06-10]
OPR Extension: (Rich Hints Agent) - C:\Users\breaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-11-03]
OPR Extension: (Auto Pause|Stop for YouTube™) - C:\Users\breaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\iifjklcolgimnhlpdddbfompohhijlgp [2021-01-04]
OPR Extension: (AdBlocker for YouTube™ Video) - C:\Users\breaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\ipcgdillgbfknnenicobgblljfabdedh [2020-09-04]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\breaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-14]
OPR Extension: (Adblock Plus - free ad blocker) - C:\Users\breaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2021-10-01]
OPR Extension: (YouTube Audio Equalizer and Amplifier) - C:\Users\breaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\omhjoogdmejmkjgnbolcjmoadobaacfm [2021-07-31]
OPR Extension: (Audio Equalizer and Amplifier) - C:\Users\breaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\piemmaochhnhfpjkoabfpkglbdchfcge [2021-07-31]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-03-16] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8376400 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [193872 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [680728 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [1700632 2021-11-10] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [427800 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [193872 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\95.0.12827.70\elevation_service.exe [1713640 2021-11-01] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\94.0.4606.27\remoting_host.exe [72536 2021-08-30] (Google LLC -> Google LLC)
R2 Everything; C:\Program Files\Everything\Everything.exe [2254152 2020-08-05] (voidtools -> voidtools)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [62464 2006-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
R2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [11264 2020-06-20] () [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5414976 2021-10-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 SystemServices; C:\Program Files\qemu\SystemServices.exe [122368 2020-01-08] () [File not signed] <==== ATTENTION
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35704 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [222112 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [372232 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250392 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99344 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-11-04] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41344 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [184648 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [538976 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107848 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82904 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [852216 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [557648 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [214384 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [317696 2021-11-10] (Avast Software s.r.o. -> AVAST Software)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [42616 2017-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 VClone; C:\WINDOWS\System32\drivers\VClone.sys [44544 2020-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48520 2021-11-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [435424 2021-11-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-04] (Microsoft Windows -> Microsoft Corporation)
R4 ETD; \SystemRoot\system32\DRIVERS\ETD.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-11-11 17:17 - 2021-11-11 17:18 - 000024140 _____ C:\Users\breaker\Desktop\FRST.txt
2021-11-11 17:10 - 2021-11-11 17:09 - 002312192 _____ (Farbar) C:\Users\breaker\Desktop\RSITx64.exe
2021-11-11 17:06 - 2021-11-11 17:06 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2021-11-11 17:00 - 2021-11-11 17:16 - 000000000 ____D C:\Users\breaker\Desktop\BEATZ
2021-11-11 16:59 - 2021-11-11 17:09 - 002312192 _____ (Farbar) C:\Users\breaker\Downloads\RSITx64.exe
2021-11-11 16:56 - 2021-11-11 16:56 - 000000000 ___HD C:\$WinREAgent
2021-11-04 18:14 - 2021-11-04 18:14 - 000003856 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2021-11-04 18:14 - 2021-11-04 18:14 - 000003272 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2021-11-04 18:14 - 2021-11-04 18:14 - 000002574 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2021-11-04 18:14 - 2021-11-04 18:14 - 000002539 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2021-11-04 18:13 - 2021-11-04 18:13 - 000003510 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineUA
2021-11-04 18:13 - 2021-11-04 18:13 - 000003386 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineCore
2021-11-04 18:13 - 2021-11-04 18:13 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2021-11-04 18:12 - 2021-11-04 18:14 - 000000000 ____D C:\Users\breaker\AppData\Local\Avast Software
2021-11-04 18:11 - 2021-11-04 18:11 - 000002164 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2021-11-04 18:11 - 2021-11-04 18:11 - 000002152 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2021-11-04 18:11 - 2021-11-04 18:11 - 000000000 ____D C:\Users\breaker\AppData\Roaming\Avast Software
2021-11-04 18:05 - 2021-11-10 21:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-11-04 18:04 - 2021-11-11 16:51 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-11-04 18:04 - 2021-11-10 21:51 - 000317696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-11-04 18:04 - 2021-11-04 18:04 - 000852216 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-11-04 18:04 - 2021-11-04 18:04 - 000557648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-11-04 18:04 - 2021-11-04 18:04 - 000538976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-11-04 18:04 - 2021-11-04 18:04 - 000372232 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-11-04 18:04 - 2021-11-04 18:04 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-11-04 18:04 - 2021-11-04 18:04 - 000250392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-11-04 18:04 - 2021-11-04 18:04 - 000222112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-11-04 18:04 - 2021-11-04 18:04 - 000214384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-11-04 18:04 - 2021-11-04 18:04 - 000184648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-11-04 18:04 - 2021-11-04 18:04 - 000107848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-11-04 18:04 - 2021-11-04 18:04 - 000099344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-11-04 18:04 - 2021-11-04 18:04 - 000082904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-11-04 18:04 - 2021-11-04 18:04 - 000041344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-11-04 18:04 - 2021-11-04 18:04 - 000035704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-11-04 18:04 - 2021-11-04 18:04 - 000021936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2021-11-04 18:04 - 2021-11-04 18:04 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2021-11-04 17:58 - 2021-11-04 17:58 - 000000000 ____D C:\Program Files\Avast Software
2021-11-04 17:57 - 2021-11-11 16:49 - 000000000 ____D C:\ProgramData\Avast Software
2021-11-04 17:57 - 2021-11-04 17:57 - 000234272 _____ (AVAST Software) C:\Users\breaker\Downloads\avast_free_antivirus_setup_online.exe
2021-11-04 14:24 - 2021-11-04 14:24 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-11-04 14:24 - 2021-11-04 14:24 - 000000000 ____D C:\Program Files\PCHealthCheck
2021-11-03 19:44 - 2021-11-03 19:44 - 000000000 ____D C:\Users\breaker\Downloads\iZotope Ozone Advanced v7.00 WiN X86 X64-d33p57a7u5
2021-11-03 19:08 - 2021-11-03 19:08 - 000065469 _____ C:\Users\breaker\Downloads\ŽIVOTOPIS.docx.pdf
2021-10-29 10:33 - 2021-10-29 10:34 - 036671644 _____ C:\Users\breaker\Downloads\tak si rikam 26.9 -jen backy 24,10 acapella.wav
2021-10-29 10:33 - 2021-10-29 10:34 - 036671644 _____ C:\Users\breaker\Downloads\tak si rikam 26.9 hotovo s backama nový 24,10 -komplet.wav
2021-10-29 10:33 - 2021-10-29 10:34 - 036671644 _____ C:\Users\breaker\Downloads\tak si rikam 26.9 hotovo bez backů nový 24,10.wav
2021-10-29 10:33 - 2021-10-29 10:33 - 039932632 _____ C:\Users\breaker\Downloads\&#039;Dreaming About You&#039; Smooth Laid Back HipHop Instrumental - Blunted Beatz.wav
2021-10-13 21:30 - 2021-10-13 21:39 - 580076078 _____ C:\Users\breaker\Downloads\Squid.Game.S01E09.1080p.HEVC.x265-MeGusta[eztv.re].mkv
2021-10-13 21:29 - 2021-10-13 21:36 - 368649636 _____ C:\Users\breaker\Downloads\Squid.Game.S01E08.1080p.HEVC.x265-MeGusta[eztv.re].mkv
2021-10-13 21:28 - 2021-10-13 21:39 - 714677701 _____ C:\Users\breaker\Downloads\Squid.Game.S01E07.1080p.HEVC.x265-MeGusta[eztv.re].mkv
2021-10-13 11:24 - 2021-10-13 11:24 - 000203264 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2021-10-13 11:24 - 2021-10-13 11:24 - 000158208 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-10-13 11:24 - 2021-10-13 11:24 - 000040960 _____ C:\WINDOWS\system32\uwfservicingapi.dll
2021-10-13 11:23 - 2021-10-13 11:23 - 000706536 _____ C:\WINDOWS\system32\TextShaping.dll
2021-10-13 11:23 - 2021-10-13 11:23 - 000611960 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-10-13 11:23 - 2021-10-13 11:23 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-10-13 11:23 - 2021-10-13 11:23 - 000098304 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-10-13 11:23 - 2021-10-13 11:23 - 000011495 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-11-11 17:18 - 2020-07-23 07:58 - 000000000 ____D C:\FRST
2021-11-11 17:16 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-11-11 17:13 - 2020-10-11 05:04 - 000000000 ____D C:\Program Files (x86)\Google
2021-11-11 17:12 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-11-11 17:07 - 2021-02-11 18:11 - 000000000 ____D C:\Users\breaker\AppData\Roaming\Wargaming.net
2021-11-11 17:07 - 2020-08-15 00:44 - 000000000 ____D C:\Users\breaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NoteBurner
2021-11-11 17:07 - 2020-08-15 00:44 - 000000000 ____D C:\Program Files (x86)\NoteBurner
2021-11-11 17:03 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-11-11 16:56 - 2021-03-08 05:25 - 000718008 _____ C:\WINDOWS\system32\perfh005.dat
2021-11-11 16:56 - 2021-03-08 05:25 - 000145170 _____ C:\WINDOWS\system32\perfc005.dat
2021-11-11 16:56 - 2021-03-07 20:52 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-11-11 16:56 - 2020-07-27 23:50 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-11-11 16:56 - 2020-07-27 23:50 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-11-11 16:56 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-11-11 16:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-11-11 16:52 - 2020-07-23 03:00 - 000000000 __SHD C:\Users\breaker\IntelGraphicsProfiles
2021-11-11 16:48 - 2021-04-26 07:51 - 000003214 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7138aa8a4db57
2021-11-11 16:48 - 2021-03-07 20:49 - 000003784 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1595468730
2021-11-11 16:48 - 2021-03-07 20:49 - 000003526 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1595468726
2021-11-11 16:48 - 2021-03-07 20:49 - 000003408 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-11-11 16:48 - 2021-03-07 20:49 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-11-11 16:48 - 2021-03-07 20:49 - 000003184 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-11-11 16:48 - 2021-03-07 20:49 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-11-11 16:48 - 2021-03-07 20:49 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3720380324-1310689710-1488900297-1002
2021-11-11 16:48 - 2021-03-07 20:49 - 000002856 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3720380324-1310689710-1488900297-500
2021-11-11 16:48 - 2021-03-07 20:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-11-11 16:48 - 2021-03-07 20:42 - 000008192 ___SH C:\DumpStack.log.tmp
2021-11-11 16:48 - 2020-07-23 02:28 - 000000000 ____D C:\ProgramData\NVIDIA
2021-11-11 01:09 - 2020-09-02 00:59 - 000000000 ____D C:\Users\breaker\AppData\Local\Everything
2021-11-11 01:09 - 2020-09-01 22:42 - 000000000 ____D C:\Users\breaker\AppData\Roaming\Everything
2021-11-11 01:09 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-11-10 22:55 - 2021-03-07 20:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-11-09 02:13 - 2021-03-07 20:43 - 000000000 ____D C:\Users\breaker
2021-11-06 13:05 - 2020-07-23 01:49 - 000000000 ____D C:\Users\breaker\AppData\Local\Packages
2021-11-06 13:04 - 2020-07-23 02:36 - 000000000 ____D C:\Users\breaker\AppData\Local\PlaceholderTileLogoFolder
2021-11-06 04:55 - 2021-03-07 20:43 - 000002387 _____ C:\Users\breaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-11-04 18:04 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-11-04 14:35 - 2019-11-16 00:59 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-11-03 21:34 - 2020-07-25 18:17 - 000000000 ____D C:\Users\breaker\AppData\Roaming\qBittorrent
2021-10-28 22:41 - 2020-10-11 05:07 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-28 22:41 - 2020-10-11 05:07 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-10-28 03:08 - 2020-09-12 19:19 - 000000000 ____D C:\Users\breaker\AppData\Roaming\vlc
2021-10-28 03:06 - 2020-07-23 02:45 - 000001415 _____ C:\Users\breaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2021-10-13 11:44 - 2021-03-07 20:42 - 000552656 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-10-13 11:44 - 2019-12-07 10:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-10-13 11:44 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-10-13 11:44 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-10-13 11:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-10-13 11:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-10-13 11:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-10-13 11:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-10-13 11:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-10-13 11:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-10-13 11:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-10-13 11:17 - 2020-07-23 03:17 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-10-13 11:15 - 2020-07-23 03:17 - 139806512 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-10-13 08:50 - 2020-08-24 16:48 - 000000000 ____D C:\Users\breaker\AppData\Local\ElevatedDiagnostics

==================== Files in the root of some directories ========

2020-08-06 19:21 - 2020-05-12 22:18 - 077719552 _____ (Serato) C:\Users\breaker\AppData\Local\Serato DJ Pro.exe
2020-08-06 19:21 - 2020-05-12 22:18 - 006314496 _____ (Serato) C:\Users\breaker\AppData\Local\SeratoVideo.exe
2020-08-06 19:21 - 2020-05-12 22:54 - 000000429 _____ () C:\Users\breaker\AppData\Local\_ReadMe.txt

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-11-2021
Ran by breaker (11-11-2021 17:19:44)
Running from C:\Users\breaker\Desktop
Microsoft Windows 10 Pro Version 20H2 19042.1288 (X64) (2021-03-07 19:49:29)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3720380324-1310689710-1488900297-500 - Administrator - Disabled)
breaker (S-1-5-21-3720380324-1310689710-1488900297-1002 - Administrator - Enabled) => C:\Users\breaker
DefaultAccount (S-1-5-21-3720380324-1310689710-1488900297-503 - Limited - Disabled)
Guest (S-1-5-21-3720380324-1310689710-1488900297-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3720380324-1310689710-1488900297-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACID Music Studio 10.0 (HKLM-x32\...\{A8016D8F-6838-11E3-8FB5-F04DA23A5C58}) (Version: 10.0.99 - Sony)
Apple Mobile Device Support (HKLM\...\{74CC99EB-7DC0-4CB0-847A-F8C2FE39690C}) (Version: 14.5.0.7 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 21.9.2494 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 95.0.12827.70 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1189.1 - AVAST Software) Hidden
balenaEtcher 1.5.120 (HKU\S-1-5-21-3720380324-1310689710-1488900297-1002\...\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b) (Version: 1.5.120 - Balena Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.75.1089 - AB Team, d.o.o.)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
Everything 1.4.1.988 (x64) (HKLM\...\Everything) (Version: 1.4.1.988 - David Carpenter)
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 95.0.4638.69 - Google LLC)
Chrome Remote Desktop Host (HKLM-x32\...\{1180A2CA-8F3D-4AD0-A1EF-1ED38327C683}) (Version: 94.0.4606.27 - Google LLC)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{754CC9DC-3DB4-4FB2-B71E-87331DB9EA17}) (Version: 7.5.4 - Intel Corporation)
iTunes (HKLM\...\{24F63AF4-683F-4952-A586-7FFB990F7A14}) (Version: 12.10.11.2 - Apple Inc.)
Lexicon Lambda Driver (HKLM-x32\...\Lexicon Lambda Driver) (Version: 2.7 - Lexicon)
LibreOffice 7.0.4.2 (HKLM\...\{B3171B83-4945-43E0-A101-841638C05506}) (Version: 7.0.4.2 - The Document Foundation)
MAGIX Burn routines (HKLM\...\{712D74A5-4C3D-41E6-A850-1696E54B28CD}) (Version: 11.0.0.237 - MAGIX AG)
MAGIX Content and Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Music Maker 2014 Premium (HKLM\...\{088A4B09-8FB2-48D0-932A-7F90BE050543}) (Version: 20.0.2.35 - MAGIX AG) Hidden
MAGIX Music Maker 2014 Premium (HKLM-x32\...\MX.{088A4B09-8FB2-48D0-932A-7F90BE050543}) (Version: 20.0.2.35 - MAGIX AG)
MAGIX Music Maker 2014 Premium Update (HKLM\...\{FA7FF0B9-7F88-4C02-AA4A-B500467EDAF1}) (Version: 20.0.4.49 - MAGIX AG) Hidden
MAGIX Music Maker 2014 Trial Soundpools (HKLM\...\{47950763-DE1D-4C64-BEDE-D579CA9688CB}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM\...\{5C375A31-ED71-4CA0-91E0-8FA47E72D56D}) (Version: 7.0.1.27 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{5C375A31-ED71-4CA0-91E0-8FA47E72D56D}) (Version: 7.0.1.27 - MAGIX AG)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 95.0.1020.44 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3720380324-1310689710-1488900297-1002\...\OneDriveSetup.exe) (Version: 21.205.1003.0005 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24516 (HKLM\...\{6B66663C-055F-3A2E-A09D-168840A82362}) (Version: 14.0.24516 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24516 (HKLM\...\{EE6E34BF-D825-384C-AFF5-305DF5CFAF5A}) (Version: 14.0.24516 - Microsoft Corporation)
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24516 (HKLM-x32\...\{B4EB15A2-6582-346E-8501-B6E907F23B80}) (Version: 14.0.24516 - Microsoft Corporation)
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24516 (HKLM-x32\...\{7B82F823-A226-3463-B438-AF4DDDE2B810}) (Version: 14.0.24516 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{FD9D64F4-CAF5-3D23-845A-B843C78CC1A5}) (Version: 10.0.60830 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
NVIDIA GeForce Experience 2.4.3.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.3.22 - NVIDIA Corporation)
NVIDIA Graphics Driver 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
Opera Stable 80.0.4170.72 (HKU\S-1-5-21-3720380324-1310689710-1488900297-1002\...\Opera 80.0.4170.72) (Version: 80.0.4170.72 - Opera Software)
qBittorrent 4.3.0.1 (HKLM-x32\...\qBittorrent) (Version: 4.3.0.1 - The qBittorrent project)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version: - )
rekordbox 6.0.4 64bit (HKLM\...\Pioneer rekordbox 6.0.4) (Version: 6.0.4.0001 - AlphaTheta)
Remote Mouse version 3.012 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 3.012 - Remote Mouse)
Serato DJ Pro (HKLM\...\{1385396C-5CC0-4FCC-8496-DD4C328EC2D7}) (Version: 2.3.5.644 - Serato Limited) Hidden
Serato DJ Pro (HKLM-x32\...\{63607775-1fed-4dfc-8a10-a01c80e22e99}) (Version: 2.3.5.644 - Serato Limited)
Steinberg Cubase 5 (HKLM-x32\...\{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}) (Version: 5.1.0 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 1.0.0.1 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg HALionOne (HKLM-x32\...\{E70E7159-93B1-470D-9FBD-D8E9EF34B538}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Additional Content Set 01 (HKLM-x32\...\{F3AFD063-8BAD-485E-B641-E7F5A2C5AE71}) (Version: 1.0.0.001 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Expression Set (HKLM-x32\...\{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}) (Version: 1.0.1.0 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Drum Set (HKLM-x32\...\{AC997F93-0757-4ED4-A701-F40C2D654D09}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Set (HKLM-x32\...\{F057965A-D974-4C64-ADB1-4381CD4B8956}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Pro Set (HKLM-x32\...\{D82CDA0D-C182-42C8-8FF2-5649C98D6003}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Drum Set (HKLM-x32\...\{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Set (HKLM-x32\...\{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 1.0.0.005 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 1.0.0.006 - Steinberg Media Technologies GmbH)
SynthMaster One (HKLM\...\{06630CE5-6BCE-4FE9-AF2F-EBECBDC0E562}_is1) (Version: 1.3.4 - KV331 Audio & Team V.R)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.2.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Windows PC Health Check (HKLM\...\{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91}) (Version: 3.2.2110.14001 - Microsoft Corporation)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
Worms: Armageddon (HKLM-x32\...\1462173886_is1) (Version: gog-3.8.1 - GOG.com)
Základní software zařízení HP Deskjet 1010 series (HKLM\...\{E0F44953-3A96-4087-8C1F-0966A8DA58FB}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)

Packages:
=========
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_13.0.10.0_x86__m9bz608c1b9ra [2021-07-29] (Nordcurrent)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-01-10] (Microsoft Corporation)
Fishdom -> C:\Program Files\WindowsApps\PLRWorldwideSales.FishdomPlayrix_6.0.2.0_x64__1feq88045d2v2 [2021-10-14] (Playrix)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-07] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-07] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.10270.0_x64__8wekyb3d8bbwe [2021-11-02] (Microsoft Studios) [MS Ad]
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.501.362.0_x86__55nm5eh3cm0pr [2021-10-29] (ROBLOX Corporation)
Vodafone Mobile Broadband -> C:\Program Files\WindowsApps\VodafoneGroupServices.VodafoneMobileBroadband_2.10.46.0_x64__cx08jceyq9bcp [2021-11-06] (Vodafone Group Services)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3720380324-1310689710-1488900297-1002_Classes\CLSID\{3A999A50-AB25-4A20-90A9-08F71FCE320F}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\x64\3\hpcdmc64.dll (Microsoft Windows Hardware Compatibility Publisher -> HP)
CustomCLSID: HKU\S-1-5-21-3720380324-1310689710-1488900297-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3720380324-1310689710-1488900297-1002_Classes\CLSID\{98087D89-B93F-4BCF-A998-AE4D9F607C14}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\x64\3\hpcdmc64.dll (Microsoft Windows Hardware Compatibility Publisher -> HP)
CustomCLSID: HKU\S-1-5-21-3720380324-1310689710-1488900297-1002_Classes\CLSID\{B286F068-5B17-4AE8-989B-8F9A199C47BA}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\x64\3\hpcdmc64.dll (Microsoft Windows Hardware Compatibility Publisher -> HP)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-11-04] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-11-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-11-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2020-02-23] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2020-02-23] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-11-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-11-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\breaker\Desktop\Chrome Remote Desktop.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=efmjfjelnicpmdcmfikempdhlmainjcb
ShortcutWithArgument: C:\Users\breaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Chrome Remote Desktop.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=efmjfjelnicpmdcmfikempdhlmainjcb

==================== Loaded Modules (Whitelisted) =============

2020-07-23 02:29 - 2015-05-10 22:12 - 001847600 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll
2020-09-04 01:58 - 2019-04-19 16:12 - 001391104 _____ (Remote Mouse) [File not signed] C:\Program Files (x86)\Remote Mouse\windows_api.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2020-11-12 01:59 - 2020-11-12 01:59 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3720380324-1310689710-1488900297-1002\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{BA76DBC0-FF47-4C5A-A563-E89C94266E68}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [TCP Query User{A0BB0218-BB54-4963-B33C-246E5AE8B556}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [UDP Query User{1D43EEC8-8AB6-47BE-B794-F9C5F6BF0E41}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [TCP Query User{6C077D38-D9B9-4E9B-B5E3-85A047236B5F}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [UDP Query User{F6F6DACF-34B2-4586-9BE1-0F2BC13B2FB8}C:\users\breaker\appdata\local\programs\opera\73.0.3856.344\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\73.0.3856.344\opera.exe => No File
FirewallRules: [TCP Query User{F5F51E17-3158-46F9-A57B-7FB42EF8E16B}C:\users\breaker\appdata\local\programs\opera\73.0.3856.344\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\73.0.3856.344\opera.exe => No File
FirewallRules: [UDP Query User{D86CFB3E-2711-4958-BFF3-A0288A9FD1D4}C:\users\breaker\appdata\local\programs\opera\73.0.3856.329\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\73.0.3856.329\opera.exe => No File
FirewallRules: [TCP Query User{08E43C4E-2292-44CB-8B62-0781F868A4FC}C:\users\breaker\appdata\local\programs\opera\73.0.3856.329\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\73.0.3856.329\opera.exe => No File
FirewallRules: [UDP Query User{36C76E4A-3BEA-4B54-8884-061C038B32A8}C:\counter-strike 1.6\hl.exe] => (Allow) C:\counter-strike 1.6\hl.exe => No File
FirewallRules: [TCP Query User{F48A4ED3-FA00-4A0D-80B4-650118447C46}C:\counter-strike 1.6\hl.exe] => (Allow) C:\counter-strike 1.6\hl.exe => No File
FirewallRules: [UDP Query User{75C9D0CC-69F2-4576-9582-5E287B006E94}C:\users\breaker\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\73.0.3856.284\opera.exe => No File
FirewallRules: [TCP Query User{331C441A-EED8-4229-85A3-6504FF015FA0}C:\users\breaker\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\73.0.3856.284\opera.exe => No File
FirewallRules: [{0C3ADD07-8794-4A9A-88DF-BE3E78D8D44C}] => (Allow) C:\Program Files\HP\HP Deskjet 1010 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{639140DF-2C34-4482-A2A3-7A913A3EA56C}] => (Allow) C:\Program Files\HP\HP Deskjet 1010 series\Bin\USBSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [UDP Query User{3C25A652-4509-40D1-94EB-DE85AF9501F5}C:\users\breaker\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\72.0.3815.400\opera.exe => No File
FirewallRules: [TCP Query User{4FB93205-2394-4DF4-9BA5-B000604A2318}C:\users\breaker\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\72.0.3815.400\opera.exe => No File
FirewallRules: [UDP Query User{1F24942F-7428-45FF-9D73-DDA5C158932E}C:\users\breaker\appdata\local\programs\opera\72.0.3815.320\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\72.0.3815.320\opera.exe => No File
FirewallRules: [TCP Query User{6B4B0E33-666C-4CEE-A001-6BF3E2ED7505}C:\users\breaker\appdata\local\programs\opera\72.0.3815.320\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\72.0.3815.320\opera.exe => No File
FirewallRules: [{611C78A6-2685-4CC5-B967-EC04C4364525}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{565F75FD-F46E-4584-A383-65EE6248D5E6}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [UDP Query User{CAF4B52D-CCC7-43C6-A33A-68891D29DBC7}C:\users\breaker\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\72.0.3815.186\opera.exe => No File
FirewallRules: [TCP Query User{372721BB-08FB-4C12-8C26-E1820969234B}C:\users\breaker\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\72.0.3815.186\opera.exe => No File
FirewallRules: [UDP Query User{A6CF546A-F802-4031-8ABB-E6A7F508566B}C:\users\breaker\appdata\local\programs\opera\71.0.3770.284\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\71.0.3770.284\opera.exe => No File
FirewallRules: [TCP Query User{CCB8B022-7E66-40A2-94CE-DF6EB1A5B2E8}C:\users\breaker\appdata\local\programs\opera\71.0.3770.284\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\71.0.3770.284\opera.exe => No File
FirewallRules: [UDP Query User{76063F6A-2F4B-4653-B237-929E0A8E8616}C:\users\breaker\appdata\local\programs\opera\71.0.3770.271\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\71.0.3770.271\opera.exe => No File
FirewallRules: [TCP Query User{9320B8C8-0D82-4BED-B5FF-336F7220512E}C:\users\breaker\appdata\local\programs\opera\71.0.3770.271\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\71.0.3770.271\opera.exe => No File
FirewallRules: [UDP Query User{61017C21-83C2-49B2-9A15-4070DB5B7D28}C:\users\breaker\appdata\local\programs\opera\71.0.3770.228\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\71.0.3770.228\opera.exe => No File
FirewallRules: [TCP Query User{5753650B-0486-42D3-9862-8D90421D9C21}C:\users\breaker\appdata\local\programs\opera\71.0.3770.228\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\71.0.3770.228\opera.exe => No File
FirewallRules: [UDP Query User{EF09E132-4022-43E5-8CAD-85AE4C54116B}C:\users\breaker\appdata\local\programs\opera\70.0.3728.189\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\70.0.3728.189\opera.exe => No File
FirewallRules: [TCP Query User{02EEA0F8-07D4-4514-865E-D3B784FC6567}C:\users\breaker\appdata\local\programs\opera\70.0.3728.189\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\70.0.3728.189\opera.exe => No File
FirewallRules: [{2A27D970-0BD7-43DE-8E80-386FDAAD9B28}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe (RemoteMouse.net) [File not signed]
FirewallRules: [{A59360AE-5F8C-4ED1-9445-4444618EFF28}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe (RemoteMouse.net) [File not signed]
FirewallRules: [{0B8F4D25-CCD5-41A1-86DB-FC72AC54B6C2}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe (remotemouse.net) [File not signed]
FirewallRules: [{1D979186-7D16-46C6-8CC0-5CD6C9C2C98D}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe (remotemouse.net) [File not signed]
FirewallRules: [UDP Query User{D5658D1A-3F9D-4EA1-9D6B-9827FFE2D5CC}C:\users\breaker\appdata\local\programs\opera\70.0.3728.106\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\70.0.3728.106\opera.exe => No File
FirewallRules: [TCP Query User{ADF858E8-4374-43B0-9557-BFCF0FAF8537}C:\users\breaker\appdata\local\programs\opera\70.0.3728.106\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\70.0.3728.106\opera.exe => No File
FirewallRules: [{8E26BC2F-52FC-4DDC-8A30-3A36D5460015}] => (Allow) C:\Program Files\Pioneer\rekordbox 6.0.4\rekordboxAgent-win32-x64\rekordboxAgent.exe (AlphaTheta Corporation -> AlphaTheta Corporation)
FirewallRules: [{01AC0DE0-1FA6-4ECE-A315-B5DD4046FF63}] => (Allow) C:\Program Files\Pioneer\rekordbox 6.0.4\rbHttpServer.exe (AlphaTheta Corporation -> )
FirewallRules: [{5F44FF24-8A71-4475-8027-1FFBC822A5BE}] => (Allow) C:\Program Files\Pioneer\rekordbox 6.0.4\ls-unity-rekordbox-win-64bit.exe (AlphaTheta Corporation -> )
FirewallRules: [{15617D38-F245-40FA-96E7-2F2BF5694275}] => (Allow) C:\Program Files\Pioneer\rekordbox 6.0.4\edb_streamd.exe (AlphaTheta Corporation -> )
FirewallRules: [{7FE542D8-F828-4205-93F4-97E2BB1310FE}] => (Allow) C:\Program Files\Pioneer\rekordbox 6.0.4\psvlinksysmgr.exe (AlphaTheta Corporation -> AlphaTheta Corporation.)
FirewallRules: [{79516EAA-8127-4168-8B49-0E2F93A891D0}] => (Allow) C:\Program Files\Pioneer\rekordbox 6.0.4\psvnfsd.exe (AlphaTheta Corporation -> AlphaTheta Corporation.)
FirewallRules: [{CD55739B-34BD-492F-87C6-939252EA4876}] => (Allow) C:\Program Files\Pioneer\rekordbox 6.0.4\rekordbox.exe (AlphaTheta Corporation -> AlphaTheta Corporation)
FirewallRules: [UDP Query User{4A54E030-F3ED-42B4-A9EF-48BB68BBB507}C:\users\breaker\appdata\local\programs\opera\69.0.3686.95\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\69.0.3686.95\opera.exe => No File
FirewallRules: [TCP Query User{5B5A4663-98A9-4E48-9F27-108E3E7C697D}C:\users\breaker\appdata\local\programs\opera\69.0.3686.95\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\69.0.3686.95\opera.exe => No File
FirewallRules: [UDP Query User{F3C2E6C8-CCF7-4433-ADAB-CA9D48D54D58}C:\users\breaker\appdata\local\programs\opera\69.0.3686.77\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\69.0.3686.77\opera.exe => No File
FirewallRules: [TCP Query User{98C10FC1-F784-4FFC-A2F6-EE535C9A261B}C:\users\breaker\appdata\local\programs\opera\69.0.3686.77\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\69.0.3686.77\opera.exe => No File
FirewallRules: [TCP Query User{5938F8BD-E41F-4DFF-882F-C992CC1D8D79}C:\users\breaker\appdata\local\programs\opera\74.0.3911.203\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\74.0.3911.203\opera.exe => No File
FirewallRules: [UDP Query User{E57424FE-C333-44F8-A63B-9B82C338879F}C:\users\breaker\appdata\local\programs\opera\74.0.3911.203\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\74.0.3911.203\opera.exe => No File
FirewallRules: [TCP Query User{33642081-EF61-48A8-9D60-B0146D45483D}C:\users\breaker\appdata\local\programs\opera\74.0.3911.218\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\74.0.3911.218\opera.exe => No File
FirewallRules: [UDP Query User{4A7E2CD5-4560-4CCC-A7BA-436FD536DBFE}C:\users\breaker\appdata\local\programs\opera\74.0.3911.218\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\74.0.3911.218\opera.exe => No File
FirewallRules: [TCP Query User{E348EAE0-AD15-46E9-AD02-727EDB070DB7}C:\users\breaker\appdata\local\programs\opera\75.0.3969.149\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\75.0.3969.149\opera.exe => No File
FirewallRules: [UDP Query User{8D6B8BEA-006E-4792-AB0D-7BBDD9A119D3}C:\users\breaker\appdata\local\programs\opera\75.0.3969.149\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\75.0.3969.149\opera.exe => No File
FirewallRules: [TCP Query User{333B0888-C62C-460F-8F81-4A1F249E147F}C:\users\breaker\appdata\local\programs\opera\75.0.3969.171\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\75.0.3969.171\opera.exe => No File
FirewallRules: [UDP Query User{2C9AC83F-1791-45B9-AAEB-600FBE0117C1}C:\users\breaker\appdata\local\programs\opera\75.0.3969.171\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\75.0.3969.171\opera.exe => No File
FirewallRules: [TCP Query User{C6587BA7-4C52-4D48-8C1A-8BBC7ECC1318}C:\users\breaker\appdata\local\programs\opera\75.0.3969.243\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\75.0.3969.243\opera.exe => No File
FirewallRules: [UDP Query User{00F60EBB-E05A-40D5-B12F-03C2D771241A}C:\users\breaker\appdata\local\programs\opera\75.0.3969.243\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\75.0.3969.243\opera.exe => No File
FirewallRules: [TCP Query User{05AF10F0-9249-44C3-B535-69F264A54389}C:\users\breaker\appdata\local\programs\opera\76.0.4017.107\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\76.0.4017.107\opera.exe => No File
FirewallRules: [UDP Query User{0A0E8D8A-CA99-4A47-BD41-75FC93962C97}C:\users\breaker\appdata\local\programs\opera\76.0.4017.107\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\76.0.4017.107\opera.exe => No File
FirewallRules: [TCP Query User{124A0635-57DA-4EE6-A6F0-7758C2828C23}C:\program files (x86)\warzone\csgo warzone\csgo.exe] => (Allow) C:\program files (x86)\warzone\csgo warzone\csgo.exe => No File
FirewallRules: [UDP Query User{09ACD6C3-1073-4EC6-A376-6C9985AAC168}C:\program files (x86)\warzone\csgo warzone\csgo.exe] => (Allow) C:\program files (x86)\warzone\csgo warzone\csgo.exe => No File
FirewallRules: [TCP Query User{A380BF8B-3718-4308-A837-C4F7558E9369}C:\users\breaker\appdata\local\programs\opera\76.0.4017.123\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\76.0.4017.123\opera.exe => No File
FirewallRules: [UDP Query User{FA3A8D2E-B950-43DC-A938-2D084A290E98}C:\users\breaker\appdata\local\programs\opera\76.0.4017.123\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\76.0.4017.123\opera.exe => No File
FirewallRules: [TCP Query User{2BB3E5C8-D22C-4B3F-A599-3A14135523CE}C:\users\breaker\appdata\local\programs\opera\76.0.4017.154\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\76.0.4017.154\opera.exe => No File
FirewallRules: [UDP Query User{F26823D5-164F-4CDF-9C09-75B6FA802BB8}C:\users\breaker\appdata\local\programs\opera\76.0.4017.154\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\76.0.4017.154\opera.exe => No File
FirewallRules: [TCP Query User{132F2A16-732E-4836-A6A1-70DF7F7D886E}C:\users\breaker\appdata\local\programs\opera\77.0.4054.90\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\77.0.4054.90\opera.exe => No File
FirewallRules: [UDP Query User{0780AD99-CE52-41E7-B8D4-3CC70BB520ED}C:\users\breaker\appdata\local\programs\opera\77.0.4054.90\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\77.0.4054.90\opera.exe => No File
FirewallRules: [TCP Query User{447BAC40-B08F-493C-8FC7-C26D3409743E}C:\users\breaker\appdata\local\programs\opera\78.0.4093.147\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\78.0.4093.147\opera.exe => No File
FirewallRules: [UDP Query User{A5EDEEB6-EB2F-426B-93C7-E1DD83BA39B1}C:\users\breaker\appdata\local\programs\opera\78.0.4093.147\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\78.0.4093.147\opera.exe => No File
FirewallRules: [TCP Query User{93CBEF58-B2D6-41ED-99E4-136744F61D19}C:\program files\serato\serato dj pro\serato dj pro.exe] => (Block) C:\program files\serato\serato dj pro\serato dj pro.exe (Serato) [File not signed]
FirewallRules: [UDP Query User{931290A0-D500-4F26-B356-066223DA0D52}C:\program files\serato\serato dj pro\serato dj pro.exe] => (Block) C:\program files\serato\serato dj pro\serato dj pro.exe (Serato) [File not signed]
FirewallRules: [{B699DC9E-D63C-435E-BAF5-6C9A6FE16078}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\94.0.4606.27\remoting_host.exe (Google LLC -> Google LLC)
FirewallRules: [{32664722-5655-452E-B168-BBCE1A53EF8A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12120.6.54012.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{A8EF778D-7CE7-421E-93D6-C737FD109810}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12120.6.54012.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{A36CBF9F-BF47-42B8-82BF-7E55616D725D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12120.6.54012.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{156B998F-E27A-45CC-AB16-2FF51901C8C5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12120.6.54012.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{F788EF34-CC3E-4C3A-9064-ACC393DA5E53}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12120.6.54012.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{73E24AB8-BF31-456D-A862-05AB083FE132}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12120.6.54012.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{495BFA92-FEBD-4908-A0E0-9914A3619309}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12120.6.54012.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{D3FFC166-60FA-42D7-BAF8-E8E5038F68A4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12120.6.54012.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{7B625DBE-D1F2-40D2-A302-C42BA979E290}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8BBEE8DC-A5B2-4578-89EB-8931193EFE1A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5F1A4D18-32D8-468C-8542-D7AF8C3EB354}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{357AC3C2-DC34-4BC2-A104-B2C575514D22}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{42FA8E4E-B2D9-46F7-A623-119CEFC94596}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{4071E993-11D1-4018-8A9E-BFACEC840D3B}C:\users\breaker\appdata\local\programs\opera\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{ACE55ADF-534D-4904-9083-0342FA70CEB6}C:\users\breaker\appdata\local\programs\opera\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{A089311C-3373-4959-B756-BF01294E48FE}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{04D1456F-5E54-4EE4-8437-A81CAFDC339F}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{E778B368-6F74-4D52-ADE7-59247270F464}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{E912DEBD-606A-418C-AC2F-915EAD9CCA17}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{9698C42C-3B46-4B34-814C-995F23DD383E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0326C0BD-9379-427A-94C7-6798CD23BD04}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D21C7FC7-5C69-41A2-AD23-32D8A04D3F03}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E2B8D5BA-D3CF-4A50-B7BA-3ED0208AD1DB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

23-10-2021 00:12:09 Scheduled Checkpoint
31-10-2021 00:08:43 Scheduled Checkpoint
09-11-2021 00:36:19 Scheduled Checkpoint
11-11-2021 17:05:55 Removed Firebird SQL Server - MAGIX Edition

==================== Faulty Device Manager Devices ============

Name: Základní systémové zařízení
Description: Základní systémové zařízení
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Kompatibilní myš PS/2
Description: Kompatibilní myš PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Základní systémové zařízení
Description: Základní systémové zařízení
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (11/11/2021 05:21:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: nvstreamsvc.exe, verze: 4.1.1953.6972, časové razítko: 0x5541bef1
Název chybujícího modulu: nvstreamsvc.exe, verze: 4.1.1953.6972, časové razítko: 0x5541bef1
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000687be2
ID chybujícího procesu: 0x1504
Čas spuštění chybující aplikace: 0x01d7d7181f0cf8fd
Cesta k chybující aplikaci: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
Cesta k chybujícímu modulu: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
ID zprávy: 313d5bde-7a90-40bf-947c-dba378d15e0f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/11/2021 05:21:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: nvstreamsvc.exe, verze: 4.1.1953.6972, časové razítko: 0x5541bef1
Název chybujícího modulu: nvstreamsvc.exe, verze: 4.1.1953.6972, časové razítko: 0x5541bef1
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000687be2
ID chybujícího procesu: 0x1524
Čas spuštění chybující aplikace: 0x01d7d7181dde0f44
Cesta k chybující aplikaci: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
Cesta k chybujícímu modulu: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
ID zprávy: 8e08edb7-94bf-457c-a5e6-a95fb7a9334e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/11/2021 05:20:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: nvstreamsvc.exe, verze: 4.1.1953.6972, časové razítko: 0x5541bef1
Název chybujícího modulu: nvstreamsvc.exe, verze: 4.1.1953.6972, časové razítko: 0x5541bef1
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000687be2
ID chybujícího procesu: 0x112c
Čas spuštění chybující aplikace: 0x01d7d7181c76afa9
Cesta k chybující aplikaci: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
Cesta k chybujícímu modulu: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
ID zprávy: 53638732-bc1c-424c-b91d-046868eb29fb
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/11/2021 05:20:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: nvstreamsvc.exe, verze: 4.1.1953.6972, časové razítko: 0x5541bef1
Název chybujícího modulu: nvstreamsvc.exe, verze: 4.1.1953.6972, časové razítko: 0x5541bef1
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000687be2
ID chybujícího procesu: 0x33f8
Čas spuštění chybující aplikace: 0x01d7d7181b3ab250
Cesta k chybující aplikaci: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
Cesta k chybujícímu modulu: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
ID zprávy: 1978f38c-2144-4df1-9f7d-98365834d8d8
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/11/2021 05:20:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: nvstreamsvc.exe, verze: 4.1.1953.6972, časové razítko: 0x5541bef1
Název chybujícího modulu: nvstreamsvc.exe, verze: 4.1.1953.6972, časové razítko: 0x5541bef1
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000687be2
ID chybujícího procesu: 0x670
Čas spuštění chybující aplikace: 0x01d7d7181a0a5bcf
Cesta k chybující aplikaci: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
Cesta k chybujícímu modulu: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
ID zprávy: 61014c2d-f0f8-4ebd-800f-d05825a52e6e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/11/2021 05:20:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: nvstreamsvc.exe, verze: 4.1.1953.6972, časové razítko: 0x5541bef1
Název chybujícího modulu: nvstreamsvc.exe, verze: 4.1.1953.6972, časové razítko: 0x5541bef1
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000687be2
ID chybujícího procesu: 0x14e8
Čas spuštění chybující aplikace: 0x01d7d71818a8ec26
Cesta k chybující aplikaci: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
Cesta k chybujícímu modulu: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
ID zprávy: d5ee1f71-668e-4833-a748-f79e4660e8b1
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/11/2021 05:20:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: nvstreamsvc.exe, verze: 4.1.1953.6972, časové razítko: 0x5541bef1
Název chybujícího modulu: nvstreamsvc.exe, verze: 4.1.1953.6972, časové razítko: 0x5541bef1
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000687be2
ID chybujícího procesu: 0x2048
Čas spuštění chybující aplikace: 0x01d7d718177223c5
Cesta k chybující aplikaci: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
Cesta k chybujícímu modulu: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
ID zprávy: b702626c-855c-41d3-815d-2bfe7b1bae91
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/11/2021 05:20:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: nvstreamsvc.exe, verze: 4.1.1953.6972, časové razítko: 0x5541bef1
Název chybujícího modulu: nvstreamsvc.exe, verze: 4.1.1953.6972, časové razítko: 0x5541bef1
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000687be2
ID chybujícího procesu: 0x9e8
Čas spuštění chybující aplikace: 0x01d7d718163c0fd7
Cesta k chybující aplikaci: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
Cesta k chybujícímu modulu: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
ID zprávy: 44b6e26c-3fe2-4d5b-99a2-dad8d0689bd7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (11/11/2021 04:52:06 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba MessagingService_eaa57 byla ukončena s následující chybou:
Zařízení není připraveno.

Error: (11/11/2021 04:48:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SystemServices neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (11/11/2021 04:48:58 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby SystemServices bylo dosaženo časového limitu (45000 ms).

Error: (11/10/2021 09:44:09 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba MessagingService_5435a byla ukončena s následující chybou:
Zařízení není připraveno.

Error: (11/10/2021 09:44:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SystemServices neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (11/10/2021 09:44:07 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby SystemServices bylo dosaženo časového limitu (45000 ms).

Error: (11/10/2021 09:43:53 PM) (Source: volmgr) (EventID: 161) (User: )
Description: Soubor s výpisem paměti se nepodařilo vytvořit kvůli chybě při vytváření výpisu paměti.

Error: (11/10/2021 09:43:59 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (9:33:10 PM, ‎11/‎10/‎2021) bylo neočekávané.


Windows Defender:
================
Date: 2021-10-31 01:07:39
Description:
Prohledávání Microsoft Defender Antivirus bylo zastaveno před dokončením.
ID prohledávání: {5083C281-FA33-4E85-AE3B-B73619B1B31A}
Typ prohledávání: Antimalware
Parametry prohledávání: Quick Scan
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-10-28 11:07:50
Description:
Prohledávání Microsoft Defender Antivirus bylo zastaveno před dokončením.
ID prohledávání: {A777A374-9C1A-451B-80FC-9E644A4AAF54}
Typ prohledávání: Antimalware
Parametry prohledávání: Quick Scan
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-10-28 05:36:27
Description:
Prohledávání Microsoft Defender Antivirus bylo zastaveno před dokončením.
ID prohledávání: {12392BAA-792E-49F2-BF46-47ABA227A6E2}
Typ prohledávání: Antimalware
Parametry prohledávání: Quick Scan
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-10-24 11:08:42
Description:
Prohledávání Microsoft Defender Antivirus bylo zastaveno před dokončením.
ID prohledávání: {F653358C-FAB1-4A6A-9430-259DDE75B200}
Typ prohledávání: Antimalware
Parametry prohledávání: Quick Scan
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-10-20 22:43:12
Description:
Prohledávání Microsoft Defender Antivirus bylo zastaveno před dokončením.
ID prohledávání: {685482C4-59CB-4005-BCA0-DD8CFA60A4D4}
Typ prohledávání: Antimalware
Parametry prohledávání: Quick Scan
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2021-10-13 12:55:57
Description:
Microsoft Defender Antivirus narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.351.314.0
Zdroj aktualizace: Microsoft Update Server
Typ bezpečnostních informací: AntiVirus
Typ aktualizace: Full
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18600.4
Kód chyby: 0x8024402c
Popis chyby: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Date: 2021-10-08 18:51:58
Description:
Microsoft Defender Antivirus narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.349.2139.0
Zdroj aktualizace: Microsoft Update Server
Typ bezpečnostních informací: AntiVirus
Typ aktualizace: Full
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18500.10
Kód chyby: 0x80240022
Popis chyby: The program can't check for definition updates.

Date: 2021-10-08 18:51:58
Description:
Microsoft Defender Antivirus narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.349.2139.0
Zdroj aktualizace: Microsoft Update Server
Typ bezpečnostních informací: AntiVirus
Typ aktualizace: Full
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18500.10
Kód chyby: 0x80240022
Popis chyby: The program can't check for definition updates.

CodeIntegrity:
===============
Date: 2021-11-11 17:19:38
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Avast Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-11-11 17:18:27
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2021-11-11 17:16:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: Acer V2.04 09/14/2012
Motherboard: Acer VA50_HC_CR
Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 57%
Total physical RAM: 8007.27 MB
Available physical RAM: 3394.28 MB
Total Virtual: 9287.27 MB
Available Virtual: 3897.18 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:390.31 GB) (Free:55.35 GB) NTFS

\\?\Volume{f11093b7-317a-4e7d-b933-8e43568b092f}\ (Recovery) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{508be2aa-09d5-40cd-ae47-1cf711bf39b5}\ () (Fixed) (Total:0.53 GB) (Free:0.08 GB) NTFS
\\?\Volume{7017df86-e6b8-47c7-be17-df433fb4af4f}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 489 GB) (Disk ID: 000A6DCF)

Partition: GPT.

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: probliknutí CMD po spuštení

#2 Příspěvek od Rudy »

Zdravím!
Probliknutí cmd nemusí znamenat přítomnost nějakého malwaru. Některé aplikace to dělají. Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
pepe24
Návštěvník
Návštěvník
Příspěvky: 28
Registrován: 16 dub 2018 14:42

Re: probliknutí CMD po spuštení

#3 Příspěvek od pepe24 »

# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-10-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-11-2021
# Duration: 00:00:01
# OS: Windows 10 Pro
# Cleaned: 4
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\UNINSTALL NEXUS

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Conduit
Deleted HKLM\Software\Wow6432Node\Conduit
Deleted HKLM\Software\Wow6432Node\Trymedia Systems

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1608 octets] - [11/11/2021 20:42:28]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: probliknutí CMD po spuštení

#4 Příspěvek od Rudy »

Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
pepe24
Návštěvník
Návštěvník
Příspěvky: 28
Registrován: 16 dub 2018 14:42

Re: probliknutí CMD po spuštení

#5 Příspěvek od pepe24 »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-11-2021
Ran by breaker (administrator) on DESKTOP-ESDCBP6 (Acer Aspire V3-571G) (11-11-2021 21:34:54)
Running from C:\Users\breaker\Desktop
Loaded Profiles: breaker
Platform: Microsoft Windows 10 Pro Version 20H2 19042.1348 (X64) Language: Angličtina (Spojené státy) -> Čeština (Česko)
Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --single-argument %1
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1189.1\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1189.1\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Elaborate Bytes AG -> Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Remote Desktop\94.0.4606.27\remoting_host.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.21102.10421.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Opera Software AS -> Opera Software) C:\Users\breaker\AppData\Local\Programs\Opera\80.0.4170.72\opera_crashreporter.exe
(Opera Software AS -> Opera Software) C:\Users\breaker\AppData\Local\Programs\Opera\opera.exe <20>
(remotemouse.net) [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(RemoteMouse.net) [File not signed] C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
(voidtools -> voidtools) C:\Program Files\Everything\Everything.exe <2>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-10] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1570672 2015-05-10] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [2254152 2020-08-05] (voidtools -> voidtools)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [333784 2021-03-30] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [134936 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) [File not signed]
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [105280 2020-02-23] (Elaborate Bytes AG -> Elaborate Bytes AG)
HKU\S-1-5-21-3720380324-1310689710-1488900297-1002\...\Run: [Opera Browser Assistant] => C:\Users\breaker\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4105424 2021-10-14] (Opera Software AS -> Opera Software)
HKLM\...\Windows x64\Print Processors\HPZPP4wm: C:\Windows\System32\spool\prtprocs\x64\hpzpp4wm.DLL [231424 2007-02-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [100352 2007-05-23] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\HP B511 Status Monitor: C:\Windows\system32\hpinkstsB511LM.dll [333496 2012-12-16] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\95.0.4638.69\Installer\chrmstp.exe [2021-10-28] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\95.0.12827.70\Installer\chrmstp.exe [2021-11-04] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {5DD41640-95CC-45CD-A8C5-D8285A3DAAC3} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1778456 2021-11-04] (Avast Software s.r.o. -> Avast Software)
Task: {77433210-6C78-4417-A162-3AA1DA6BD5E3} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [193872 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
Task: {780DEAC2-F277-489F-858F-60892D649BDF} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {780DEAC2-F277-489F-858F-60892D649BDF} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {780DEAC2-F277-489F-858F-60892D649BDF} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {780DEAC2-F277-489F-858F-60892D649BDF} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore1d7138aa8a4db57" /ENABLE
Task: {780DEAC2-F277-489F-858F-60892D649BDF} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {780DEAC2-F277-489F-858F-60892D649BDF} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-3720380324-1310689710-1488900297-1002" /ENABLE
Task: {780DEAC2-F277-489F-858F-60892D649BDF} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-3720380324-1310689710-1488900297-500" /ENABLE
Task: {780DEAC2-F277-489F-858F-60892D649BDF} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\Opera scheduled assistant Autoupdate 1595468730" /ENABLE
Task: {780DEAC2-F277-489F-858F-60892D649BDF} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\Opera scheduled Autoupdate 1595468726" /ENABLE
Task: {780DEAC2-F277-489F-858F-60892D649BDF} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {7E53596C-B6BA-473F-8B33-2A0B69CDBDA8} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2495608 2021-11-01] (Avast Software s.r.o. -> AVAST Software)
Task: {9E9285BE-3329-46F7-B798-00BCAC3345A7} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4974872 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
Task: {B8A60FED-FD28-4ECE-A265-6857889870E7} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2495608 2021-11-01] (Avast Software s.r.o. -> AVAST Software)
Task: {C10895F5-DCE7-456B-AD78-E385E2132E34} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [193872 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
Task: {CF965ADA-8AF3-4D80-A48C-8238BB546269} - System32\Tasks\Opera scheduled assistant Autoupdate 1595468730 => C:\Users\breaker\AppData\Local\Programs\Opera\launcher.exe [46227664 2021-10-27] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\breaker\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {D1EF7D34-C3DE-411E-B60B-FF66E82F0614} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-10-11] (Google LLC -> Google LLC)
Task: {DD7FF5B0-5F42-4F05-B899-A3BFCAEAE1D7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-10-11] (Google LLC -> Google LLC)
Task: {F2996DC1-C756-4E7F-93A3-FF8F2411B748} - System32\Tasks\Opera scheduled Autoupdate 1595468726 => C:\Users\breaker\AppData\Local\Programs\Opera\launcher.exe [46227664 2021-10-27] (Opera Software AS -> Opera Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{08a74099-0c38-465c-ae5f-467a8db6c609}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{2d35039b-3182-40e3-9979-fa0c643132b2}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{ec9e7eac-d502-40ea-8d46-c858a426d5bd}: [NameServer] 217.77.165.81,217.77.165.211

Edge:
=======
DownloadDir: C:\Users\breaker\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\breaker\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-03]
Edge DownloadDir: Default -> C:\Users\breaker\Downloads

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1189.1\npAvastBrowserUpdate3.dll [2021-11-04] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1189.1\npAvastBrowserUpdate3.dll [2021-11-04] (Avast Software s.r.o. -> AVAST Software)

Chrome:
=======
CHR Profile: C:\Users\breaker\AppData\Local\Google\Chrome\User Data\Default [2021-11-11]
CHR Extension: (Prezentace) - C:\Users\breaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-10-11]
CHR Extension: (Dokumenty) - C:\Users\breaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-10-11]
CHR Extension: (Disk Google) - C:\Users\breaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-12]
CHR Extension: (YouTube) - C:\Users\breaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-10-11]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\breaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-11-11]
CHR Extension: (Tabulky) - C:\Users\breaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-10-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\breaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-27]
CHR Extension: (Chrome Remote Desktop) - C:\Users\breaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2020-10-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\breaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-27]
CHR Extension: (Gmail) - C:\Users\breaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-12]
CHR Profile: C:\Users\breaker\AppData\Local\Google\Chrome\User Data\System Profile [2021-10-13]

Opera:
=======
OPR Profile: C:\Users\breaker\AppData\Roaming\Opera Software\Opera Stable [2021-11-11]
OPR Notifications: Opera Stable -> hxxps://livesport24.host; hxxps://meet.google.com; hxxps://www.instagram.com
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (AdBlock) - C:\Users\breaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2020-07-24]
OPR Extension: (AdBlocker for YouTube™) - C:\Users\breaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\cgdogbijachehheddakopmfjahhgmmma [2021-03-24]
OPR Extension: (Translator) - C:\Users\breaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnbpedcoekjafichoehopgaaldogogch [2021-08-23]
OPR Extension: (Hola Free VPN Proxy Unblocker) - C:\Users\breaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\ekmmelpnmfdegjhnmadddcfjcahpajnm [2021-06-10]
OPR Extension: (Rich Hints Agent) - C:\Users\breaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-11-03]
OPR Extension: (Auto Pause|Stop for YouTube™) - C:\Users\breaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\iifjklcolgimnhlpdddbfompohhijlgp [2021-01-04]
OPR Extension: (AdBlocker for YouTube™ Video) - C:\Users\breaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\ipcgdillgbfknnenicobgblljfabdedh [2020-09-04]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\breaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-14]
OPR Extension: (Adblock Plus - free ad blocker) - C:\Users\breaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2021-10-01]
OPR Extension: (YouTube Audio Equalizer and Amplifier) - C:\Users\breaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\omhjoogdmejmkjgnbolcjmoadobaacfm [2021-07-31]
OPR Extension: (Audio Equalizer and Amplifier) - C:\Users\breaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\piemmaochhnhfpjkoabfpkglbdchfcge [2021-07-31]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-03-16] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8376400 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [193872 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [680728 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [1700632 2021-11-10] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [427800 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [193872 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\95.0.12827.70\elevation_service.exe [1713640 2021-11-01] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\94.0.4606.27\remoting_host.exe [72536 2021-08-30] (Google LLC -> Google LLC)
R2 Everything; C:\Program Files\Everything\Everything.exe [2254152 2020-08-05] (voidtools -> voidtools)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [62464 2006-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
R2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [11264 2020-06-20] () [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6103464 2021-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 SystemServices; C:\Program Files\qemu\SystemServices.exe [122368 2020-01-08] () [File not signed] <==== ATTENTION
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35704 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [222112 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [372232 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250392 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99344 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-11-04] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41344 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [184648 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [538976 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107848 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82904 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [852216 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [557648 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [214384 2021-11-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [317696 2021-11-10] (Avast Software s.r.o. -> AVAST Software)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [42616 2017-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 VClone; C:\WINDOWS\System32\drivers\VClone.sys [44544 2020-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48520 2021-11-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [435424 2021-11-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-04] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-11-11 21:34 - 2021-11-11 21:35 - 000024304 _____ C:\Users\breaker\Desktop\FRST.txt
2021-11-11 21:26 - 2021-11-11 21:36 - 117018289 _____ C:\Users\breaker\Downloads\Duše - 2020.1080p.BluRay.CZ.dabing.mkv (1).opdownload
2021-11-11 20:41 - 2021-11-11 20:42 - 000000000 ____D C:\AdwCleaner
2021-11-11 20:40 - 2021-11-11 20:40 - 008553680 _____ (Malwarebytes) C:\Users\breaker\Desktop\adwcleaner_8.3.0.exe
2021-11-11 20:37 - 2021-11-11 20:37 - 000001359 _____ C:\Users\breaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-11-11 20:37 - 2021-11-11 20:37 - 000000000 ____D C:\Users\breaker\AppData\Local\PCHealthCheck
2021-11-11 20:36 - 2021-11-11 20:36 - 014233600 _____ C:\Users\breaker\Downloads\WindowsPCHealthCheckSetup.msi
2021-11-11 18:57 - 2021-11-11 18:57 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-11-11 18:57 - 2021-11-11 18:57 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-11-11 18:57 - 2021-11-11 18:57 - 000011363 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-11-11 18:56 - 2021-11-11 18:56 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-11-11 18:46 - 2021-11-11 18:46 - 000000000 ___HD C:\$WinREAgent
2021-11-11 17:33 - 2021-11-11 19:56 - 1514258432 _____ C:\Users\breaker\Downloads\Duše - 2020.1080p.BluRay.CZ.dabing.mkv.opdownload
2021-11-11 17:10 - 2021-11-11 17:09 - 002312192 _____ (Farbar) C:\Users\breaker\Desktop\RSITx64.exe
2021-11-11 17:06 - 2021-11-11 17:06 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2021-11-11 17:00 - 2021-11-11 17:16 - 000000000 ____D C:\Users\breaker\Desktop\BEATZ
2021-11-11 16:59 - 2021-11-11 17:09 - 002312192 _____ (Farbar) C:\Users\breaker\Downloads\RSITx64.exe
2021-11-04 18:14 - 2021-11-04 18:14 - 000003856 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2021-11-04 18:14 - 2021-11-04 18:14 - 000003272 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2021-11-04 18:14 - 2021-11-04 18:14 - 000002574 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2021-11-04 18:14 - 2021-11-04 18:14 - 000002539 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2021-11-04 18:13 - 2021-11-04 18:13 - 000003510 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineUA
2021-11-04 18:13 - 2021-11-04 18:13 - 000003386 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineCore
2021-11-04 18:13 - 2021-11-04 18:13 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2021-11-04 18:12 - 2021-11-04 18:14 - 000000000 ____D C:\Users\breaker\AppData\Local\Avast Software
2021-11-04 18:11 - 2021-11-04 18:11 - 000002164 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2021-11-04 18:11 - 2021-11-04 18:11 - 000002152 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2021-11-04 18:11 - 2021-11-04 18:11 - 000000000 ____D C:\Users\breaker\AppData\Roaming\Avast Software
2021-11-04 18:05 - 2021-11-10 21:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-11-04 18:04 - 2021-11-11 20:52 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-11-04 18:04 - 2021-11-10 21:51 - 000317696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-11-04 18:04 - 2021-11-04 18:04 - 000852216 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-11-04 18:04 - 2021-11-04 18:04 - 000557648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-11-04 18:04 - 2021-11-04 18:04 - 000538976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-11-04 18:04 - 2021-11-04 18:04 - 000372232 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-11-04 18:04 - 2021-11-04 18:04 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-11-04 18:04 - 2021-11-04 18:04 - 000250392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-11-04 18:04 - 2021-11-04 18:04 - 000222112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-11-04 18:04 - 2021-11-04 18:04 - 000214384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-11-04 18:04 - 2021-11-04 18:04 - 000184648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-11-04 18:04 - 2021-11-04 18:04 - 000107848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-11-04 18:04 - 2021-11-04 18:04 - 000099344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-11-04 18:04 - 2021-11-04 18:04 - 000082904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-11-04 18:04 - 2021-11-04 18:04 - 000041344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-11-04 18:04 - 2021-11-04 18:04 - 000035704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-11-04 18:04 - 2021-11-04 18:04 - 000021936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2021-11-04 18:04 - 2021-11-04 18:04 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2021-11-04 17:58 - 2021-11-04 17:58 - 000000000 ____D C:\Program Files\Avast Software
2021-11-04 17:57 - 2021-11-11 20:49 - 000000000 ____D C:\ProgramData\Avast Software
2021-11-04 17:57 - 2021-11-04 17:57 - 000234272 _____ (AVAST Software) C:\Users\breaker\Downloads\avast_free_antivirus_setup_online.exe
2021-11-04 14:24 - 2021-11-04 14:24 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-11-04 14:24 - 2021-11-04 14:24 - 000000000 ____D C:\Program Files\PCHealthCheck
2021-11-03 19:44 - 2021-11-03 19:44 - 000000000 ____D C:\Users\breaker\Downloads\iZotope Ozone Advanced v7.00 WiN X86 X64-d33p57a7u5
2021-11-03 19:08 - 2021-11-03 19:08 - 000065469 _____ C:\Users\breaker\Downloads\ŽIVOTOPIS.docx.pdf
2021-10-29 10:33 - 2021-10-29 10:34 - 036671644 _____ C:\Users\breaker\Downloads\tak si rikam 26.9 -jen backy 24,10 acapella.wav
2021-10-29 10:33 - 2021-10-29 10:34 - 036671644 _____ C:\Users\breaker\Downloads\tak si rikam 26.9 hotovo s backama nový 24,10 -komplet.wav
2021-10-29 10:33 - 2021-10-29 10:34 - 036671644 _____ C:\Users\breaker\Downloads\tak si rikam 26.9 hotovo bez backů nový 24,10.wav
2021-10-29 10:33 - 2021-10-29 10:33 - 039932632 _____ C:\Users\breaker\Downloads\&#039;Dreaming About You&#039; Smooth Laid Back HipHop Instrumental - Blunted Beatz.wav
2021-10-13 21:30 - 2021-10-13 21:39 - 580076078 _____ C:\Users\breaker\Downloads\Squid.Game.S01E09.1080p.HEVC.x265-MeGusta[eztv.re].mkv
2021-10-13 21:29 - 2021-10-13 21:36 - 368649636 _____ C:\Users\breaker\Downloads\Squid.Game.S01E08.1080p.HEVC.x265-MeGusta[eztv.re].mkv
2021-10-13 21:28 - 2021-10-13 21:39 - 714677701 _____ C:\Users\breaker\Downloads\Squid.Game.S01E07.1080p.HEVC.x265-MeGusta[eztv.re].mkv
2021-10-13 11:24 - 2021-10-13 11:24 - 000203264 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2021-10-13 11:24 - 2021-10-13 11:24 - 000158208 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-10-13 11:24 - 2021-10-13 11:24 - 000040960 _____ C:\WINDOWS\system32\uwfservicingapi.dll
2021-10-13 11:23 - 2021-10-13 11:23 - 000706536 _____ C:\WINDOWS\system32\TextShaping.dll
2021-10-13 11:23 - 2021-10-13 11:23 - 000611960 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-10-13 11:23 - 2021-10-13 11:23 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-10-13 11:23 - 2021-10-13 11:23 - 000098304 _____ C:\WINDOWS\system32\Drivers\cimfs.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-11-11 21:35 - 2020-07-23 07:58 - 000000000 ____D C:\FRST
2021-11-11 21:30 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-11-11 21:24 - 2021-03-07 20:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-11-11 21:08 - 2020-10-11 05:04 - 000000000 ____D C:\Program Files (x86)\Google
2021-11-11 20:56 - 2021-03-08 05:25 - 000718008 _____ C:\WINDOWS\system32\perfh005.dat
2021-11-11 20:56 - 2021-03-08 05:25 - 000145170 _____ C:\WINDOWS\system32\perfc005.dat
2021-11-11 20:56 - 2021-03-07 20:52 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-11-11 20:56 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-11-11 20:50 - 2020-07-23 03:00 - 000000000 __SHD C:\Users\breaker\IntelGraphicsProfiles
2021-11-11 20:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-11-11 20:49 - 2021-03-07 20:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-11-11 20:49 - 2021-03-07 20:42 - 000552656 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-11-11 20:49 - 2021-03-07 20:42 - 000008192 ___SH C:\DumpStack.log.tmp
2021-11-11 20:49 - 2020-07-23 02:28 - 000000000 ____D C:\ProgramData\NVIDIA
2021-11-11 20:49 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-11-11 20:48 - 2019-12-07 10:54 - 000000000 ___SD C:\WINDOWS\system32\AppV
2021-11-11 20:48 - 2019-12-07 10:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-11-11 20:48 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-11-11 20:48 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-11-11 20:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-11-11 20:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-11-11 20:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-11-11 20:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-11-11 20:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-11-11 20:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-11-11 20:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-11-11 20:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-11-11 20:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-11-11 20:48 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-11-11 19:02 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-11-11 18:44 - 2020-07-23 03:17 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-11-11 18:42 - 2020-07-23 03:17 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-11-11 17:07 - 2021-02-11 18:11 - 000000000 ____D C:\Users\breaker\AppData\Roaming\Wargaming.net
2021-11-11 17:07 - 2020-08-15 00:44 - 000000000 ____D C:\Users\breaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NoteBurner
2021-11-11 17:07 - 2020-08-15 00:44 - 000000000 ____D C:\Program Files (x86)\NoteBurner
2021-11-11 16:56 - 2020-07-27 23:50 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-11-11 16:56 - 2020-07-27 23:50 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-11-11 16:56 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-11-11 16:48 - 2021-04-26 07:51 - 000003214 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7138aa8a4db57
2021-11-11 16:48 - 2021-03-07 20:49 - 000003784 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1595468730
2021-11-11 16:48 - 2021-03-07 20:49 - 000003526 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1595468726
2021-11-11 16:48 - 2021-03-07 20:49 - 000003408 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-11-11 16:48 - 2021-03-07 20:49 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-11-11 16:48 - 2021-03-07 20:49 - 000003184 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-11-11 16:48 - 2021-03-07 20:49 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-11-11 16:48 - 2021-03-07 20:49 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3720380324-1310689710-1488900297-1002
2021-11-11 16:48 - 2021-03-07 20:49 - 000002856 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3720380324-1310689710-1488900297-500
2021-11-11 01:09 - 2020-09-02 00:59 - 000000000 ____D C:\Users\breaker\AppData\Local\Everything
2021-11-11 01:09 - 2020-09-01 22:42 - 000000000 ____D C:\Users\breaker\AppData\Roaming\Everything
2021-11-09 02:13 - 2021-03-07 20:43 - 000000000 ____D C:\Users\breaker
2021-11-06 13:05 - 2020-07-23 01:49 - 000000000 ____D C:\Users\breaker\AppData\Local\Packages
2021-11-06 13:04 - 2020-07-23 02:36 - 000000000 ____D C:\Users\breaker\AppData\Local\PlaceholderTileLogoFolder
2021-11-06 04:55 - 2021-03-07 20:43 - 000002387 _____ C:\Users\breaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-11-04 18:04 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-11-04 14:35 - 2019-11-16 00:59 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-11-03 21:34 - 2020-07-25 18:17 - 000000000 ____D C:\Users\breaker\AppData\Roaming\qBittorrent
2021-10-28 22:41 - 2020-10-11 05:07 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-28 22:41 - 2020-10-11 05:07 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-10-28 03:08 - 2020-09-12 19:19 - 000000000 ____D C:\Users\breaker\AppData\Roaming\vlc
2021-10-28 03:06 - 2020-07-23 02:45 - 000001415 _____ C:\Users\breaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2021-10-13 11:44 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-10-13 11:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-10-13 11:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-10-13 11:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-10-13 08:50 - 2020-08-24 16:48 - 000000000 ____D C:\Users\breaker\AppData\Local\ElevatedDiagnostics

==================== Files in the root of some directories ========

2020-08-06 19:21 - 2020-05-12 22:18 - 077719552 _____ (Serato) C:\Users\breaker\AppData\Local\Serato DJ Pro.exe
2020-08-06 19:21 - 2020-05-12 22:18 - 006314496 _____ (Serato) C:\Users\breaker\AppData\Local\SeratoVideo.exe
2020-08-06 19:21 - 2020-05-12 22:54 - 000000429 _____ () C:\Users\breaker\AppData\Local\_ReadMe.txt

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-11-2021
Ran by breaker (11-11-2021 21:36:54)
Running from C:\Users\breaker\Desktop
Microsoft Windows 10 Pro Version 20H2 19042.1348 (X64) (2021-03-07 19:49:29)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3720380324-1310689710-1488900297-500 - Administrator - Disabled)
breaker (S-1-5-21-3720380324-1310689710-1488900297-1002 - Administrator - Enabled) => C:\Users\breaker
DefaultAccount (S-1-5-21-3720380324-1310689710-1488900297-503 - Limited - Disabled)
Guest (S-1-5-21-3720380324-1310689710-1488900297-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3720380324-1310689710-1488900297-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACID Music Studio 10.0 (HKLM-x32\...\{A8016D8F-6838-11E3-8FB5-F04DA23A5C58}) (Version: 10.0.99 - Sony)
Apple Mobile Device Support (HKLM\...\{74CC99EB-7DC0-4CB0-847A-F8C2FE39690C}) (Version: 14.5.0.7 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 21.9.2494 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 95.0.12827.70 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1189.1 - AVAST Software) Hidden
balenaEtcher 1.5.120 (HKU\S-1-5-21-3720380324-1310689710-1488900297-1002\...\d2f3b6c7-6f49-59e2-b8a5-f72e33900c2b) (Version: 1.5.120 - Balena Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.75.1089 - AB Team, d.o.o.)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
Everything 1.4.1.988 (x64) (HKLM\...\Everything) (Version: 1.4.1.988 - David Carpenter)
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 95.0.4638.69 - Google LLC)
Chrome Remote Desktop Host (HKLM-x32\...\{1180A2CA-8F3D-4AD0-A1EF-1ED38327C683}) (Version: 94.0.4606.27 - Google LLC)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{754CC9DC-3DB4-4FB2-B71E-87331DB9EA17}) (Version: 7.5.4 - Intel Corporation)
iTunes (HKLM\...\{24F63AF4-683F-4952-A586-7FFB990F7A14}) (Version: 12.10.11.2 - Apple Inc.)
Kontrola stavu osobního počítače s Windows (HKLM\...\{E496AFB7-CB04-46CF-8FBB-5D665BC8811B}) (Version: 3.3.2110.22002 - Microsoft Corporation)
Lexicon Lambda Driver (HKLM-x32\...\Lexicon Lambda Driver) (Version: 2.7 - Lexicon)
LibreOffice 7.0.4.2 (HKLM\...\{B3171B83-4945-43E0-A101-841638C05506}) (Version: 7.0.4.2 - The Document Foundation)
MAGIX Burn routines (HKLM\...\{712D74A5-4C3D-41E6-A850-1696E54B28CD}) (Version: 11.0.0.237 - MAGIX AG)
MAGIX Content and Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Music Maker 2014 Premium (HKLM\...\{088A4B09-8FB2-48D0-932A-7F90BE050543}) (Version: 20.0.2.35 - MAGIX AG) Hidden
MAGIX Music Maker 2014 Premium (HKLM-x32\...\MX.{088A4B09-8FB2-48D0-932A-7F90BE050543}) (Version: 20.0.2.35 - MAGIX AG)
MAGIX Music Maker 2014 Premium Update (HKLM\...\{FA7FF0B9-7F88-4C02-AA4A-B500467EDAF1}) (Version: 20.0.4.49 - MAGIX AG) Hidden
MAGIX Music Maker 2014 Trial Soundpools (HKLM\...\{47950763-DE1D-4C64-BEDE-D579CA9688CB}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM\...\{5C375A31-ED71-4CA0-91E0-8FA47E72D56D}) (Version: 7.0.1.27 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{5C375A31-ED71-4CA0-91E0-8FA47E72D56D}) (Version: 7.0.1.27 - MAGIX AG)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 95.0.1020.44 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3720380324-1310689710-1488900297-1002\...\OneDriveSetup.exe) (Version: 21.205.1003.0005 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24516 (HKLM\...\{6B66663C-055F-3A2E-A09D-168840A82362}) (Version: 14.0.24516 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24516 (HKLM\...\{EE6E34BF-D825-384C-AFF5-305DF5CFAF5A}) (Version: 14.0.24516 - Microsoft Corporation)
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24516 (HKLM-x32\...\{B4EB15A2-6582-346E-8501-B6E907F23B80}) (Version: 14.0.24516 - Microsoft Corporation)
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24516 (HKLM-x32\...\{7B82F823-A226-3463-B438-AF4DDDE2B810}) (Version: 14.0.24516 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{FD9D64F4-CAF5-3D23-845A-B843C78CC1A5}) (Version: 10.0.60830 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
NVIDIA GeForce Experience 2.4.3.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.3.22 - NVIDIA Corporation)
NVIDIA Graphics Driver 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
Opera Stable 80.0.4170.72 (HKU\S-1-5-21-3720380324-1310689710-1488900297-1002\...\Opera 80.0.4170.72) (Version: 80.0.4170.72 - Opera Software)
qBittorrent 4.3.0.1 (HKLM-x32\...\qBittorrent) (Version: 4.3.0.1 - The qBittorrent project)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version: - )
rekordbox 6.0.4 64bit (HKLM\...\Pioneer rekordbox 6.0.4) (Version: 6.0.4.0001 - AlphaTheta)
Remote Mouse version 3.012 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 3.012 - Remote Mouse)
Serato DJ Pro (HKLM\...\{1385396C-5CC0-4FCC-8496-DD4C328EC2D7}) (Version: 2.3.5.644 - Serato Limited) Hidden
Serato DJ Pro (HKLM-x32\...\{63607775-1fed-4dfc-8a10-a01c80e22e99}) (Version: 2.3.5.644 - Serato Limited)
Steinberg Cubase 5 (HKLM-x32\...\{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}) (Version: 5.1.0 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 1.0.0.1 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg HALionOne (HKLM-x32\...\{E70E7159-93B1-470D-9FBD-D8E9EF34B538}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Additional Content Set 01 (HKLM-x32\...\{F3AFD063-8BAD-485E-B641-E7F5A2C5AE71}) (Version: 1.0.0.001 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Expression Set (HKLM-x32\...\{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}) (Version: 1.0.1.0 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Drum Set (HKLM-x32\...\{AC997F93-0757-4ED4-A701-F40C2D654D09}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Set (HKLM-x32\...\{F057965A-D974-4C64-ADB1-4381CD4B8956}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Pro Set (HKLM-x32\...\{D82CDA0D-C182-42C8-8FF2-5649C98D6003}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Drum Set (HKLM-x32\...\{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Set (HKLM-x32\...\{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 1.0.0.005 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 1.0.0.006 - Steinberg Media Technologies GmbH)
SynthMaster One (HKLM\...\{06630CE5-6BCE-4FE9-AF2F-EBECBDC0E562}_is1) (Version: 1.3.4 - KV331 Audio & Team V.R)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.2.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Windows PC Health Check (HKLM\...\{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91}) (Version: 3.2.2110.14001 - Microsoft Corporation)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
Worms: Armageddon (HKLM-x32\...\1462173886_is1) (Version: gog-3.8.1 - GOG.com)
Základní software zařízení HP Deskjet 1010 series (HKLM\...\{E0F44953-3A96-4087-8C1F-0966A8DA58FB}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)

Packages:
=========
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_13.0.10.0_x86__m9bz608c1b9ra [2021-07-29] (Nordcurrent)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-01-10] (Microsoft Corporation)
Fishdom -> C:\Program Files\WindowsApps\PLRWorldwideSales.FishdomPlayrix_6.0.2.0_x64__1feq88045d2v2 [2021-10-14] (Playrix)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-07] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-07] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.10270.0_x64__8wekyb3d8bbwe [2021-11-02] (Microsoft Studios) [MS Ad]
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.501.362.0_x86__55nm5eh3cm0pr [2021-10-29] (ROBLOX Corporation)
Vodafone Mobile Broadband -> C:\Program Files\WindowsApps\VodafoneGroupServices.VodafoneMobileBroadband_2.10.46.0_x64__cx08jceyq9bcp [2021-11-06] (Vodafone Group Services)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3720380324-1310689710-1488900297-1002_Classes\CLSID\{3A999A50-AB25-4A20-90A9-08F71FCE320F}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\x64\3\hpcdmc64.dll (Microsoft Windows Hardware Compatibility Publisher -> HP)
CustomCLSID: HKU\S-1-5-21-3720380324-1310689710-1488900297-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3720380324-1310689710-1488900297-1002_Classes\CLSID\{98087D89-B93F-4BCF-A998-AE4D9F607C14}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\x64\3\hpcdmc64.dll (Microsoft Windows Hardware Compatibility Publisher -> HP)
CustomCLSID: HKU\S-1-5-21-3720380324-1310689710-1488900297-1002_Classes\CLSID\{B286F068-5B17-4AE8-989B-8F9A199C47BA}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\x64\3\hpcdmc64.dll (Microsoft Windows Hardware Compatibility Publisher -> HP)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-11-04] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-11-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-11-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2020-02-23] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2020-02-23] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-11-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-11-04] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\breaker\Desktop\Chrome Remote Desktop.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=efmjfjelnicpmdcmfikempdhlmainjcb
ShortcutWithArgument: C:\Users\breaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Chrome Remote Desktop.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=efmjfjelnicpmdcmfikempdhlmainjcb

==================== Loaded Modules (Whitelisted) =============

2020-07-23 02:29 - 2015-05-10 22:12 - 001847600 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll
2020-09-04 01:58 - 2019-04-19 16:12 - 001391104 _____ (Remote Mouse) [File not signed] C:\Program Files (x86)\Remote Mouse\windows_api.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2020-11-12 01:59 - 2020-11-12 01:59 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3720380324-1310689710-1488900297-1002\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{BA76DBC0-FF47-4C5A-A563-E89C94266E68}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [TCP Query User{A0BB0218-BB54-4963-B33C-246E5AE8B556}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [UDP Query User{1D43EEC8-8AB6-47BE-B794-F9C5F6BF0E41}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [TCP Query User{6C077D38-D9B9-4E9B-B5E3-85A047236B5F}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [UDP Query User{F6F6DACF-34B2-4586-9BE1-0F2BC13B2FB8}C:\users\breaker\appdata\local\programs\opera\73.0.3856.344\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\73.0.3856.344\opera.exe => No File
FirewallRules: [TCP Query User{F5F51E17-3158-46F9-A57B-7FB42EF8E16B}C:\users\breaker\appdata\local\programs\opera\73.0.3856.344\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\73.0.3856.344\opera.exe => No File
FirewallRules: [UDP Query User{D86CFB3E-2711-4958-BFF3-A0288A9FD1D4}C:\users\breaker\appdata\local\programs\opera\73.0.3856.329\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\73.0.3856.329\opera.exe => No File
FirewallRules: [TCP Query User{08E43C4E-2292-44CB-8B62-0781F868A4FC}C:\users\breaker\appdata\local\programs\opera\73.0.3856.329\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\73.0.3856.329\opera.exe => No File
FirewallRules: [UDP Query User{36C76E4A-3BEA-4B54-8884-061C038B32A8}C:\counter-strike 1.6\hl.exe] => (Allow) C:\counter-strike 1.6\hl.exe => No File
FirewallRules: [TCP Query User{F48A4ED3-FA00-4A0D-80B4-650118447C46}C:\counter-strike 1.6\hl.exe] => (Allow) C:\counter-strike 1.6\hl.exe => No File
FirewallRules: [UDP Query User{75C9D0CC-69F2-4576-9582-5E287B006E94}C:\users\breaker\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\73.0.3856.284\opera.exe => No File
FirewallRules: [TCP Query User{331C441A-EED8-4229-85A3-6504FF015FA0}C:\users\breaker\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\73.0.3856.284\opera.exe => No File
FirewallRules: [{0C3ADD07-8794-4A9A-88DF-BE3E78D8D44C}] => (Allow) C:\Program Files\HP\HP Deskjet 1010 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{639140DF-2C34-4482-A2A3-7A913A3EA56C}] => (Allow) C:\Program Files\HP\HP Deskjet 1010 series\Bin\USBSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [UDP Query User{3C25A652-4509-40D1-94EB-DE85AF9501F5}C:\users\breaker\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\72.0.3815.400\opera.exe => No File
FirewallRules: [TCP Query User{4FB93205-2394-4DF4-9BA5-B000604A2318}C:\users\breaker\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\72.0.3815.400\opera.exe => No File
FirewallRules: [UDP Query User{1F24942F-7428-45FF-9D73-DDA5C158932E}C:\users\breaker\appdata\local\programs\opera\72.0.3815.320\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\72.0.3815.320\opera.exe => No File
FirewallRules: [TCP Query User{6B4B0E33-666C-4CEE-A001-6BF3E2ED7505}C:\users\breaker\appdata\local\programs\opera\72.0.3815.320\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\72.0.3815.320\opera.exe => No File
FirewallRules: [{611C78A6-2685-4CC5-B967-EC04C4364525}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{565F75FD-F46E-4584-A383-65EE6248D5E6}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [UDP Query User{CAF4B52D-CCC7-43C6-A33A-68891D29DBC7}C:\users\breaker\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\72.0.3815.186\opera.exe => No File
FirewallRules: [TCP Query User{372721BB-08FB-4C12-8C26-E1820969234B}C:\users\breaker\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\72.0.3815.186\opera.exe => No File
FirewallRules: [UDP Query User{A6CF546A-F802-4031-8ABB-E6A7F508566B}C:\users\breaker\appdata\local\programs\opera\71.0.3770.284\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\71.0.3770.284\opera.exe => No File
FirewallRules: [TCP Query User{CCB8B022-7E66-40A2-94CE-DF6EB1A5B2E8}C:\users\breaker\appdata\local\programs\opera\71.0.3770.284\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\71.0.3770.284\opera.exe => No File
FirewallRules: [UDP Query User{76063F6A-2F4B-4653-B237-929E0A8E8616}C:\users\breaker\appdata\local\programs\opera\71.0.3770.271\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\71.0.3770.271\opera.exe => No File
FirewallRules: [TCP Query User{9320B8C8-0D82-4BED-B5FF-336F7220512E}C:\users\breaker\appdata\local\programs\opera\71.0.3770.271\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\71.0.3770.271\opera.exe => No File
FirewallRules: [UDP Query User{61017C21-83C2-49B2-9A15-4070DB5B7D28}C:\users\breaker\appdata\local\programs\opera\71.0.3770.228\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\71.0.3770.228\opera.exe => No File
FirewallRules: [TCP Query User{5753650B-0486-42D3-9862-8D90421D9C21}C:\users\breaker\appdata\local\programs\opera\71.0.3770.228\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\71.0.3770.228\opera.exe => No File
FirewallRules: [UDP Query User{EF09E132-4022-43E5-8CAD-85AE4C54116B}C:\users\breaker\appdata\local\programs\opera\70.0.3728.189\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\70.0.3728.189\opera.exe => No File
FirewallRules: [TCP Query User{02EEA0F8-07D4-4514-865E-D3B784FC6567}C:\users\breaker\appdata\local\programs\opera\70.0.3728.189\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\70.0.3728.189\opera.exe => No File
FirewallRules: [{2A27D970-0BD7-43DE-8E80-386FDAAD9B28}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe (RemoteMouse.net) [File not signed]
FirewallRules: [{A59360AE-5F8C-4ED1-9445-4444618EFF28}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe (RemoteMouse.net) [File not signed]
FirewallRules: [{0B8F4D25-CCD5-41A1-86DB-FC72AC54B6C2}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe (remotemouse.net) [File not signed]
FirewallRules: [{1D979186-7D16-46C6-8CC0-5CD6C9C2C98D}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe (remotemouse.net) [File not signed]
FirewallRules: [UDP Query User{D5658D1A-3F9D-4EA1-9D6B-9827FFE2D5CC}C:\users\breaker\appdata\local\programs\opera\70.0.3728.106\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\70.0.3728.106\opera.exe => No File
FirewallRules: [TCP Query User{ADF858E8-4374-43B0-9557-BFCF0FAF8537}C:\users\breaker\appdata\local\programs\opera\70.0.3728.106\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\70.0.3728.106\opera.exe => No File
FirewallRules: [{8E26BC2F-52FC-4DDC-8A30-3A36D5460015}] => (Allow) C:\Program Files\Pioneer\rekordbox 6.0.4\rekordboxAgent-win32-x64\rekordboxAgent.exe (AlphaTheta Corporation -> AlphaTheta Corporation)
FirewallRules: [{01AC0DE0-1FA6-4ECE-A315-B5DD4046FF63}] => (Allow) C:\Program Files\Pioneer\rekordbox 6.0.4\rbHttpServer.exe (AlphaTheta Corporation -> )
FirewallRules: [{5F44FF24-8A71-4475-8027-1FFBC822A5BE}] => (Allow) C:\Program Files\Pioneer\rekordbox 6.0.4\ls-unity-rekordbox-win-64bit.exe (AlphaTheta Corporation -> )
FirewallRules: [{15617D38-F245-40FA-96E7-2F2BF5694275}] => (Allow) C:\Program Files\Pioneer\rekordbox 6.0.4\edb_streamd.exe (AlphaTheta Corporation -> )
FirewallRules: [{7FE542D8-F828-4205-93F4-97E2BB1310FE}] => (Allow) C:\Program Files\Pioneer\rekordbox 6.0.4\psvlinksysmgr.exe (AlphaTheta Corporation -> AlphaTheta Corporation.)
FirewallRules: [{79516EAA-8127-4168-8B49-0E2F93A891D0}] => (Allow) C:\Program Files\Pioneer\rekordbox 6.0.4\psvnfsd.exe (AlphaTheta Corporation -> AlphaTheta Corporation.)
FirewallRules: [{CD55739B-34BD-492F-87C6-939252EA4876}] => (Allow) C:\Program Files\Pioneer\rekordbox 6.0.4\rekordbox.exe (AlphaTheta Corporation -> AlphaTheta Corporation)
FirewallRules: [UDP Query User{4A54E030-F3ED-42B4-A9EF-48BB68BBB507}C:\users\breaker\appdata\local\programs\opera\69.0.3686.95\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\69.0.3686.95\opera.exe => No File
FirewallRules: [TCP Query User{5B5A4663-98A9-4E48-9F27-108E3E7C697D}C:\users\breaker\appdata\local\programs\opera\69.0.3686.95\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\69.0.3686.95\opera.exe => No File
FirewallRules: [UDP Query User{F3C2E6C8-CCF7-4433-ADAB-CA9D48D54D58}C:\users\breaker\appdata\local\programs\opera\69.0.3686.77\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\69.0.3686.77\opera.exe => No File
FirewallRules: [TCP Query User{98C10FC1-F784-4FFC-A2F6-EE535C9A261B}C:\users\breaker\appdata\local\programs\opera\69.0.3686.77\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\69.0.3686.77\opera.exe => No File
FirewallRules: [TCP Query User{5938F8BD-E41F-4DFF-882F-C992CC1D8D79}C:\users\breaker\appdata\local\programs\opera\74.0.3911.203\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\74.0.3911.203\opera.exe => No File
FirewallRules: [UDP Query User{E57424FE-C333-44F8-A63B-9B82C338879F}C:\users\breaker\appdata\local\programs\opera\74.0.3911.203\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\74.0.3911.203\opera.exe => No File
FirewallRules: [TCP Query User{33642081-EF61-48A8-9D60-B0146D45483D}C:\users\breaker\appdata\local\programs\opera\74.0.3911.218\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\74.0.3911.218\opera.exe => No File
FirewallRules: [UDP Query User{4A7E2CD5-4560-4CCC-A7BA-436FD536DBFE}C:\users\breaker\appdata\local\programs\opera\74.0.3911.218\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\74.0.3911.218\opera.exe => No File
FirewallRules: [TCP Query User{E348EAE0-AD15-46E9-AD02-727EDB070DB7}C:\users\breaker\appdata\local\programs\opera\75.0.3969.149\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\75.0.3969.149\opera.exe => No File
FirewallRules: [UDP Query User{8D6B8BEA-006E-4792-AB0D-7BBDD9A119D3}C:\users\breaker\appdata\local\programs\opera\75.0.3969.149\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\75.0.3969.149\opera.exe => No File
FirewallRules: [TCP Query User{333B0888-C62C-460F-8F81-4A1F249E147F}C:\users\breaker\appdata\local\programs\opera\75.0.3969.171\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\75.0.3969.171\opera.exe => No File
FirewallRules: [UDP Query User{2C9AC83F-1791-45B9-AAEB-600FBE0117C1}C:\users\breaker\appdata\local\programs\opera\75.0.3969.171\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\75.0.3969.171\opera.exe => No File
FirewallRules: [TCP Query User{C6587BA7-4C52-4D48-8C1A-8BBC7ECC1318}C:\users\breaker\appdata\local\programs\opera\75.0.3969.243\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\75.0.3969.243\opera.exe => No File
FirewallRules: [UDP Query User{00F60EBB-E05A-40D5-B12F-03C2D771241A}C:\users\breaker\appdata\local\programs\opera\75.0.3969.243\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\75.0.3969.243\opera.exe => No File
FirewallRules: [TCP Query User{05AF10F0-9249-44C3-B535-69F264A54389}C:\users\breaker\appdata\local\programs\opera\76.0.4017.107\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\76.0.4017.107\opera.exe => No File
FirewallRules: [UDP Query User{0A0E8D8A-CA99-4A47-BD41-75FC93962C97}C:\users\breaker\appdata\local\programs\opera\76.0.4017.107\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\76.0.4017.107\opera.exe => No File
FirewallRules: [TCP Query User{124A0635-57DA-4EE6-A6F0-7758C2828C23}C:\program files (x86)\warzone\csgo warzone\csgo.exe] => (Allow) C:\program files (x86)\warzone\csgo warzone\csgo.exe => No File
FirewallRules: [UDP Query User{09ACD6C3-1073-4EC6-A376-6C9985AAC168}C:\program files (x86)\warzone\csgo warzone\csgo.exe] => (Allow) C:\program files (x86)\warzone\csgo warzone\csgo.exe => No File
FirewallRules: [TCP Query User{A380BF8B-3718-4308-A837-C4F7558E9369}C:\users\breaker\appdata\local\programs\opera\76.0.4017.123\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\76.0.4017.123\opera.exe => No File
FirewallRules: [UDP Query User{FA3A8D2E-B950-43DC-A938-2D084A290E98}C:\users\breaker\appdata\local\programs\opera\76.0.4017.123\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\76.0.4017.123\opera.exe => No File
FirewallRules: [TCP Query User{2BB3E5C8-D22C-4B3F-A599-3A14135523CE}C:\users\breaker\appdata\local\programs\opera\76.0.4017.154\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\76.0.4017.154\opera.exe => No File
FirewallRules: [UDP Query User{F26823D5-164F-4CDF-9C09-75B6FA802BB8}C:\users\breaker\appdata\local\programs\opera\76.0.4017.154\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\76.0.4017.154\opera.exe => No File
FirewallRules: [TCP Query User{132F2A16-732E-4836-A6A1-70DF7F7D886E}C:\users\breaker\appdata\local\programs\opera\77.0.4054.90\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\77.0.4054.90\opera.exe => No File
FirewallRules: [UDP Query User{0780AD99-CE52-41E7-B8D4-3CC70BB520ED}C:\users\breaker\appdata\local\programs\opera\77.0.4054.90\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\77.0.4054.90\opera.exe => No File
FirewallRules: [TCP Query User{447BAC40-B08F-493C-8FC7-C26D3409743E}C:\users\breaker\appdata\local\programs\opera\78.0.4093.147\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\78.0.4093.147\opera.exe => No File
FirewallRules: [UDP Query User{A5EDEEB6-EB2F-426B-93C7-E1DD83BA39B1}C:\users\breaker\appdata\local\programs\opera\78.0.4093.147\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\78.0.4093.147\opera.exe => No File
FirewallRules: [TCP Query User{93CBEF58-B2D6-41ED-99E4-136744F61D19}C:\program files\serato\serato dj pro\serato dj pro.exe] => (Block) C:\program files\serato\serato dj pro\serato dj pro.exe (Serato) [File not signed]
FirewallRules: [UDP Query User{931290A0-D500-4F26-B356-066223DA0D52}C:\program files\serato\serato dj pro\serato dj pro.exe] => (Block) C:\program files\serato\serato dj pro\serato dj pro.exe (Serato) [File not signed]
FirewallRules: [{B699DC9E-D63C-435E-BAF5-6C9A6FE16078}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\94.0.4606.27\remoting_host.exe (Google LLC -> Google LLC)
FirewallRules: [{32664722-5655-452E-B168-BBCE1A53EF8A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12120.6.54012.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{A8EF778D-7CE7-421E-93D6-C737FD109810}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12120.6.54012.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{A36CBF9F-BF47-42B8-82BF-7E55616D725D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12120.6.54012.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{156B998F-E27A-45CC-AB16-2FF51901C8C5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12120.6.54012.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{F788EF34-CC3E-4C3A-9064-ACC393DA5E53}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12120.6.54012.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{73E24AB8-BF31-456D-A862-05AB083FE132}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12120.6.54012.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{495BFA92-FEBD-4908-A0E0-9914A3619309}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12120.6.54012.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{D3FFC166-60FA-42D7-BAF8-E8E5038F68A4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12120.6.54012.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{7B625DBE-D1F2-40D2-A302-C42BA979E290}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8BBEE8DC-A5B2-4578-89EB-8931193EFE1A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5F1A4D18-32D8-468C-8542-D7AF8C3EB354}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{357AC3C2-DC34-4BC2-A104-B2C575514D22}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{42FA8E4E-B2D9-46F7-A623-119CEFC94596}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{4071E993-11D1-4018-8A9E-BFACEC840D3B}C:\users\breaker\appdata\local\programs\opera\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{ACE55ADF-534D-4904-9083-0342FA70CEB6}C:\users\breaker\appdata\local\programs\opera\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{A089311C-3373-4959-B756-BF01294E48FE}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{04D1456F-5E54-4EE4-8437-A81CAFDC339F}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{E778B368-6F74-4D52-ADE7-59247270F464}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{E912DEBD-606A-418C-AC2F-915EAD9CCA17}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{9698C42C-3B46-4B34-814C-995F23DD383E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0326C0BD-9379-427A-94C7-6798CD23BD04}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D21C7FC7-5C69-41A2-AD23-32D8A04D3F03}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E2B8D5BA-D3CF-4A50-B7BA-3ED0208AD1DB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

23-10-2021 00:12:09 Scheduled Checkpoint
31-10-2021 00:08:43 Scheduled Checkpoint
09-11-2021 00:36:19 Scheduled Checkpoint
11-11-2021 17:05:55 Removed Firebird SQL Server - MAGIX Edition
11-11-2021 18:44:54 Windows Modules Installer
11-11-2021 18:45:45 Windows Modules Installer
11-11-2021 18:48:05 Windows Modules Installer
11-11-2021 20:36:59 Installed Windows PC Health Check

==================== Faulty Device Manager Devices ============

Name: Základní systémové zařízení
Description: Základní systémové zařízení
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Kompatibilní myš PS/2
Description: Kompatibilní myš PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Základní systémové zařízení
Description: Základní systémové zařízení
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (11/11/2021 09:38:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: nvstreamsvc.exe, verze: 4.1.1953.6972, časové razítko: 0x5541bef1
Název chybujícího modulu: nvstreamsvc.exe, verze: 4.1.1953.6972, časové razítko: 0x5541bef1
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000687be2
ID chybujícího procesu: 0x2fb0
Čas spuštění chybující aplikace: 0x01d7d73c0fbdfb73
Cesta k chybující aplikaci: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
Cesta k chybujícímu modulu: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
ID zprávy: d4f82ec6-1c8c-42da-a9c6-c2d7e6fdbbff
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/11/2021 09:38:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: nvstreamsvc.exe, verze: 4.1.1953.6972, časové razítko: 0x5541bef1
Název chybujícího modulu: nvstreamsvc.exe, verze: 4.1.1953.6972, časové razítko: 0x5541bef1
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000687be2
ID chybujícího procesu: 0x1484
Čas spuštění chybující aplikace: 0x01d7d73c0dffae55
Cesta k chybující aplikaci: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
Cesta k chybujícímu modulu: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
ID zprávy: 06e85c97-fd0d-4165-802d-b5f0a3da4da3
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/11/2021 09:38:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: nvstreamsvc.exe, verze: 4.1.1953.6972, časové razítko: 0x5541bef1
Název chybujícího modulu: nvstreamsvc.exe, verze: 4.1.1953.6972, časové razítko: 0x5541bef1
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000687be2
ID chybujícího procesu: 0x24c0
Čas spuštění chybující aplikace: 0x01d7d73c0c4cded5
Cesta k chybující aplikaci: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
Cesta k chybujícímu modulu: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
ID zprávy: 1391d709-42d7-4c5c-a1bf-13bd0ac1fcf3
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/11/2021 09:38:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: nvstreamsvc.exe, verze: 4.1.1953.6972, časové razítko: 0x5541bef1
Název chybujícího modulu: nvstreamsvc.exe, verze: 4.1.1953.6972, časové razítko: 0x5541bef1
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000687be2
ID chybujícího procesu: 0x331c
Čas spuštění chybující aplikace: 0x01d7d73c09c4caca
Cesta k chybující aplikaci: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
Cesta k chybujícímu modulu: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
ID zprávy: 41b234d8-bf8e-48d8-a256-57e7da85d591
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/11/2021 09:38:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: nvstreamsvc.exe, verze: 4.1.1953.6972, časové razítko: 0x5541bef1
Název chybujícího modulu: nvstreamsvc.exe, verze: 4.1.1953.6972, časové razítko: 0x5541bef1
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000687be2
ID chybujícího procesu: 0x1140
Čas spuštění chybující aplikace: 0x01d7d73c07bec790
Cesta k chybující aplikaci: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
Cesta k chybujícímu modulu: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
ID zprávy: 507e2a71-01b4-47c5-89af-e57ca300d62c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/11/2021 09:38:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: nvstreamsvc.exe, verze: 4.1.1953.6972, časové razítko: 0x5541bef1
Název chybujícího modulu: nvstreamsvc.exe, verze: 4.1.1953.6972, časové razítko: 0x5541bef1
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000687be2
ID chybujícího procesu: 0x310c
Čas spuštění chybující aplikace: 0x01d7d73c062dd262
Cesta k chybující aplikaci: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
Cesta k chybujícímu modulu: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
ID zprávy: 6626fc6c-6375-4f54-b5a1-ce3b7593d626
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/11/2021 09:38:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: nvstreamsvc.exe, verze: 4.1.1953.6972, časové razítko: 0x5541bef1
Název chybujícího modulu: nvstreamsvc.exe, verze: 4.1.1953.6972, časové razítko: 0x5541bef1
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000687be2
ID chybujícího procesu: 0x19ec
Čas spuštění chybující aplikace: 0x01d7d73c043c1fad
Cesta k chybující aplikaci: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
Cesta k chybujícímu modulu: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
ID zprávy: 49622fa3-e9cb-4916-a91f-76ca66b1f228
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/11/2021 09:37:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: nvstreamsvc.exe, verze: 4.1.1953.6972, časové razítko: 0x5541bef1
Název chybujícího modulu: nvstreamsvc.exe, verze: 4.1.1953.6972, časové razítko: 0x5541bef1
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000687be2
ID chybujícího procesu: 0x1ef8
Čas spuštění chybující aplikace: 0x01d7d73c02b7acec
Cesta k chybující aplikaci: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
Cesta k chybujícímu modulu: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
ID zprávy: 45ebaa0a-da6a-43e2-89c3-f3f1d4ba2910
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (11/11/2021 08:50:14 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba MessagingService_c5632 byla ukončena s následující chybou:
Zařízení není připraveno.

Error: (11/11/2021 08:49:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SystemServices neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (11/11/2021 08:49:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby SystemServices bylo dosaženo časového limitu (45000 ms).

Error: (11/11/2021 08:47:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Chrome Remote Desktop Service byla nečekaně ukončena. Stalo se to 3 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restart the service.

Error: (11/11/2021 08:47:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Apple Mobile Device Service byla nečekaně ukončena. Stalo se to 3 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restart the service.

Error: (11/11/2021 08:47:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restart the service.

Error: (11/11/2021 08:45:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restart the service.

Error: (11/11/2021 08:45:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Installer byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 300000 milisekund: Restart the service.


Windows Defender:
================
Date: 2021-10-31 01:07:39
Description:
Prohledávání Microsoft Defender Antivirus bylo zastaveno před dokončením.
ID prohledávání: {5083C281-FA33-4E85-AE3B-B73619B1B31A}
Typ prohledávání: Antimalware
Parametry prohledávání: Quick Scan
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-10-28 11:07:50
Description:
Prohledávání Microsoft Defender Antivirus bylo zastaveno před dokončením.
ID prohledávání: {A777A374-9C1A-451B-80FC-9E644A4AAF54}
Typ prohledávání: Antimalware
Parametry prohledávání: Quick Scan
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-10-28 05:36:27
Description:
Prohledávání Microsoft Defender Antivirus bylo zastaveno před dokončením.
ID prohledávání: {12392BAA-792E-49F2-BF46-47ABA227A6E2}
Typ prohledávání: Antimalware
Parametry prohledávání: Quick Scan
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-10-24 11:08:42
Description:
Prohledávání Microsoft Defender Antivirus bylo zastaveno před dokončením.
ID prohledávání: {F653358C-FAB1-4A6A-9430-259DDE75B200}
Typ prohledávání: Antimalware
Parametry prohledávání: Quick Scan
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-10-20 22:43:12
Description:
Prohledávání Microsoft Defender Antivirus bylo zastaveno před dokončením.
ID prohledávání: {685482C4-59CB-4005-BCA0-DD8CFA60A4D4}
Typ prohledávání: Antimalware
Parametry prohledávání: Quick Scan
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2021-10-13 12:55:57
Description:
Microsoft Defender Antivirus narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.351.314.0
Zdroj aktualizace: Microsoft Update Server
Typ bezpečnostních informací: AntiVirus
Typ aktualizace: Full
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18600.4
Kód chyby: 0x8024402c
Popis chyby: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Date: 2021-10-08 18:51:58
Description:
Microsoft Defender Antivirus narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.349.2139.0
Zdroj aktualizace: Microsoft Update Server
Typ bezpečnostních informací: AntiVirus
Typ aktualizace: Full
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18500.10
Kód chyby: 0x80240022
Popis chyby: The program can't check for definition updates.

Date: 2021-10-08 18:51:58
Description:
Microsoft Defender Antivirus narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.349.2139.0
Zdroj aktualizace: Microsoft Update Server
Typ bezpečnostních informací: AntiVirus
Typ aktualizace: Full
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18500.10
Kód chyby: 0x80240022
Popis chyby: The program can't check for definition updates.

CodeIntegrity:
===============
Date: 2021-11-11 21:38:22
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.

Date: 2021-11-11 21:36:54
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2021-11-11 21:35:38
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Avast Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: Acer V2.04 09/14/2012
Motherboard: Acer VA50_HC_CR
Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 55%
Total physical RAM: 8007.27 MB
Available physical RAM: 3547.45 MB
Total Virtual: 9287.27 MB
Available Virtual: 4728.06 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:390.31 GB) (Free:41.46 GB) NTFS

\\?\Volume{f11093b7-317a-4e7d-b933-8e43568b092f}\ (Recovery) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{508be2aa-09d5-40cd-ae47-1cf711bf39b5}\ () (Fixed) (Total:0.53 GB) (Free:0.08 GB) NTFS
\\?\Volume{7017df86-e6b8-47c7-be17-df433fb4af4f}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 489 GB) (Disk ID: 000A6DCF)

Partition: GPT.

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: probliknutí CMD po spuštení

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
C:\Program Files\Bonjour
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {D1EF7D34-C3DE-411E-B60B-FF66E82F0614} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-10-11] (Google LLC -> Google LLC)
Task: {DD7FF5B0-5F42-4F05-B899-A3BFCAEAE1D7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-10-11] (Google LLC -> Google LLC)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
S2 SystemServices; C:\Program Files\qemu\SystemServices.exe [122368 2020-01-08] () [File not signed] <==== ATTENTION
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [UDP Query User{BA76DBC0-FF47-4C5A-A563-E89C94266E68}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [TCP Query User{A0BB0218-BB54-4963-B33C-246E5AE8B556}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [UDP Query User{1D43EEC8-8AB6-47BE-B794-F9C5F6BF0E41}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [TCP Query User{6C077D38-D9B9-4E9B-B5E3-85A047236B5F}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [UDP Query User{F6F6DACF-34B2-4586-9BE1-0F2BC13B2FB8}C:\users\breaker\appdata\local\programs\opera\73.0.3856.344\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\73.0.3856.344\opera.exe => No File
FirewallRules: [TCP Query User{F5F51E17-3158-46F9-A57B-7FB42EF8E16B}C:\users\breaker\appdata\local\programs\opera\73.0.3856.344\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\73.0.3856.344\opera.exe => No File
FirewallRules: [UDP Query User{D86CFB3E-2711-4958-BFF3-A0288A9FD1D4}C:\users\breaker\appdata\local\programs\opera\73.0.3856.329\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\73.0.3856.329\opera.exe => No File
FirewallRules: [TCP Query User{08E43C4E-2292-44CB-8B62-0781F868A4FC}C:\users\breaker\appdata\local\programs\opera\73.0.3856.329\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\73.0.3856.329\opera.exe => No File
FirewallRules: [UDP Query User{36C76E4A-3BEA-4B54-8884-061C038B32A8}C:\counter-strike 1.6\hl.exe] => (Allow) C:\counter-strike 1.6\hl.exe => No File
FirewallRules: [TCP Query User{F48A4ED3-FA00-4A0D-80B4-650118447C46}C:\counter-strike 1.6\hl.exe] => (Allow) C:\counter-strike 1.6\hl.exe => No File
FirewallRules: [UDP Query User{75C9D0CC-69F2-4576-9582-5E287B006E94}C:\users\breaker\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\73.0.3856.284\opera.exe => No File
FirewallRules: [TCP Query User{331C441A-EED8-4229-85A3-6504FF015FA0}C:\users\breaker\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\73.0.3856.284\opera.exe => No File
FirewallRules: [UDP Query User{3C25A652-4509-40D1-94EB-DE85AF9501F5}C:\users\breaker\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\72.0.3815.400\opera.exe => No File
FirewallRules: [TCP Query User{4FB93205-2394-4DF4-9BA5-B000604A2318}C:\users\breaker\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\72.0.3815.400\opera.exe => No File
FirewallRules: [UDP Query User{1F24942F-7428-45FF-9D73-DDA5C158932E}C:\users\breaker\appdata\local\programs\opera\72.0.3815.320\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\72.0.3815.320\opera.exe => No File
FirewallRules: [TCP Query User{6B4B0E33-666C-4CEE-A001-6BF3E2ED7505}C:\users\breaker\appdata\local\programs\opera\72.0.3815.320\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\72.0.3815.320\opera.exe => No File
FirewallRules: [UDP Query User{CAF4B52D-CCC7-43C6-A33A-68891D29DBC7}C:\users\breaker\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\72.0.3815.186\opera.exe => No File
FirewallRules: [TCP Query User{372721BB-08FB-4C12-8C26-E1820969234B}C:\users\breaker\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\72.0.3815.186\opera.exe => No File
FirewallRules: [UDP Query User{A6CF546A-F802-4031-8ABB-E6A7F508566B}C:\users\breaker\appdata\local\programs\opera\71.0.3770.284\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\71.0.3770.284\opera.exe => No File
FirewallRules: [TCP Query User{CCB8B022-7E66-40A2-94CE-DF6EB1A5B2E8}C:\users\breaker\appdata\local\programs\opera\71.0.3770.284\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\71.0.3770.284\opera.exe => No File
FirewallRules: [UDP Query User{76063F6A-2F4B-4653-B237-929E0A8E8616}C:\users\breaker\appdata\local\programs\opera\71.0.3770.271\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\71.0.3770.271\opera.exe => No File
FirewallRules: [TCP Query User{9320B8C8-0D82-4BED-B5FF-336F7220512E}C:\users\breaker\appdata\local\programs\opera\71.0.3770.271\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\71.0.3770.271\opera.exe => No File
FirewallRules: [UDP Query User{61017C21-83C2-49B2-9A15-4070DB5B7D28}C:\users\breaker\appdata\local\programs\opera\71.0.3770.228\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\71.0.3770.228\opera.exe => No File
FirewallRules: [TCP Query User{5753650B-0486-42D3-9862-8D90421D9C21}C:\users\breaker\appdata\local\programs\opera\71.0.3770.228\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\71.0.3770.228\opera.exe => No File
FirewallRules: [UDP Query User{EF09E132-4022-43E5-8CAD-85AE4C54116B}C:\users\breaker\appdata\local\programs\opera\70.0.3728.189\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\70.0.3728.189\opera.exe => No File
FirewallRules: [TCP Query User{02EEA0F8-07D4-4514-865E-D3B784FC6567}C:\users\breaker\appdata\local\programs\opera\70.0.3728.189\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\70.0.3728.189\opera.exe => No File
FirewallRules: [UDP Query User{D5658D1A-3F9D-4EA1-9D6B-9827FFE2D5CC}C:\users\breaker\appdata\local\programs\opera\70.0.3728.106\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\70.0.3728.106\opera.exe => No File
FirewallRules: [TCP Query User{ADF858E8-4374-43B0-9557-BFCF0FAF8537}C:\users\breaker\appdata\local\programs\opera\70.0.3728.106\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\70.0.3728.106\opera.exe => No File
FirewallRules: [UDP Query User{4A54E030-F3ED-42B4-A9EF-48BB68BBB507}C:\users\breaker\appdata\local\programs\opera\69.0.3686.95\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\69.0.3686.95\opera.exe => No File
FirewallRules: [TCP Query User{5B5A4663-98A9-4E48-9F27-108E3E7C697D}C:\users\breaker\appdata\local\programs\opera\69.0.3686.95\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\69.0.3686.95\opera.exe => No File
FirewallRules: [UDP Query User{F3C2E6C8-CCF7-4433-ADAB-CA9D48D54D58}C:\users\breaker\appdata\local\programs\opera\69.0.3686.77\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\69.0.3686.77\opera.exe => No File
FirewallRules: [TCP Query User{98C10FC1-F784-4FFC-A2F6-EE535C9A261B}C:\users\breaker\appdata\local\programs\opera\69.0.3686.77\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\69.0.3686.77\opera.exe => No File
FirewallRules: [TCP Query User{5938F8BD-E41F-4DFF-882F-C992CC1D8D79}C:\users\breaker\appdata\local\programs\opera\74.0.3911.203\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\74.0.3911.203\opera.exe => No File
FirewallRules: [UDP Query User{E57424FE-C333-44F8-A63B-9B82C338879F}C:\users\breaker\appdata\local\programs\opera\74.0.3911.203\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\74.0.3911.203\opera.exe => No File
FirewallRules: [TCP Query User{33642081-EF61-48A8-9D60-B0146D45483D}C:\users\breaker\appdata\local\programs\opera\74.0.3911.218\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\74.0.3911.218\opera.exe => No File
FirewallRules: [UDP Query User{4A7E2CD5-4560-4CCC-A7BA-436FD536DBFE}C:\users\breaker\appdata\local\programs\opera\74.0.3911.218\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\74.0.3911.218\opera.exe => No File
FirewallRules: [TCP Query User{E348EAE0-AD15-46E9-AD02-727EDB070DB7}C:\users\breaker\appdata\local\programs\opera\75.0.3969.149\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\75.0.3969.149\opera.exe => No File
FirewallRules: [UDP Query User{8D6B8BEA-006E-4792-AB0D-7BBDD9A119D3}C:\users\breaker\appdata\local\programs\opera\75.0.3969.149\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\75.0.3969.149\opera.exe => No File
FirewallRules: [TCP Query User{333B0888-C62C-460F-8F81-4A1F249E147F}C:\users\breaker\appdata\local\programs\opera\75.0.3969.171\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\75.0.3969.171\opera.exe => No File
FirewallRules: [UDP Query User{2C9AC83F-1791-45B9-AAEB-600FBE0117C1}C:\users\breaker\appdata\local\programs\opera\75.0.3969.171\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\75.0.3969.171\opera.exe => No File
FirewallRules: [TCP Query User{C6587BA7-4C52-4D48-8C1A-8BBC7ECC1318}C:\users\breaker\appdata\local\programs\opera\75.0.3969.243\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\75.0.3969.243\opera.exe => No File
FirewallRules: [UDP Query User{00F60EBB-E05A-40D5-B12F-03C2D771241A}C:\users\breaker\appdata\local\programs\opera\75.0.3969.243\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\75.0.3969.243\opera.exe => No File
FirewallRules: [TCP Query User{05AF10F0-9249-44C3-B535-69F264A54389}C:\users\breaker\appdata\local\programs\opera\76.0.4017.107\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\76.0.4017.107\opera.exe => No File
FirewallRules: [UDP Query User{0A0E8D8A-CA99-4A47-BD41-75FC93962C97}C:\users\breaker\appdata\local\programs\opera\76.0.4017.107\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\76.0.4017.107\opera.exe => No File
FirewallRules: [TCP Query User{124A0635-57DA-4EE6-A6F0-7758C2828C23}C:\program files (x86)\warzone\csgo warzone\csgo.exe] => (Allow) C:\program files (x86)\warzone\csgo warzone\csgo.exe => No File
FirewallRules: [UDP Query User{09ACD6C3-1073-4EC6-A376-6C9985AAC168}C:\program files (x86)\warzone\csgo warzone\csgo.exe] => (Allow) C:\program files (x86)\warzone\csgo warzone\csgo.exe => No File
FirewallRules: [TCP Query User{A380BF8B-3718-4308-A837-C4F7558E9369}C:\users\breaker\appdata\local\programs\opera\76.0.4017.123\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\76.0.4017.123\opera.exe => No File
FirewallRules: [UDP Query User{FA3A8D2E-B950-43DC-A938-2D084A290E98}C:\users\breaker\appdata\local\programs\opera\76.0.4017.123\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\76.0.4017.123\opera.exe => No File
FirewallRules: [TCP Query User{2BB3E5C8-D22C-4B3F-A599-3A14135523CE}C:\users\breaker\appdata\local\programs\opera\76.0.4017.154\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\76.0.4017.154\opera.exe => No File
FirewallRules: [UDP Query User{F26823D5-164F-4CDF-9C09-75B6FA802BB8}C:\users\breaker\appdata\local\programs\opera\76.0.4017.154\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\76.0.4017.154\opera.exe => No File
FirewallRules: [TCP Query User{132F2A16-732E-4836-A6A1-70DF7F7D886E}C:\users\breaker\appdata\local\programs\opera\77.0.4054.90\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\77.0.4054.90\opera.exe => No File
FirewallRules: [UDP Query User{0780AD99-CE52-41E7-B8D4-3CC70BB520ED}C:\users\breaker\appdata\local\programs\opera\77.0.4054.90\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\77.0.4054.90\opera.exe => No File
FirewallRules: [TCP Query User{447BAC40-B08F-493C-8FC7-C26D3409743E}C:\users\breaker\appdata\local\programs\opera\78.0.4093.147\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\78.0.4093.147\opera.exe => No File
FirewallRules: [UDP Query User{A5EDEEB6-EB2F-426B-93C7-E1DD83BA39B1}C:\users\breaker\appdata\local\programs\opera\78.0.4093.147\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\78.0.4093.147\opera.exe => No File
FirewallRules: [{32664722-5655-452E-B168-BBCE1A53EF8A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12120.6.54012.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{A8EF778D-7CE7-421E-93D6-C737FD109810}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12120.6.54012.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{A36CBF9F-BF47-42B8-82BF-7E55616D725D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12120.6.54012.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{156B998F-E27A-45CC-AB16-2FF51901C8C5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12120.6.54012.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{F788EF34-CC3E-4C3A-9064-ACC393DA5E53}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12120.6.54012.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{73E24AB8-BF31-456D-A862-05AB083FE132}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12120.6.54012.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{495BFA92-FEBD-4908-A0E0-9914A3619309}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12120.6.54012.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{D3FFC166-60FA-42D7-BAF8-E8E5038F68A4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12120.6.54012.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
pepe24
Návštěvník
Návštěvník
Příspěvky: 28
Registrován: 16 dub 2018 14:42

Re: probliknutí CMD po spuštení

#7 Příspěvek od pepe24 »

Fix result of Farbar Recovery Scan Tool (x64) Version: 09-11-2021
Ran by breaker (12-11-2021 16:22:10) Run:3
Running from C:\Users\breaker\Desktop
Loaded Profiles: breaker
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
C:\Program Files\Bonjour
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {D1EF7D34-C3DE-411E-B60B-FF66E82F0614} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-10-11] (Google LLC -> Google LLC)
Task: {DD7FF5B0-5F42-4F05-B899-A3BFCAEAE1D7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-10-11] (Google LLC -> Google LLC)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
S2 SystemServices; C:\Program Files\qemu\SystemServices.exe [122368 2020-01-08] () [File not signed] <==== ATTENTION
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [UDP Query User{BA76DBC0-FF47-4C5A-A563-E89C94266E68}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [TCP Query User{A0BB0218-BB54-4963-B33C-246E5AE8B556}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe => No File
FirewallRules: [UDP Query User{1D43EEC8-8AB6-47BE-B794-F9C5F6BF0E41}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [TCP Query User{6C077D38-D9B9-4E9B-B5E3-85A047236B5F}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe => No File
FirewallRules: [UDP Query User{F6F6DACF-34B2-4586-9BE1-0F2BC13B2FB8}C:\users\breaker\appdata\local\programs\opera\73.0.3856.344\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\73.0.3856.344\opera.exe => No File
FirewallRules: [TCP Query User{F5F51E17-3158-46F9-A57B-7FB42EF8E16B}C:\users\breaker\appdata\local\programs\opera\73.0.3856.344\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\73.0.3856.344\opera.exe => No File
FirewallRules: [UDP Query User{D86CFB3E-2711-4958-BFF3-A0288A9FD1D4}C:\users\breaker\appdata\local\programs\opera\73.0.3856.329\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\73.0.3856.329\opera.exe => No File
FirewallRules: [TCP Query User{08E43C4E-2292-44CB-8B62-0781F868A4FC}C:\users\breaker\appdata\local\programs\opera\73.0.3856.329\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\73.0.3856.329\opera.exe => No File
FirewallRules: [UDP Query User{36C76E4A-3BEA-4B54-8884-061C038B32A8}C:\counter-strike 1.6\hl.exe] => (Allow) C:\counter-strike 1.6\hl.exe => No File
FirewallRules: [TCP Query User{F48A4ED3-FA00-4A0D-80B4-650118447C46}C:\counter-strike 1.6\hl.exe] => (Allow) C:\counter-strike 1.6\hl.exe => No File
FirewallRules: [UDP Query User{75C9D0CC-69F2-4576-9582-5E287B006E94}C:\users\breaker\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\73.0.3856.284\opera.exe => No File
FirewallRules: [TCP Query User{331C441A-EED8-4229-85A3-6504FF015FA0}C:\users\breaker\appdata\local\programs\opera\73.0.3856.284\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\73.0.3856.284\opera.exe => No File
FirewallRules: [UDP Query User{3C25A652-4509-40D1-94EB-DE85AF9501F5}C:\users\breaker\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\72.0.3815.400\opera.exe => No File
FirewallRules: [TCP Query User{4FB93205-2394-4DF4-9BA5-B000604A2318}C:\users\breaker\appdata\local\programs\opera\72.0.3815.400\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\72.0.3815.400\opera.exe => No File
FirewallRules: [UDP Query User{1F24942F-7428-45FF-9D73-DDA5C158932E}C:\users\breaker\appdata\local\programs\opera\72.0.3815.320\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\72.0.3815.320\opera.exe => No File
FirewallRules: [TCP Query User{6B4B0E33-666C-4CEE-A001-6BF3E2ED7505}C:\users\breaker\appdata\local\programs\opera\72.0.3815.320\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\72.0.3815.320\opera.exe => No File
FirewallRules: [UDP Query User{CAF4B52D-CCC7-43C6-A33A-68891D29DBC7}C:\users\breaker\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\72.0.3815.186\opera.exe => No File
FirewallRules: [TCP Query User{372721BB-08FB-4C12-8C26-E1820969234B}C:\users\breaker\appdata\local\programs\opera\72.0.3815.186\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\72.0.3815.186\opera.exe => No File
FirewallRules: [UDP Query User{A6CF546A-F802-4031-8ABB-E6A7F508566B}C:\users\breaker\appdata\local\programs\opera\71.0.3770.284\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\71.0.3770.284\opera.exe => No File
FirewallRules: [TCP Query User{CCB8B022-7E66-40A2-94CE-DF6EB1A5B2E8}C:\users\breaker\appdata\local\programs\opera\71.0.3770.284\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\71.0.3770.284\opera.exe => No File
FirewallRules: [UDP Query User{76063F6A-2F4B-4653-B237-929E0A8E8616}C:\users\breaker\appdata\local\programs\opera\71.0.3770.271\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\71.0.3770.271\opera.exe => No File
FirewallRules: [TCP Query User{9320B8C8-0D82-4BED-B5FF-336F7220512E}C:\users\breaker\appdata\local\programs\opera\71.0.3770.271\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\71.0.3770.271\opera.exe => No File
FirewallRules: [UDP Query User{61017C21-83C2-49B2-9A15-4070DB5B7D28}C:\users\breaker\appdata\local\programs\opera\71.0.3770.228\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\71.0.3770.228\opera.exe => No File
FirewallRules: [TCP Query User{5753650B-0486-42D3-9862-8D90421D9C21}C:\users\breaker\appdata\local\programs\opera\71.0.3770.228\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\71.0.3770.228\opera.exe => No File
FirewallRules: [UDP Query User{EF09E132-4022-43E5-8CAD-85AE4C54116B}C:\users\breaker\appdata\local\programs\opera\70.0.3728.189\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\70.0.3728.189\opera.exe => No File
FirewallRules: [TCP Query User{02EEA0F8-07D4-4514-865E-D3B784FC6567}C:\users\breaker\appdata\local\programs\opera\70.0.3728.189\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\70.0.3728.189\opera.exe => No File
FirewallRules: [UDP Query User{D5658D1A-3F9D-4EA1-9D6B-9827FFE2D5CC}C:\users\breaker\appdata\local\programs\opera\70.0.3728.106\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\70.0.3728.106\opera.exe => No File
FirewallRules: [TCP Query User{ADF858E8-4374-43B0-9557-BFCF0FAF8537}C:\users\breaker\appdata\local\programs\opera\70.0.3728.106\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\70.0.3728.106\opera.exe => No File
FirewallRules: [UDP Query User{4A54E030-F3ED-42B4-A9EF-48BB68BBB507}C:\users\breaker\appdata\local\programs\opera\69.0.3686.95\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\69.0.3686.95\opera.exe => No File
FirewallRules: [TCP Query User{5B5A4663-98A9-4E48-9F27-108E3E7C697D}C:\users\breaker\appdata\local\programs\opera\69.0.3686.95\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\69.0.3686.95\opera.exe => No File
FirewallRules: [UDP Query User{F3C2E6C8-CCF7-4433-ADAB-CA9D48D54D58}C:\users\breaker\appdata\local\programs\opera\69.0.3686.77\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\69.0.3686.77\opera.exe => No File
FirewallRules: [TCP Query User{98C10FC1-F784-4FFC-A2F6-EE535C9A261B}C:\users\breaker\appdata\local\programs\opera\69.0.3686.77\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\69.0.3686.77\opera.exe => No File
FirewallRules: [TCP Query User{5938F8BD-E41F-4DFF-882F-C992CC1D8D79}C:\users\breaker\appdata\local\programs\opera\74.0.3911.203\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\74.0.3911.203\opera.exe => No File
FirewallRules: [UDP Query User{E57424FE-C333-44F8-A63B-9B82C338879F}C:\users\breaker\appdata\local\programs\opera\74.0.3911.203\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\74.0.3911.203\opera.exe => No File
FirewallRules: [TCP Query User{33642081-EF61-48A8-9D60-B0146D45483D}C:\users\breaker\appdata\local\programs\opera\74.0.3911.218\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\74.0.3911.218\opera.exe => No File
FirewallRules: [UDP Query User{4A7E2CD5-4560-4CCC-A7BA-436FD536DBFE}C:\users\breaker\appdata\local\programs\opera\74.0.3911.218\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\74.0.3911.218\opera.exe => No File
FirewallRules: [TCP Query User{E348EAE0-AD15-46E9-AD02-727EDB070DB7}C:\users\breaker\appdata\local\programs\opera\75.0.3969.149\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\75.0.3969.149\opera.exe => No File
FirewallRules: [UDP Query User{8D6B8BEA-006E-4792-AB0D-7BBDD9A119D3}C:\users\breaker\appdata\local\programs\opera\75.0.3969.149\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\75.0.3969.149\opera.exe => No File
FirewallRules: [TCP Query User{333B0888-C62C-460F-8F81-4A1F249E147F}C:\users\breaker\appdata\local\programs\opera\75.0.3969.171\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\75.0.3969.171\opera.exe => No File
FirewallRules: [UDP Query User{2C9AC83F-1791-45B9-AAEB-600FBE0117C1}C:\users\breaker\appdata\local\programs\opera\75.0.3969.171\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\75.0.3969.171\opera.exe => No File
FirewallRules: [TCP Query User{C6587BA7-4C52-4D48-8C1A-8BBC7ECC1318}C:\users\breaker\appdata\local\programs\opera\75.0.3969.243\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\75.0.3969.243\opera.exe => No File
FirewallRules: [UDP Query User{00F60EBB-E05A-40D5-B12F-03C2D771241A}C:\users\breaker\appdata\local\programs\opera\75.0.3969.243\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\75.0.3969.243\opera.exe => No File
FirewallRules: [TCP Query User{05AF10F0-9249-44C3-B535-69F264A54389}C:\users\breaker\appdata\local\programs\opera\76.0.4017.107\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\76.0.4017.107\opera.exe => No File
FirewallRules: [UDP Query User{0A0E8D8A-CA99-4A47-BD41-75FC93962C97}C:\users\breaker\appdata\local\programs\opera\76.0.4017.107\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\76.0.4017.107\opera.exe => No File
FirewallRules: [TCP Query User{124A0635-57DA-4EE6-A6F0-7758C2828C23}C:\program files (x86)\warzone\csgo warzone\csgo.exe] => (Allow) C:\program files (x86)\warzone\csgo warzone\csgo.exe => No File
FirewallRules: [UDP Query User{09ACD6C3-1073-4EC6-A376-6C9985AAC168}C:\program files (x86)\warzone\csgo warzone\csgo.exe] => (Allow) C:\program files (x86)\warzone\csgo warzone\csgo.exe => No File
FirewallRules: [TCP Query User{A380BF8B-3718-4308-A837-C4F7558E9369}C:\users\breaker\appdata\local\programs\opera\76.0.4017.123\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\76.0.4017.123\opera.exe => No File
FirewallRules: [UDP Query User{FA3A8D2E-B950-43DC-A938-2D084A290E98}C:\users\breaker\appdata\local\programs\opera\76.0.4017.123\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\76.0.4017.123\opera.exe => No File
FirewallRules: [TCP Query User{2BB3E5C8-D22C-4B3F-A599-3A14135523CE}C:\users\breaker\appdata\local\programs\opera\76.0.4017.154\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\76.0.4017.154\opera.exe => No File
FirewallRules: [UDP Query User{F26823D5-164F-4CDF-9C09-75B6FA802BB8}C:\users\breaker\appdata\local\programs\opera\76.0.4017.154\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\76.0.4017.154\opera.exe => No File
FirewallRules: [TCP Query User{132F2A16-732E-4836-A6A1-70DF7F7D886E}C:\users\breaker\appdata\local\programs\opera\77.0.4054.90\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\77.0.4054.90\opera.exe => No File
FirewallRules: [UDP Query User{0780AD99-CE52-41E7-B8D4-3CC70BB520ED}C:\users\breaker\appdata\local\programs\opera\77.0.4054.90\opera.exe] => (Allow) C:\users\breaker\appdata\local\programs\opera\77.0.4054.90\opera.exe => No File
FirewallRules: [TCP Query User{447BAC40-B08F-493C-8FC7-C26D3409743E}C:\users\breaker\appdata\local\programs\opera\78.0.4093.147\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\78.0.4093.147\opera.exe => No File
FirewallRules: [UDP Query User{A5EDEEB6-EB2F-426B-93C7-E1DD83BA39B1}C:\users\breaker\appdata\local\programs\opera\78.0.4093.147\opera.exe] => (Block) C:\users\breaker\appdata\local\programs\opera\78.0.4093.147\opera.exe => No File
FirewallRules: [{32664722-5655-452E-B168-BBCE1A53EF8A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12120.6.54012.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{A8EF778D-7CE7-421E-93D6-C737FD109810}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12120.6.54012.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{A36CBF9F-BF47-42B8-82BF-7E55616D725D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12120.6.54012.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{156B998F-E27A-45CC-AB16-2FF51901C8C5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12120.6.54012.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{F788EF34-CC3E-4C3A-9064-ACC393DA5E53}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12120.6.54012.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{73E24AB8-BF31-456D-A862-05AB083FE132}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12120.6.54012.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{495BFA92-FEBD-4908-A0E0-9914A3619309}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12120.6.54012.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{D3FFC166-60FA-42D7-BAF8-E8E5038F68A4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12120.6.54012.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
"C:\Program Files\Bonjour" => not found
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D1EF7D34-C3DE-411E-B60B-FF66E82F0614}" => not found
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DD7FF5B0-5F42-4F05-B899-A3BFCAEAE1D7}" => not found
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => not found
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => not found
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => not found
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => not found
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => not found
SystemServices => service not found.
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{BA76DBC0-FF47-4C5A-A563-E89C94266E68}C:\games\world_of_tanks_eu\win64\worldoftanks.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A0BB0218-BB54-4963-B33C-246E5AE8B556}C:\games\world_of_tanks_eu\win64\worldoftanks.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1D43EEC8-8AB6-47BE-B794-F9C5F6BF0E41}C:\programdata\wargaming.net\gamecenter\wgc.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6C077D38-D9B9-4E9B-B5E3-85A047236B5F}C:\programdata\wargaming.net\gamecenter\wgc.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F6F6DACF-34B2-4586-9BE1-0F2BC13B2FB8}C:\users\breaker\appdata\local\programs\opera\73.0.3856.344\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F5F51E17-3158-46F9-A57B-7FB42EF8E16B}C:\users\breaker\appdata\local\programs\opera\73.0.3856.344\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D86CFB3E-2711-4958-BFF3-A0288A9FD1D4}C:\users\breaker\appdata\local\programs\opera\73.0.3856.329\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{08E43C4E-2292-44CB-8B62-0781F868A4FC}C:\users\breaker\appdata\local\programs\opera\73.0.3856.329\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{36C76E4A-3BEA-4B54-8884-061C038B32A8}C:\counter-strike 1.6\hl.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F48A4ED3-FA00-4A0D-80B4-650118447C46}C:\counter-strike 1.6\hl.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{75C9D0CC-69F2-4576-9582-5E287B006E94}C:\users\breaker\appdata\local\programs\opera\73.0.3856.284\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{331C441A-EED8-4229-85A3-6504FF015FA0}C:\users\breaker\appdata\local\programs\opera\73.0.3856.284\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3C25A652-4509-40D1-94EB-DE85AF9501F5}C:\users\breaker\appdata\local\programs\opera\72.0.3815.400\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4FB93205-2394-4DF4-9BA5-B000604A2318}C:\users\breaker\appdata\local\programs\opera\72.0.3815.400\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1F24942F-7428-45FF-9D73-DDA5C158932E}C:\users\breaker\appdata\local\programs\opera\72.0.3815.320\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6B4B0E33-666C-4CEE-A001-6BF3E2ED7505}C:\users\breaker\appdata\local\programs\opera\72.0.3815.320\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{CAF4B52D-CCC7-43C6-A33A-68891D29DBC7}C:\users\breaker\appdata\local\programs\opera\72.0.3815.186\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{372721BB-08FB-4C12-8C26-E1820969234B}C:\users\breaker\appdata\local\programs\opera\72.0.3815.186\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A6CF546A-F802-4031-8ABB-E6A7F508566B}C:\users\breaker\appdata\local\programs\opera\71.0.3770.284\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CCB8B022-7E66-40A2-94CE-DF6EB1A5B2E8}C:\users\breaker\appdata\local\programs\opera\71.0.3770.284\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{76063F6A-2F4B-4653-B237-929E0A8E8616}C:\users\breaker\appdata\local\programs\opera\71.0.3770.271\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9320B8C8-0D82-4BED-B5FF-336F7220512E}C:\users\breaker\appdata\local\programs\opera\71.0.3770.271\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{61017C21-83C2-49B2-9A15-4070DB5B7D28}C:\users\breaker\appdata\local\programs\opera\71.0.3770.228\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5753650B-0486-42D3-9862-8D90421D9C21}C:\users\breaker\appdata\local\programs\opera\71.0.3770.228\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{EF09E132-4022-43E5-8CAD-85AE4C54116B}C:\users\breaker\appdata\local\programs\opera\70.0.3728.189\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{02EEA0F8-07D4-4514-865E-D3B784FC6567}C:\users\breaker\appdata\local\programs\opera\70.0.3728.189\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D5658D1A-3F9D-4EA1-9D6B-9827FFE2D5CC}C:\users\breaker\appdata\local\programs\opera\70.0.3728.106\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{ADF858E8-4374-43B0-9557-BFCF0FAF8537}C:\users\breaker\appdata\local\programs\opera\70.0.3728.106\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4A54E030-F3ED-42B4-A9EF-48BB68BBB507}C:\users\breaker\appdata\local\programs\opera\69.0.3686.95\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5B5A4663-98A9-4E48-9F27-108E3E7C697D}C:\users\breaker\appdata\local\programs\opera\69.0.3686.95\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F3C2E6C8-CCF7-4433-ADAB-CA9D48D54D58}C:\users\breaker\appdata\local\programs\opera\69.0.3686.77\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{98C10FC1-F784-4FFC-A2F6-EE535C9A261B}C:\users\breaker\appdata\local\programs\opera\69.0.3686.77\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5938F8BD-E41F-4DFF-882F-C992CC1D8D79}C:\users\breaker\appdata\local\programs\opera\74.0.3911.203\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E57424FE-C333-44F8-A63B-9B82C338879F}C:\users\breaker\appdata\local\programs\opera\74.0.3911.203\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{33642081-EF61-48A8-9D60-B0146D45483D}C:\users\breaker\appdata\local\programs\opera\74.0.3911.218\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4A7E2CD5-4560-4CCC-A7BA-436FD536DBFE}C:\users\breaker\appdata\local\programs\opera\74.0.3911.218\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E348EAE0-AD15-46E9-AD02-727EDB070DB7}C:\users\breaker\appdata\local\programs\opera\75.0.3969.149\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8D6B8BEA-006E-4792-AB0D-7BBDD9A119D3}C:\users\breaker\appdata\local\programs\opera\75.0.3969.149\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{333B0888-C62C-460F-8F81-4A1F249E147F}C:\users\breaker\appdata\local\programs\opera\75.0.3969.171\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2C9AC83F-1791-45B9-AAEB-600FBE0117C1}C:\users\breaker\appdata\local\programs\opera\75.0.3969.171\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C6587BA7-4C52-4D48-8C1A-8BBC7ECC1318}C:\users\breaker\appdata\local\programs\opera\75.0.3969.243\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{00F60EBB-E05A-40D5-B12F-03C2D771241A}C:\users\breaker\appdata\local\programs\opera\75.0.3969.243\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{05AF10F0-9249-44C3-B535-69F264A54389}C:\users\breaker\appdata\local\programs\opera\76.0.4017.107\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0A0E8D8A-CA99-4A47-BD41-75FC93962C97}C:\users\breaker\appdata\local\programs\opera\76.0.4017.107\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{124A0635-57DA-4EE6-A6F0-7758C2828C23}C:\program files (x86)\warzone\csgo warzone\csgo.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{09ACD6C3-1073-4EC6-A376-6C9985AAC168}C:\program files (x86)\warzone\csgo warzone\csgo.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A380BF8B-3718-4308-A837-C4F7558E9369}C:\users\breaker\appdata\local\programs\opera\76.0.4017.123\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FA3A8D2E-B950-43DC-A938-2D084A290E98}C:\users\breaker\appdata\local\programs\opera\76.0.4017.123\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2BB3E5C8-D22C-4B3F-A599-3A14135523CE}C:\users\breaker\appdata\local\programs\opera\76.0.4017.154\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F26823D5-164F-4CDF-9C09-75B6FA802BB8}C:\users\breaker\appdata\local\programs\opera\76.0.4017.154\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{132F2A16-732E-4836-A6A1-70DF7F7D886E}C:\users\breaker\appdata\local\programs\opera\77.0.4054.90\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0780AD99-CE52-41E7-B8D4-3CC70BB520ED}C:\users\breaker\appdata\local\programs\opera\77.0.4054.90\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{447BAC40-B08F-493C-8FC7-C26D3409743E}C:\users\breaker\appdata\local\programs\opera\78.0.4093.147\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A5EDEEB6-EB2F-426B-93C7-E1DD83BA39B1}C:\users\breaker\appdata\local\programs\opera\78.0.4093.147\opera.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{32664722-5655-452E-B168-BBCE1A53EF8A}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A8EF778D-7CE7-421E-93D6-C737FD109810}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A36CBF9F-BF47-42B8-82BF-7E55616D725D}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{156B998F-E27A-45CC-AB16-2FF51901C8C5}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F788EF34-CC3E-4C3A-9064-ACC393DA5E53}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{73E24AB8-BF31-456D-A862-05AB083FE132}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{495BFA92-FEBD-4908-A0E0-9914A3619309}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D3FFC166-60FA-42D7-BAF8-E8E5038F68A4}" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 786432 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9516314 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 1790 B
Edge => 0 B
Chrome => 0 B
Firefox => 0 B
Opera => 13589087 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 4624 B
NetworkService => 4624 B
breaker => 2031497 B

RecycleBin => 93884 B
EmptyTemp: => 24.8 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 16:26:50 ====
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: probliknutí CMD po spuštení

#8 Příspěvek od Rudy »

OK, vyčištěno.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
pepe24
Návštěvník
Návštěvník
Příspěvky: 28
Registrován: 16 dub 2018 14:42

Re: probliknutí CMD po spuštení

#9 Příspěvek od pepe24 »

Dík moc,
seš pán !
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118275
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: probliknutí CMD po spuštení

#10 Příspěvek od Rudy »

Rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“