Prosím o kontrolu- podezření na vir (hack)(ckera)?

[Ríša]

Dobrý den.

Prosím o kontrolu, protože se mi na mém účtu na YouTube objevilo tak 23 cizích videí, které jsem nenatočil já. Taky mě to pořád odhlašuje z messengeru a i Google mi občas hlásí cizí aktivitu.
A nevím, jestli to má také spojitost, ale na instagramu se mi ukazuje, že sleduji 600 lidí. Což je blbost, protože bych měl podle správného sledovat jen něco kolem 90 lidí.

Děkuji a níže zasílám log z frst a addition.
Ríša

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-12-2021
Ran by Taurus (administrator) on DESKTOP-H7620DS (Dell Inc. OptiPlex 7020) (30-12-2021 12:36:03)
Running from C:\Users\Taurus\Desktop
Loaded Profiles: Taurus
Platform: Microsoft Windows 10 Pro Version 20H2 19042.1415 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Users\Taurus\AppData\Local\cache\subst.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <17>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Intel(R) pGFX 2020 -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9230176 2020-08-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489280 2020-08-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Genshin Impact Beta_Launcher] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-440998740-4008055368-1726229258-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4839936 2021-12-16] (Valve Corporation) [File not signed]
HKU\S-1-5-21-440998740-4008055368-1726229258-1001\...\Run: [uTorrent] => C:\Users\Taurus\AppData\Roaming\uTorrent\uTorrent.exe [2091560 2021-09-19] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-440998740-4008055368-1726229258-1001\...\Run: [ut] => C:\Users\Taurus\AppData\Roaming\uTorrent\uTorrent.exe [2091560 2021-09-19] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-440998740-4008055368-1726229258-1001\...\Run: [Gaijin.Net Updater] => "C:\Users\Taurus\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe" (No File)
HKU\S-1-5-21-440998740-4008055368-1726229258-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33618400 2021-12-17] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-440998740-4008055368-1726229258-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-440998740-4008055368-1726229258-1001\...\MountPoints2: {5bcf3bb4-dccb-11ea-a38b-989096d10fc1} - "E:\Setup.exe"
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3500 series: CNMLMBV.DLL
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [359936 2013-01-24] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\PCL hpz3lw71: C:\Windows\system32\hpz3lw71.dll [46080 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.110\Installer\chrmstp.exe [2021-12-16] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2021-05-14]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
Startup: C:\Users\Taurus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Adobe\9D55.exe [2021-12-28] (HP) [File not signed]
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0258E12B-DAE3-46B3-ACF1-1BADDCC300E8} - System32\Tasks\IAStorIcon => C:\Program Files\Intel\Intel(R) Virtual RAID on CPU\IAStorIcon.exe [290864 2019-09-24] (Intel(R) Virtual RAID On CPU -> Intel Corporation)
Task: {0858E665-F26D-4D5D-9F4A-30317D942787} - System32\Tasks\Uninstaller_SkipUac_Taurus => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [6041360 2020-07-08] (IObit Information Technology -> IObit)
Task: {193BC1AE-05A2-4129-9F97-9F6CF2D76532} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-06-23] (Google LLC -> Google LLC)
Task: {24D759CE-44B9-4E24-A1D5-1B6FEA6A141B} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [275136 2021-11-23] (Bluestack Systems, Inc -> BlueStack Systems, Inc.)
Task: {3CD4DAC7-7B83-445C-B9DB-2789AD180F67} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe (No File)
Task: {512B864E-45A9-40EE-8020-3BB0BA5A5BF3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-06-23] (Google LLC -> Google LLC)
Task: {5149AE25-8B79-45CD-94D6-1437C5B1CBCF} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186} => C:\Users\Taurus\AppData\Local\cache\subst.exe [19456 2021-12-28] () [File not signed]
Task: {79407824-5C4D-48A6-9C8C-82C7194EAD97} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe /from_scheduler:1 (No File)
Task: {9AACE8B9-2998-4A88-BF50-93D005BAA188} - \Firefox Default Browser Agent A37A1D5DC15A18EF -> No File <==== ATTENTION
Task: {A07EE0E4-EB41-485D-825C-5FA8BC28D07D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [336952 2021-05-26] (Adobe Inc. -> Adobe)
Task: {C3F14BD8-EE6B-4F1D-AA86-492B2ED78C69} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{0d54fff9-b1ca-4e67-9c51-9a0021df6c0e}: [DhcpNameServer] 62.129.50.20 85.135.32.100
HKLM\System\...\Parameters\PersistentRoutes: [169.254.0.0,255.255.0.0,192.168.100.2,1]

Edge:
=======
DownloadDir: C:\Users\Taurus\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-440998740-4008055368-1726229258-1001 -> hxxps://www.yandex.ru/?win=479&clid=2278150
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2021-05-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2021-05-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [No File]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Taurus\AppData\Local\Google\Chrome\User Data\Default [2021-12-30]
CHR DownloadDir: C:\Users\Taurus\Downloads
CHR Notifications: Default -> hxxps://www.facebook.com; hxxps://www.youtube.com
CHR Extension: (YouTube) - C:\Users\Taurus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-02-10]
CHR Extension: (YoutubeDownloader) - C:\Users\Taurus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfcdbodapcbfckbfpmgeldfkkgjknceo [2021-12-16] [UpdateUrl:hxxps://clients24.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Taurus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-12-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Taurus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Profile: C:\Users\Taurus\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-09-21]
CHR Extension: (YoutubeDownloader) - C:\Users\Taurus\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\gfcdbodapcbfckbfpmgeldfkkgjknceo [2021-12-16] [UpdateUrl:hxxps://clients57.google.com/service/update2/crx] <==== ATTENTION
CHR Profile: C:\Users\Taurus\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-11-27]
CHR Notifications: Profile 1 -> hxxps://www.youtube.com
CHR Extension: (Prezentace) - C:\Users\Taurus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-09-09]
CHR Extension: (Dokumenty) - C:\Users\Taurus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2020-09-09]
CHR Extension: (Disk Google) - C:\Users\Taurus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-30]
CHR Extension: (Новости онлайн. Новости с доставкой) - C:\Users\Taurus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beodcaglcadkdfgnlgdpcchgonahgpek [2021-03-01]
CHR Extension: (YouTube) - C:\Users\Taurus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-09-09]
CHR Extension: (Tabulky) - C:\Users\Taurus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-09-09]
CHR Extension: (Gifty Box) - C:\Users\Taurus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ffbpkekeilfbbedekpbdmmoocjfaakpm [2021-03-01]
CHR Extension: (YoutubeDownloader) - C:\Users\Taurus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gfcdbodapcbfckbfpmgeldfkkgjknceo [2021-12-16] [UpdateUrl:hxxps://clients44.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (Dokumenty Google offline) - C:\Users\Taurus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Taurus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-02]
CHR Extension: (Gmail) - C:\Users\Taurus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-30]
CHR Profile: C:\Users\Taurus\AppData\Local\Google\Chrome\User Data\System Profile [2021-09-21]
CHR Extension: (YoutubeDownloader) - C:\Users\Taurus\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\gfcdbodapcbfckbfpmgeldfkkgjknceo [2021-12-16] [UpdateUrl:hxxps://clients14.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (d8yI+Hf7rX) - C:\Users\Taurus\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\oaalopfehfjhglmfgfccdekgfoegogeb [2020-09-09]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [336952 2021-05-26] (Adobe Inc. -> Adobe)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901968 2021-03-05] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2021-08-31] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2021-10-01] (Epic Games Inc. -> Epic Games, Inc.)
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [156944 2020-07-08] (IObit Information Technology -> IObit)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7848632 2021-11-28] (Malwarebytes Inc -> Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6138112 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\NisSrv.exe [2343112 2020-09-22] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MsMpEng.exe [128360 2020-09-22] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 AppServicea; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServiceb; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServicec; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServiced; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServicee; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServicef; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServiceg; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServiceh; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServicei; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServicej; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServicek; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServicel; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServicem; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServicen; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServiceo; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServicep; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServiceq; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServicer; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServices; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServicet; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServiceu; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServicev; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServicew; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServicex; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServicey; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S3 Origin Client Service; "C:\Program Files (x86)\Origin\OriginClientService.exe" [X]
S2 Origin Web Helper Service; "C:\Program Files (x86)\Origin\OriginWebHelperService.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [320744 2021-11-23] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 DroidCam; C:\Windows\System32\drivers\droidcam.sys [32240 2020-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Dev47Apps)
S3 DroidCamVideo; C:\Windows\System32\drivers\droidcamvideo.sys [33784 2020-10-04] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [44104 2020-07-08] (IObit Information Technology -> IObit)
R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37328 2020-07-08] (IObit Information Technology -> IObit)
R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [49800 2020-07-08] (IObit Information Technology -> IObit)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2021-06-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-11-28] (Malwarebytes Inc -> Malwarebytes)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [48520 2020-09-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [428256 2020-09-22] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [69856 2020-09-22] (Microsoft Windows -> Microsoft Corporation)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [310536 2021-01-05] (Beijing Duodian Online Science and Technology Co.,Ltd -> BigNox Corporation)
S3 cpuz145; \??\C:\Windows\temp\cpuz145\cpuz145_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-12-30 12:36 - 2021-12-30 12:37 - 000020254 _____ C:\Users\Taurus\Desktop\FRST.txt
2021-12-30 12:34 - 2021-12-30 12:36 - 000000000 ____D C:\FRST
2021-12-30 12:34 - 2021-12-30 12:34 - 002311168 _____ (Farbar) C:\Users\Taurus\Desktop\FRST64.exe
2021-12-30 11:55 - 2021-12-30 11:55 - 000012320 _____ C:\Users\Taurus\AppData\Roaming\fcbc8b467ea1ddfb.bin
2021-12-30 11:08 - 2021-12-30 11:08 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-12-28 23:49 - 2021-12-28 23:49 - 000000000 ____D C:\Users\Taurus\AppData\LocalLow\Z_Software GmbH
2021-12-28 23:09 - 2021-12-28 23:09 - 016252928 _____ C:\Windows\system32\config\SYSTEM
2021-12-28 23:09 - 2021-12-28 23:09 - 016252928 _____ C:\Windows\system32\config\BCD000000
2021-12-28 20:22 - 2021-12-28 21:05 - 1339545298 _____ C:\Users\Taurus\Downloads\Autobahn.Police.Simulator.zip
2021-12-28 19:24 - 2021-12-28 19:24 - 000000000 ____D C:\Users\Taurus\AppData\Local\KC Quality Consult Ltd
2021-12-28 19:06 - 2021-12-28 23:33 - 000000000 __RHD C:\Users\Taurus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Adobe
2021-12-28 18:44 - 2021-12-28 18:44 - 000000000 _____ C:\Users\Taurus\AppData\Roaming\supra.exe
2021-12-28 18:43 - 2021-12-28 18:43 - 000000000 ____D C:\ProgramData\T2ZMO03X9ZY2BCQ31MWQY7DLZ
2021-12-28 18:41 - 2021-12-28 19:06 - 000000000 ____D C:\Program Files (x86)\Company
2021-12-28 18:41 - 2021-12-28 18:41 - 000003630 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186}
2021-12-28 18:41 - 2021-12-28 18:41 - 000000000 ___HD C:\Users\Taurus\AppData\Local\cache
2021-12-28 18:39 - 2021-12-28 23:33 - 000000000 ___HD C:\Users\Taurus\AppData\Roaming\16481079
2021-12-28 18:39 - 2021-12-28 18:39 - 000000000 ____D C:\ProgramData\SW4R25RDA6UJZWQNCAU6B8L1O
2021-12-28 18:37 - 2021-12-28 18:37 - 000000000 ____D C:\Users\Taurus\Downloads\Autobahn.Police.Simulator-RELOADED
2021-12-28 18:34 - 2021-12-28 18:35 - 000000000 ____D C:\Users\Taurus\AppData\LocalLow\uTorrent
2021-12-28 16:08 - 2021-12-28 23:32 - 000000000 ____D C:\Users\Taurus\AppData\LocalLow\IGDump
2021-12-27 16:49 - 2021-12-27 16:49 - 000393216 _____ C:\ProgramData\dccee.dll
2021-12-27 13:49 - 2021-12-27 13:49 - 000001450 _____ C:\Users\Taurus\Desktop\Roblox Player.lnk
2021-12-27 13:48 - 2021-12-27 14:32 - 000000000 ____D C:\Users\Taurus\AppData\Local\Roblox
2021-12-27 13:48 - 2021-12-27 13:58 - 000000252 _____ C:\Users\Taurus\AppData\LocalLow\rbxcsettings.rbx
2021-12-27 13:48 - 2021-12-27 13:48 - 000001261 _____ C:\Users\Taurus\Desktop\Roblox Studio.lnk
2021-12-27 11:59 - 2021-12-27 11:59 - 000000000 ____D C:\Users\Taurus\AppData\LocalLow\Z-Software GmbH
2021-12-27 11:56 - 2021-04-25 07:58 - 000000000 ____D C:\Users\Taurus\Desktop\Autobahn Police Simulator 2
2021-12-22 17:08 - 2021-12-22 17:08 - 000000000 ____D C:\ProgramData\.mono
2021-12-22 17:04 - 2021-12-28 16:21 - 000000000 ____D C:\Users\Taurus\Desktop\CarX.Drift.Racing.Online.v1.0.3.Patch.1
2021-12-22 16:48 - 2021-12-22 16:48 - 000000000 ____D C:\Users\Taurus\AppData\LocalLow\CarX Technologies
2021-12-21 21:54 - 2021-12-21 21:54 - 000000000 ____D C:\Users\Taurus\AppData\LocalLow\U-Play online
2021-12-18 12:26 - 2021-12-18 12:26 - 000000270 __RSH C:\ProgramData\ntuser.pol
2021-12-16 22:34 - 2021-12-16 22:34 - 000781456 _____ C:\Users\Taurus\AppData\Local\fcf616d8-cb7c-4317-b20a-18b489d0e6f9.exe
2021-12-16 22:25 - 2021-12-16 22:25 - 000291476 _____ C:\Users\Taurus\AppData\LocalLow\8Syvpkyn004.zip
2021-12-16 22:08 - 2021-12-16 22:08 - 000000000 ____D C:\Users\Taurus\AppData\Local\mbam
2021-12-16 21:32 - 2021-12-16 21:32 - 000781456 _____ C:\Users\Taurus\AppData\Local\0618ad50-7012-45b0-9195-c4aa07e58317.exe
2021-12-16 21:30 - 2021-12-16 22:56 - 000000000 ____D C:\Users\Taurus\AppData\Local\Driver package
2021-12-16 21:20 - 2021-12-16 21:20 - 000000000 ____D C:\Users\Taurus\AppData\Local\WinDate
2021-12-16 21:12 - 2021-12-16 21:12 - 000000000 ____D C:\Windows\SystemTemp
2021-12-16 21:09 - 2021-12-16 21:09 - 000000000 ____D C:\ProgramData\A3SWD714T8NFW2JTP9A3N3HXY
2021-12-16 21:08 - 2021-12-16 22:56 - 000000000 ____D C:\Users\Taurus\AppData\Local\The Unspoken Vision
2021-12-16 21:07 - 2021-12-16 22:52 - 000000000 ____D C:\Users\Taurus\AppData\Roaming\Sysfiles
2021-12-16 21:06 - 2021-12-16 22:52 - 000000000 ____D C:\Users\Taurus\AppData\LocalLow\hJ0aK0
2021-12-16 21:06 - 2021-12-16 21:06 - 000232782 _____ C:\Users\Taurus\AppData\LocalLow\BfaGLZcxr6X.zip
2021-12-16 21:06 - 2021-12-16 21:06 - 000000000 ____D C:\Users\Taurus\AppData\LocalLow\discord_files
2021-12-16 21:04 - 2021-12-16 22:56 - 000000000 ____D C:\Users\Taurus\AppData\Roaming\neofed
2021-12-16 21:04 - 2021-12-16 21:04 - 000000000 ____D C:\Users\Taurus\AppData\Local\Calculator
2021-12-16 21:04 - 2021-12-16 21:04 - 000000000 ____D C:\Users\Taurus\AppData\Local\AdvinstAnalytics
2021-12-16 21:02 - 2021-12-16 21:02 - 000000000 ____D C:\Program Files\Common Files\DKKCWOYYBD
2021-12-16 21:01 - 2021-12-16 21:01 - 000000000 ____D C:\Users\Taurus\AppData\Roaming\{FBBC91BE-3FE9-4FDF-99EA-8DE339E10101}
2021-12-16 21:00 - 2021-12-16 21:07 - 000000000 ____D C:\ProgramData\PHM28YD1YL9D1Z23FZSORAZ6D
2021-12-16 21:00 - 2021-12-16 21:07 - 000000000 ____D C:\ProgramData\64WRJ003P3BPF5Z5DUIAJ3200
2021-12-16 21:00 - 2021-12-16 21:06 - 000000000 ____D C:\ProgramData\Y31B5TKSOTLW1Q2ML0G6XPZUP
2021-12-16 21:00 - 2021-12-16 21:00 - 000000000 ____D C:\Users\Taurus\AppData\Roaming\ProfCleaner
2021-12-16 21:00 - 2021-12-16 21:00 - 000000000 ____D C:\Users\Taurus\AppData\Local\Yandex
2021-12-16 17:43 - 2021-12-16 17:43 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
2021-12-16 17:43 - 2021-12-16 17:43 - 000011979 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-12-16 17:42 - 2021-12-16 17:42 - 000272384 _____ C:\Windows\system32\TpmTool.exe
2021-12-16 17:42 - 2021-12-16 17:42 - 000162816 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2021-12-16 17:10 - 2021-12-16 17:10 - 000000000 ___HD C:\$WinREAgent
2021-12-04 11:45 - 2021-12-04 11:45 - 000226168 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2021-12-01 17:34 - 2021-12-04 16:28 - 000000000 ____D C:\Users\Taurus\AppData\Local\Riot Games
2021-11-30 21:56 - 2021-11-30 21:57 - 000000000 ____D C:\Users\Taurus\AppData\Local\SquirrelTemp
2021-11-30 16:08 - 2021-12-28 20:54 - 000000000 ____D C:\Users\Taurus\AppData\Local\CrashDumps

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-12-30 12:28 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-12-30 11:45 - 2020-08-10 20:47 - 000000000 ____D C:\Program Files (x86)\Google
2021-12-30 11:08 - 2020-08-10 20:39 - 000000000 __SHD C:\Users\Taurus\IntelGraphicsProfiles
2021-12-30 00:50 - 2021-11-29 13:32 - 000000000 ____D C:\ProgramData\BlueStacks_nxt
2021-12-30 00:50 - 2020-08-29 22:19 - 000000000 ____D C:\Users\Taurus\AppData\Roaming\.minecraft
2021-12-30 00:37 - 2020-08-29 22:20 - 000000000 ____D C:\Users\Taurus\AppData\Roaming\.tlauncher
2021-12-29 21:29 - 2021-02-15 13:11 - 000000000 ____D C:\Program Files (x86)\Steam
2021-12-29 21:08 - 2020-08-10 21:23 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-12-28 23:42 - 2020-08-10 20:33 - 001697062 _____ C:\Windows\system32\PerfStringBackup.INI
2021-12-28 23:42 - 2019-12-07 15:43 - 000717928 _____ C:\Windows\system32\perfh005.dat
2021-12-28 23:42 - 2019-12-07 15:43 - 000145604 _____ C:\Windows\system32\perfc005.dat
2021-12-28 23:42 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2021-12-28 23:36 - 2020-08-10 21:23 - 000008192 ___SH C:\DumpStack.log.tmp
2021-12-28 23:36 - 2020-08-10 21:23 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-12-28 23:09 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2021-12-28 23:08 - 2020-08-10 20:37 - 000000000 ____D C:\Users\Taurus
2021-12-28 21:15 - 2020-09-11 16:49 - 000000000 ____D C:\Games
2021-12-28 19:07 - 2020-08-11 00:12 - 000000000 ____D C:\ProgramData\ProductData
2021-12-28 18:44 - 2021-11-28 21:10 - 000000000 ____D C:\Users\Taurus\AppData\Local\BitTorrentHelper
2021-12-28 18:44 - 2020-09-11 13:55 - 000000000 ____D C:\Users\Taurus\AppData\Roaming\uTorrent
2021-12-28 16:21 - 2020-08-24 14:12 - 000000000 ____D C:\ProgramData\Riot Games
2021-12-27 13:49 - 2020-09-18 13:49 - 000000000 ____D C:\Users\Taurus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2021-12-25 14:30 - 2020-10-13 11:30 - 000000000 ____D C:\Users\Taurus\Desktop\Pro fb a rekt
2021-12-23 09:43 - 2020-10-14 16:24 - 000000000 ____D C:\Users\Taurus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2021-12-23 09:38 - 2021-11-29 20:40 - 000000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2021-12-21 22:17 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-12-21 22:17 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2021-12-16 21:16 - 2020-08-10 21:23 - 000409232 _____ C:\Windows\system32\FNTCACHE.DAT
2021-12-16 21:12 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-12-16 21:12 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-12-16 21:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2021-12-16 21:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2021-12-16 21:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2021-12-16 21:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lv-LV
2021-12-16 21:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lt-LT
2021-12-16 21:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\et-EE
2021-12-16 21:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\es-MX
2021-12-16 21:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Provisioning
2021-12-16 21:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-12-16 21:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2021-12-16 17:57 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2021-12-16 17:05 - 2020-10-29 10:03 - 000000000 ____D C:\Windows\system32\MRT
2021-12-16 17:02 - 2020-10-29 10:02 - 137938848 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-12-16 06:23 - 2020-08-10 20:48 - 000002301 _____ C:\Users\Taurus\Desktop\Google Chrome.lnk
2021-12-15 17:02 - 2021-11-26 18:21 - 000000000 ____D C:\Users\Taurus\AppData\Local\GameAnalytics
2021-12-15 15:24 - 2021-11-07 21:45 - 000000000 ____D C:\Users\Taurus\Desktop\Blbůstky
2021-12-10 22:32 - 2021-05-27 05:56 - 000000000 ____D C:\Program Files\Epic Games
2021-12-09 18:33 - 2020-08-10 23:16 - 000000000 ____D C:\ProgramData\Package Cache
2021-12-05 21:17 - 2021-11-21 13:33 - 000000000 ____D C:\Users\Taurus\Desktop\Wojta
2021-12-05 21:17 - 2021-10-24 20:12 - 000000000 ____D C:\Users\Taurus\Desktop\RANDOM VIDEA NA SETŘÍHÁNÍ
2021-12-04 16:28 - 2021-10-25 19:14 - 000001491 _____ C:\Users\Taurus\Desktop\Riot Client.lnk

==================== Files in the root of some directories ========

2021-12-27 16:49 - 2021-12-27 16:49 - 000393216 _____ () C:\ProgramData\dccee.dll
2021-09-19 21:02 - 2021-09-19 21:02 - 000000025 _____ () C:\Users\Taurus\AppData\Roaming\alsoft.ini
2021-06-09 15:05 - 2021-06-09 15:05 - 000264192 _____ () C:\Users\Taurus\AppData\Roaming\cfwtsti
2020-08-14 20:33 - 2020-08-28 14:46 - 000028672 _____ () C:\Users\Taurus\AppData\Roaming\crash.bin
2021-12-30 11:55 - 2021-12-30 11:55 - 000012320 _____ () C:\Users\Taurus\AppData\Roaming\fcbc8b467ea1ddfb.bin
2020-11-13 08:26 - 2020-11-13 08:26 - 000320202 ___SH () C:\Users\Taurus\AppData\Roaming\fvcdfvw
2021-06-09 15:05 - 2021-06-09 15:05 - 000339456 _____ () C:\Users\Taurus\AppData\Roaming\fwwtsti
2021-06-09 15:05 - 2021-06-09 15:05 - 000307712 _____ () C:\Users\Taurus\AppData\Roaming\iswtsti
2020-10-19 12:48 - 2021-02-14 22:25 - 000000209 _____ () C:\Users\Taurus\AppData\Roaming\jjv5conf.json
2021-02-18 21:42 - 2021-02-18 22:40 - 000000096 _____ () C:\Users\Taurus\AppData\Roaming\LauncherSettings_live.cfg
2021-01-26 09:50 - 2021-01-26 09:50 - 000000015 _____ () C:\Users\Taurus\AppData\Roaming\obs-virtualcam.txt
2021-06-09 15:05 - 2021-06-09 15:05 - 000248375 ___SH () C:\Users\Taurus\AppData\Roaming\rdhrbuf
2021-12-28 18:44 - 2021-12-28 18:44 - 000000000 _____ () C:\Users\Taurus\AppData\Roaming\supra.exe
2021-08-27 15:09 - 2021-08-27 15:09 - 000019852 _____ () C:\Users\Taurus\AppData\Roaming\Microsoft\CharGlobal
2021-12-16 21:32 - 2021-12-16 21:32 - 000781456 _____ () C:\Users\Taurus\AppData\Local\0618ad50-7012-45b0-9195-c4aa07e58317.exe
2021-12-16 22:34 - 2021-12-16 22:34 - 000781456 _____ () C:\Users\Taurus\AppData\Local\fcf616d8-cb7c-4317-b20a-18b489d0e6f9.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

zasílám text z FRST



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-12-2021
Ran by Taurus (30-12-2021 12:38:44)
Running from C:\Users\Taurus\Desktop
Microsoft Windows 10 Pro Version 20H2 19042.1415 (X64) (2020-08-10 19:29:41)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-440998740-4008055368-1726229258-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-440998740-4008055368-1726229258-503 - Limited - Disabled)
Guest (S-1-5-21-440998740-4008055368-1726229258-501 - Limited - Disabled)
Taurus (S-1-5-21-440998740-4008055368-1726229258-1001 - Administrator - Enabled) => C:\Users\Taurus
WDAGUtilityAccount (S-1-5-21-440998740-4008055368-1726229258-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-440998740-4008055368-1726229258-1001\...\uTorrent) (Version: 3.5.5.46096 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
ApowerEdit V1.6.1.8 (HKLM-x32\...\{3089CCCD-BC5F-4309-A3C1-45B5ACA7A5E7}_is1) (Version: 1.6.1.8 - Apowersoft LIMITED)
Batman: Arkham City (HKLM-x32\...\Batman: Arkham City_is1) (Version: - )
Blackmagic RAW Common Components (HKLM\...\{C569CAEE-D0BF-45DE-833E-E97988B5CB8B}) (Version: 1.8 - Blackmagic Design)
BlueStacks 5 (HKLM\...\BlueStacks_nxt) (Version: 5.4.50.1009 - BlueStack Systems, Inc.)
BlueStacks X (HKU\S-1-5-21-440998740-4008055368-1726229258-1001\...\BlueStacks X) (Version: 0.12.1.8 - BlueStack Systems, Inc.)
Epic Games Launcher (HKLM-x32\...\{38032CA4-BABE-44FB-813F-E152455B8FED}) (Version: 1.1.291.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.110 - Google LLC)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F4200 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{8C925017-72A8-4C4A-AF21-84901E26638F}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 22.9 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5144 - Intel Corporation)
Intel(R) Virtual RAID on CPU (HKLM-x32\...\{fe14d5b2-aa03-4c4d-8458-f089749db800}) (Version: 6.2.0.1239 - Intel Corporation)
IObit Uninstaller 9 (HKLM-x32\...\IObitUninstall) (Version: 9.6.0.3 - IObit)
Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-440998740-4008055368-1726229258-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Malwarebytes version 4.4.10.144 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.10.144 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.9060.3 - Waves Audio Ltd.) Hidden
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{51adbf11-493f-431c-a862-967a0fae2944}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30135 (HKLM-x32\...\{fa7f6d52-f85e-48ef-8f56-a37268aa5772}) (Version: 14.29.30135.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30133 (HKLM-x32\...\{38b2c744-ad08-4d5b-91a2-3fb6f739ff3e}) (Version: 14.29.30133.0 - Microsoft Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.0.2 - OBS Project)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6127 - Realtek Semiconductor Corp.)
Roblox Player for Taurus (HKU\S-1-5-21-440998740-4008055368-1726229258-1001\...\roblox-player) (Version: - Roblox Corporation)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Splinter Cell: Blacklist (HKLM-x32\...\Splinter Cell: Blacklist_is1) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tom Clancys Splinter Cell Blacklist [1.03] (HKLM-x32\...\Tom Clancys Splinter Cell Blacklist_is1) (Version: - Ubisoft Toronto)
Train Simulator 2016 (HKLM-x32\...\Train Simulator 2016_is1) (Version: - )
TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 124.3.10571 - Ubisoft)
Vegas Pro 13.0 (64-bit) (HKLM\...\{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 - Sony)
Vegas Pro 13.0 (64-bit) (HKLM-x32\...\Vegas Pro 13.0 (64-bit)) (Version: 13.0 (64-bit) - Exµs ™)
Wargaming.net Game Center (HKU\S-1-5-21-440998740-4008055368-1726229258-1001\...\Wargaming.net Game Center) (Version: 21.8.2.7331 - Wargaming.net)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Youtubers Life (HKLM-x32\...\Youtubers Life_is1) (Version: - )

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-09-08] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-08-11] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-08-11] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-440998740-4008055368-1726229258-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-440998740-4008055368-1726229258-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-440998740-4008055368-1726229258-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-440998740-4008055368-1726229258-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-440998740-4008055368-1726229258-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-440998740-4008055368-1726229258-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll -> No File
ContextMenuHandlers1: [AIMPClassic] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-08] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [SmartGameBoosterMenu] -> {96C86AD1-055D-457D-9C00-0D4A91ECF1B4} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-06-13] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll -> No File
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-08] (IObit Information Technology -> IObit)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2020-10-18] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-08] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-06-13] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2019-08-30] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2019-08-30] (Beepa P/L) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-10-03 18:26 - 2013-01-24 15:24 - 000359936 _____ (CANON INC.) [File not signed] C:\Windows\System32\CNMN6PPM.DLL

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Taurus:.repos [2118]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [9558]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-440998740-4008055368-1726229258-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yandex.ru/?win=479&clid=2278150
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2020-01-31] (IObit Information Technology -> IObit)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2021-05-13] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2021-05-13] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: No Name -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> No File
BHO-x32: IObit Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\PROGRA~2\IObit\ADVANC~1\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll => No File
Toolbar: HKLM-x32 - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
Toolbar: HKU\S-1-5-21-440998740-4008055368-1726229258-1001 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-440998740-4008055368-1726229258-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-440998740-4008055368-1726229258-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2021-12-28 20:53 - 000000000 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-440998740-4008055368-1726229258-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 62.129.50.20 - 85.135.32.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKU\S-1-5-21-440998740-4008055368-1726229258-1001\...\StartupApproved\StartupFolder: => "9D55.exe"
HKU\S-1-5-21-440998740-4008055368-1726229258-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-440998740-4008055368-1726229258-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-440998740-4008055368-1726229258-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-440998740-4008055368-1726229258-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-440998740-4008055368-1726229258-1001\...\StartupApproved\Run: => "Wargaming.net Game Center"
HKU\S-1-5-21-440998740-4008055368-1726229258-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-440998740-4008055368-1726229258-1001\...\StartupApproved\Run: => "ut"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{9A68AE86-45D8-4F9F-A222-B321D0CB7064}C:\windows\syswow64\svchost.exe] => (Allow) C:\windows\syswow64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [UDP Query User{1977A68E-3117-47D1-BE58-544DE965BA1F}C:\windows\syswow64\svchost.exe] => (Allow) C:\windows\syswow64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [TCP Query User{4505D3C0-DB62-4897-A00B-EC6B6E11E22D}C:\users\taurus\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\taurus\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{2D62C831-C06C-444D-A5F0-B1E0D94216BF}C:\users\taurus\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\taurus\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{AD35ABE4-7BCF-45E1-BFB6-297EBBF29AC6}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Editor Pro\Video Editor Pro.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{C6105F22-4D56-4E58-A9F2-8ECD3FE59ADD}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Editor Pro\Video Editor Pro.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{156FFDDC-CE9B-4507-8ED9-3246402080CA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9270D77C-D4B4-41DA-AE99-39E640CE781F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{501B694E-9A88-4ECD-A1EE-EF0712524056}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{31F663E4-A5BC-4F72-96A9-F2E4BEBA221F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5AE210F5-C7C7-4C59-A345-D4E1B07BF9FC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation) [File not signed]
FirewallRules: [{5CE27B86-9A93-4FC8-A83F-EBC06F9F1B65}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation) [File not signed]
FirewallRules: [TCP Query User{D4BEF23F-03AD-420F-8E64-B1CA6B3EAFA3}C:\users\taurus\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\taurus\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{8EC89896-C584-465C-A8FF-7C215960A857}C:\users\taurus\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\taurus\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{7A783868-00CA-4A42-9ACC-F3F622E59AEE}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe (Valve Corporation) [File not signed]
FirewallRules: [UDP Query User{8160CE2B-FB43-41E5-B919-8C140C0D959A}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe (Valve Corporation) [File not signed]
FirewallRules: [TCP Query User{0CC05DD9-390E-4CDC-99FF-934CED2A4290}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net) [File not signed]
FirewallRules: [UDP Query User{2C6234FC-D256-4D84-94A7-3043CDC27087}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net) [File not signed]
FirewallRules: [{E34C9810-2457-409A-B850-B1C4C06BAD42}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shakes & Fidget\shakesandfidget.exe () [File not signed]
FirewallRules: [{D8347724-C104-4916-81E6-966242AFA88C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shakes & Fidget\shakesandfidget.exe () [File not signed]
FirewallRules: [TCP Query User{83EBB2C2-26E3-4A29-9691-A3E0358FCB67}C:\games\batman - arkham city\binaries\win32\batmanac.exe] => (Allow) C:\games\batman - arkham city\binaries\win32\batmanac.exe (Rocksteady Studios Ltd.) [File not signed]
FirewallRules: [UDP Query User{7DAD53C8-9292-4238-8D2A-9425AC17AA0A}C:\games\batman - arkham city\binaries\win32\batmanac.exe] => (Allow) C:\games\batman - arkham city\binaries\win32\batmanac.exe (Rocksteady Studios Ltd.) [File not signed]
FirewallRules: [TCP Query User{BD930F80-B4EA-4AF9-9102-AD92D52C68D6}C:\games\batman - arkham city\binaries\win32\batmanac.exe] => (Allow) C:\games\batman - arkham city\binaries\win32\batmanac.exe (Rocksteady Studios Ltd.) [File not signed]
FirewallRules: [UDP Query User{92DACD70-B0E9-4E8A-A859-B86FE508C034}C:\games\batman - arkham city\binaries\win32\batmanac.exe] => (Allow) C:\games\batman - arkham city\binaries\win32\batmanac.exe (Rocksteady Studios Ltd.) [File not signed]
FirewallRules: [TCP Query User{1315CA18-42BD-4AB5-9929-F4D737E5692C}C:\program files\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [UDP Query User{A6BF4695-9072-4FBA-B517-B1E8E50AA9F5}C:\program files\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [{349C1293-6211-461A-9C15-F015EB08BF36}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe => No File
FirewallRules: [{4E33C180-BDFB-4D57-BEFD-BF36A8EBCABB}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe => No File
FirewallRules: [{C9D0BEBE-67E1-4C0A-8C7F-C2448FDA8DB7}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe => No File
FirewallRules: [{39C0509E-2753-42A7-9D0C-3A04EA0D93F0}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe => No File
FirewallRules: [TCP Query User{7C134FF5-02B1-451F-9D8B-D5B11C7B27DB}C:\program files (x86)\r.g. mechanics\medal of honor warfighter\mohw.exe] => (Allow) C:\program files (x86)\r.g. mechanics\medal of honor warfighter\mohw.exe => No File
FirewallRules: [UDP Query User{9E8ADDA2-F0B0-45BA-99EB-775845BEE1C2}C:\program files (x86)\r.g. mechanics\medal of honor warfighter\mohw.exe] => (Allow) C:\program files (x86)\r.g. mechanics\medal of honor warfighter\mohw.exe => No File
FirewallRules: [{773FA3F4-B48C-4F38-B305-56375971BF18}] => (Allow) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe (Wargaming.net) [File not signed]
FirewallRules: [{FFC4EF39-8025-4687-8606-943C05F31C01}] => (Allow) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe (Wargaming.net) [File not signed]
FirewallRules: [{BE70BBC0-2670-473D-840A-C3B2AF10D2CA}] => (Allow) C:\Games\World_of_Warplanes\WorldOfWarplanes.exe => No File
FirewallRules: [{EA444AEF-BA38-4CAB-ACE5-15BB8CC97598}] => (Allow) C:\Games\World_of_Warplanes\WorldOfWarplanes.exe => No File
FirewallRules: [{398EF542-698C-40FC-8699-FBB6B8354DB1}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe => No File
FirewallRules: [{08BF0D8E-4688-4708-AB8C-33282BFBA818}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe => No File
FirewallRules: [{C256CC04-52CC-40DC-9DEA-C2E05473381A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe => No File
FirewallRules: [{A121CAA2-E378-4CD7-A124-EE635A63FCAA}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe => No File
FirewallRules: [TCP Query User{D8CC171D-C9E8-4E63-AF4C-5D1B7B06244C}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe => No File
FirewallRules: [UDP Query User{C66BA71F-54AC-4B4A-81C9-CC67F77D0733}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe => No File
FirewallRules: [{56DC793D-5E76-4D7A-A090-E615C563D4F3}] => (Allow) C:\Users\Taurus\Desktop\4ukey-password-manager.exe => No File
FirewallRules: [{6F276EB3-1171-43AA-8B6C-729DFBCBF7AA}] => (Allow) C:\Users\Taurus\Desktop\4ukey-password-manager.exe => No File
FirewallRules: [TCP Query User{D57A4285-7818-4235-8AF5-F25FEE2DEAB5}C:\users\taurus\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\taurus\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [UDP Query User{FB03A18C-0C04-436C-BAD1-2981C19B09DF}C:\users\taurus\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\taurus\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [TCP Query User{86F53DCC-9F6C-44C0-8AC0-1C6BF8C52C3D}C:\users\taurus\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Allow) C:\users\taurus\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{72B17763-742B-40B1-A269-15C413890A99}C:\users\taurus\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Allow) C:\users\taurus\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{455F5A1D-F8F7-49F0-82ED-5C256D949F1D}C:\users\taurus\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\taurus\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe => No File
FirewallRules: [UDP Query User{DFF4C241-3165-46AF-9D7F-0B93D9A354F2}C:\users\taurus\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\taurus\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe => No File
FirewallRules: [TCP Query User{A3D81961-11A6-45BA-BD35-360C37FB6810}C:\program files (x86)\steam\steamapps\common\drug dealer simulator free sample\drugdealersimfs\binaries\win64\drugdealersimulator-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\drug dealer simulator free sample\drugdealersimfs\binaries\win64\drugdealersimulator-win64-shipping.exe => No File
FirewallRules: [UDP Query User{1CBB3BC2-F9A8-4488-A568-C155482CB2BE}C:\program files (x86)\steam\steamapps\common\drug dealer simulator free sample\drugdealersimfs\binaries\win64\drugdealersimulator-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\drug dealer simulator free sample\drugdealersimfs\binaries\win64\drugdealersimulator-win64-shipping.exe => No File
FirewallRules: [{D307776E-0953-4C64-91E2-AD573EEAE405}] => (Allow) C:\Users\Taurus\Desktop\reiboot.exe => No File
FirewallRules: [{786BCA97-0BD4-4016-B63F-6ADAFBBD334F}] => (Allow) C:\Users\Taurus\Desktop\reiboot.exe => No File
FirewallRules: [TCP Query User{AB5E6394-AF2F-4A99-8A6D-FADF7F9BC1E1}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe => No File
FirewallRules: [UDP Query User{4C7854CD-36B9-4C91-B82D-4117D40C1D1B}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe => No File
FirewallRules: [{A75F791F-65A5-44F3-9BD4-D46601CFC4EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\OpenTTD\openttd.exe (OpenTTD Development Team) [File not signed]
FirewallRules: [{031C117B-21B0-49B1-8FD1-3F9EEDBA215A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\OpenTTD\openttd.exe (OpenTTD Development Team) [File not signed]
FirewallRules: [TCP Query User{62EB36C8-414E-4082-9E82-42EC5FCE735A}C:\program files (x86)\city car driving\bin\win32\starter.exe] => (Allow) C:\program files (x86)\city car driving\bin\win32\starter.exe => No File
FirewallRules: [UDP Query User{C2116DCD-90B0-4CC2-883D-7091EA76F861}C:\program files (x86)\city car driving\bin\win32\starter.exe] => (Allow) C:\program files (x86)\city car driving\bin\win32\starter.exe => No File
FirewallRules: [TCP Query User{84F51D1C-EB5A-419C-8505-B3517EE8B6DB}C:\users\taurus\desktop\police simulator patrol officers\boston\binaries\win64\boston-win64-shipping.exe] => (Allow) C:\users\taurus\desktop\police simulator patrol officers\boston\binaries\win64\boston-win64-shipping.exe => No File
FirewallRules: [UDP Query User{72A6DA29-C7DC-41AE-8004-4AE06FA282F1}C:\users\taurus\desktop\police simulator patrol officers\boston\binaries\win64\boston-win64-shipping.exe] => (Allow) C:\users\taurus\desktop\police simulator patrol officers\boston\binaries\win64\boston-win64-shipping.exe => No File
FirewallRules: [{735DDF1B-ED96-4A41-AE49-E2995582C82A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gas Station Simulator - Early Days\GSS2.exe => No File
FirewallRules: [{F0074B75-51C5-4146-A6E9-DCAC9EBD5F0A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gas Station Simulator - Early Days\GSS2.exe => No File
FirewallRules: [TCP Query User{3EC9E8E8-1F29-46C9-9E53-C9529BBD8887}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{60381B66-789E-450E-BFBA-2F2DA0B03F57}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc.) [File not signed]
FirewallRules: [{D353F9CF-F94C-428D-9B77-526BB080264F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{F9BF900A-69B4-4134-8556-4B687DE72954}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{A60308DB-5F48-4E96-AE01-138B82922354}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\nmrih\nmrih.exe () [File not signed]
FirewallRules: [{9B178E23-9224-4053-B71F-3E438A357CCE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\nmrih\nmrih.exe () [File not signed]
FirewallRules: [{4C349DF4-4CEC-421C-AFB7-DB240527AB35}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.)
FirewallRules: [{D21C791D-3C36-40BA-9D6B-DD85139EE7C6}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.)
FirewallRules: [{76B72DE1-1134-4EE4-964F-69C9CE5085D1}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe (Bluestack Systems, Inc -> BlueStack Systems)
FirewallRules: [{842B703B-C7F7-4CE7-815E-B89E3E3F5CB1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe => No File
FirewallRules: [{15F40F64-44C0-47F1-9DBD-3956B046C211}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe => No File
FirewallRules: [{5AAAF1C4-FF3E-4783-B59E-6210F1509E47}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe => No File
FirewallRules: [{1ADDE272-0C70-4DDA-9DEE-75CC62D5BEBB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe => No File
FirewallRules: [{83AF2F7B-414E-4EB1-A9BE-65EF8A9AFFA7}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe => No File
FirewallRules: [{F8FD6879-B135-4184-BC82-26D9F197DA72}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe => No File
FirewallRules: [{62C8C736-D2AD-4E1D-B28B-890D20EF5F61}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

25-12-2021 13:44:34 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

Name: DAEMON Tools Lite Virtual USB Bus
Description: DAEMON Tools Lite Virtual USB Bus
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Disc Soft Ltd
Service: dtliteusbbus
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: DAEMON Tools Lite Virtual SCSI Bus
Description: DAEMON Tools Lite Virtual SCSI Bus
Class Guid: {4d36e97b-e325-11ce-bfc1-08002be10318}
Manufacturer: Disc Soft Ltd
Service: dtlitescsibus
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


==================== Event log errors: ========================

Application errors:
==================
Error: (12/30/2021 12:37:06 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program javaw.exe verze 8.0.2810.9 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 154c

Čas spuštění: 01d7fd0c57b20338

Čas ukončení: 31

Cesta k aplikaci: C:\Users\Taurus\AppData\Roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe

ID hlášení: 2a42fe5d-5865-4ce3-aa10-90e4dfda082a

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (12/29/2021 05:46:27 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (12/28/2021 08:54:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RPWI3DvbJV7ZNi9zHgCceBCz.exe, verze: 52.0.0.0, časové razítko: 0x61ae1d96
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00fc45c7
ID chybujícího procesu: 0x1610
Čas spuštění chybující aplikace: 0x01d7fc246e1ff87d
Cesta k chybující aplikaci: C:\Users\Taurus\Pictures\Adobe Films\RPWI3DvbJV7ZNi9zHgCceBCz.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: fd5220d4-f952-4dc7-ba38-e6dd123c205d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/28/2021 08:54:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RPWI3DvbJV7ZNi9zHgCceBCz.exe, verze: 52.0.0.0, časové razítko: 0x61ae1d96
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00fc45c7
ID chybujícího procesu: 0x1610
Čas spuštění chybující aplikace: 0x01d7fc246e1ff87d
Cesta k chybující aplikaci: C:\Users\Taurus\Pictures\Adobe Films\RPWI3DvbJV7ZNi9zHgCceBCz.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: b04cbd07-c486-4634-a242-af74d93482d4
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/28/2021 08:53:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RPWI3DvbJV7ZNi9zHgCceBCz.exe, verze: 52.0.0.0, časové razítko: 0x61ae1d96
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00fc45c7
ID chybujícího procesu: 0x1610
Čas spuštění chybující aplikace: 0x01d7fc246e1ff87d
Cesta k chybující aplikaci: C:\Users\Taurus\Pictures\Adobe Films\RPWI3DvbJV7ZNi9zHgCceBCz.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 109b8b0b-3005-49a0-94b7-84fd4b16b7ea
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/28/2021 08:53:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RPWI3DvbJV7ZNi9zHgCceBCz.exe, verze: 52.0.0.0, časové razítko: 0x61ae1d96
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00fc45c7
ID chybujícího procesu: 0x1610
Čas spuštění chybující aplikace: 0x01d7fc246e1ff87d
Cesta k chybující aplikaci: C:\Users\Taurus\Pictures\Adobe Films\RPWI3DvbJV7ZNi9zHgCceBCz.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 5c9c1540-a78e-414a-948f-782b13d0acc2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/28/2021 08:53:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RPWI3DvbJV7ZNi9zHgCceBCz.exe, verze: 52.0.0.0, časové razítko: 0x61ae1d96
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00fc45c7
ID chybujícího procesu: 0x1610
Čas spuštění chybující aplikace: 0x01d7fc246e1ff87d
Cesta k chybující aplikaci: C:\Users\Taurus\Pictures\Adobe Films\RPWI3DvbJV7ZNi9zHgCceBCz.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 325a036c-3971-44f8-8a3b-dd15d2b40482
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/28/2021 08:52:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RPWI3DvbJV7ZNi9zHgCceBCz.exe, verze: 52.0.0.0, časové razítko: 0x61ae1d96
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00fc45c7
ID chybujícího procesu: 0x1610
Čas spuštění chybující aplikace: 0x01d7fc246e1ff87d
Cesta k chybující aplikaci: C:\Users\Taurus\Pictures\Adobe Films\RPWI3DvbJV7ZNi9zHgCceBCz.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: b9af7c52-10fa-41c1-9886-ad52973302e8
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (12/30/2021 01:11:22 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-H7620DS)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/28/2021 11:36:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby AppServicex bylo dosaženo časového limitu (45000 ms).

Error: (12/28/2021 11:36:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Origin Web Helper Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (12/28/2021 11:36:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby AppServicey bylo dosaženo časového limitu (45000 ms).

Error: (12/28/2021 11:36:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby AppServicev bylo dosaženo časového limitu (45000 ms).

Error: (12/28/2021 11:36:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby AppServiceu bylo dosaženo časového limitu (45000 ms).

Error: (12/28/2021 11:36:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby AppServicet bylo dosaženo časového limitu (45000 ms).

Error: (12/28/2021 11:36:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby AppServicew bylo dosaženo časového limitu (45000 ms).


Windows Defender:
================
Date: 2020-09-25 11:00:36
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: App:Utorrent
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\Taurus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\µTorrent.lnk; file:_C:\Users\Taurus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk; file:_C:\Users\Taurus\AppData\Roaming\uTorrent\uTorrent.exe; file:_C:\Users\Taurus\Desktop\µTorrent.lnk; process:_pid:10196,ProcessStart:132454849080306146; regkey:_HKCU@S-1-5-21-440998740-4008055368-1726229258-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\uTorrent; regkey:_HKCU@S-1-5-21-440998740-4008055368-1726229258-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\uTorrent; runkey:_HKCU@S-1-5-21-440998740-4008055368-1726229258-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\uTorrent; uninstall:_HKCU@S-1-5-21-440998740-4008055368-1726229258-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\uTorrent
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel:
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.323.1852.0, AS: 1.323.1852.0, NIS: 1.323.1852.0
Verze modulu: AM: 1.1.17400.5, NIS: 1.1.17400.5

Date: 2020-09-25 10:56:45
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: App:Utorrent
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\Taurus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\µTorrent.lnk; file:_C:\Users\Taurus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk; file:_C:\Users\Taurus\AppData\Roaming\uTorrent\uTorrent.exe; file:_C:\Users\Taurus\Desktop\µTorrent.lnk; process:_pid:10196,ProcessStart:132454849080306146; regkey:_HKCU@S-1-5-21-440998740-4008055368-1726229258-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\uTorrent; regkey:_HKCU@S-1-5-21-440998740-4008055368-1726229258-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\uTorrent; runkey:_HKCU@S-1-5-21-440998740-4008055368-1726229258-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\uTorrent; uninstall:_HKCU@S-1-5-21-440998740-4008055368-1726229258-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\uTorrent
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.323.1852.0, AS: 1.323.1852.0, NIS: 1.323.1852.0
Verze modulu: AM: 1.1.17400.5, NIS: 1.1.17400.5

Date: 2020-09-25 10:47:57
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Adware:MSIL/CsdiMonetize!MSR
Závažnost: Vysoké
Kategorie: Software placený zobrazováním reklamy
Cesta: file:_C:\Users\Taurus\AppData\Local\Temp\swdovzxL\MosnwzLRRx19.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Verze bezpečnostních informací: AV: 1.323.1852.0, AS: 1.323.1852.0, NIS: 1.323.1852.0
Verze modulu: AM: 1.1.17400.5, NIS: 1.1.17400.5

Date: 2020-09-25 10:47:57
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Ymacco.AA8B
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Taurus\AppData\Local\Temp\rqcx1spbwq3\wyfdggm.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Verze bezpečnostních informací: AV: 1.323.1852.0, AS: 1.323.1852.0, NIS: 1.323.1852.0
Verze modulu: AM: 1.1.17400.5, NIS: 1.1.17400.5

Date: 2020-09-25 10:47:41
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Ymacco.AAD3
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Taurus\AppData\Local\Temp\3qmfw3vkjkx\ifhvvyy.exe; file:_C:\Users\Taurus\AppData\Local\Temp\fuimfk1fgog\ifhvvyy.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Verze bezpečnostních informací: AV: 1.323.1852.0, AS: 1.323.1852.0, NIS: 1.323.1852.0
Verze modulu: AM: 1.1.17400.5, NIS: 1.1.17400.5
Event[0]:

Date: 2020-08-11 20:06:11
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.1158.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===============
Date: 2021-12-16 22:18:33
Description:
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.

Date: 2021-08-26 11:44:04
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: Dell Inc. A15 02/02/2018
Motherboard: Dell Inc. 02YYK5
Processor: Intel(R) Core(TM) i3-4150 CPU @ 3.50GHz
Percentage of memory in use: 42%
Total physical RAM: 8100.14 MB
Available physical RAM: 4645.66 MB
Total Virtual: 12592.39 MB
Available Virtual: 8732.28 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.65 GB) (Free:190.97 GB) NTFS
Drive d: () (Removable) (Total:28.88 GB) (Free:28.87 GB) FAT32

\\?\Volume{0bc0bd82-37db-41d6-ae36-5ea087bc0ed5}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: C6ABB2D7)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 28.9 GB) (Disk ID: 7176D4B7)
Partition 1: (Not Active) - (Size=28.9 GB) - (Type=0C)

==================== End of Addition.txt =======================

[JaRon]

Ahoj
Nuz mas to zavirene naskrz
Takze ak si privrzenec rychlych rieseni ako nova instalacia Win - tak to urob teraz
Odvirenie moze trvat
- odinstaluj VSETKO od IOBit
- vycisti s Avptool KVRT

[Ríša]

Dobrý den,

tak jsem udělal jak jste mi poradil scan z KVRT. Trvalo mi to sice celý den, ale mám to.
Měl jste pravdu, měl jsem to totálně zavirovaný. Myslím, že výsledek byl kolem 262.
Moc děkuji. Pc už pracuje líp, ale i tak pro jistotu zasílám ještě jednou log z frst a addition na kontrolu.


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-12-2021
Ran by Taurus (administrator) on DESKTOP-H7620DS (Dell Inc. OptiPlex 7020) (31-12-2021 00:24:08)
Running from C:\Users\Taurus\Desktop
Loaded Profiles: Taurus
Platform: Microsoft Windows 10 Pro Version 20H2 19042.1415 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Windows\System32\OpenSSH\ssh-agent.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <29>
(Intel(R) pGFX 2020 -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\Pub\imsctadn.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\dllhost.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\msdtc.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\PerceptionSimulation\PerceptionSimulationService.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\Spectrum.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\vds.exe
(Microsoft Corporation) [File not signed] C:\Windows\System32\wbem\WmiApSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\snmptrap.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <2>
(Realtek Semiconductor) [File not signed] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) [File not signed] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9790976 2020-08-25] (Realtek Semiconductor) [File not signed]
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2052608 2020-08-25] (Realtek Semiconductor) [File not signed]
HKLM-x32\...\Run: [Genshin Impact Beta_Launcher] => [X]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [1324544 2013-05-30] (Hewlett-Packard) [File not signed]
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-440998740-4008055368-1726229258-1001\...\Run: [uTorrent] => C:\Users\Taurus\AppData\Roaming\uTorrent\uTorrent.exe [2091560 2021-09-19] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-440998740-4008055368-1726229258-1001\...\Run: [ut] => C:\Users\Taurus\AppData\Roaming\uTorrent\uTorrent.exe [2091560 2021-09-19] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-440998740-4008055368-1726229258-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [34182656 2021-12-17] (Epic Games, Inc.) [File not signed]
HKU\S-1-5-21-440998740-4008055368-1726229258-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-440998740-4008055368-1726229258-1001\...\MountPoints2: {5bcf3bb4-dccb-11ea-a38b-989096d10fc1} - "E:\Setup.exe"
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3500 series: CNMLMBV.DLL
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [359936 2013-01-24] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\PCL hpz3lw71: C:\Windows\system32\hpz3lw71.dll [46080 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
Startup: C:\Users\Taurus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Adobe\9D55.exe [2021-12-28] (HP) [File not signed]
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0258E12B-DAE3-46B3-ACF1-1BADDCC300E8} - System32\Tasks\IAStorIcon => C:\Program Files\Intel\Intel(R) Virtual RAID on CPU\IAStorIcon.exe [290864 2019-09-24] (Intel(R) Virtual RAID On CPU -> Intel Corporation)
Task: {0858E665-F26D-4D5D-9F4A-30317D942787} - System32\Tasks\Uninstaller_SkipUac_Taurus => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [6041360 2020-07-08] (IObit Information Technology -> IObit)
Task: {24D759CE-44B9-4E24-A1D5-1B6FEA6A141B} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [275136 2021-11-23] (Bluestack Systems, Inc -> BlueStack Systems, Inc.)
Task: {3CD4DAC7-7B83-445C-B9DB-2789AD180F67} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe (No File)
Task: {79407824-5C4D-48A6-9C8C-82C7194EAD97} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe /from_scheduler:1 (No File)
Task: {9AACE8B9-2998-4A88-BF50-93D005BAA188} - \Firefox Default Browser Agent A37A1D5DC15A18EF -> No File <==== ATTENTION
Task: {C3F14BD8-EE6B-4F1D-AA86-492B2ED78C69} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{0d54fff9-b1ca-4e67-9c51-9a0021df6c0e}: [DhcpNameServer] 62.129.50.20 85.135.32.100
HKLM\System\...\Parameters\PersistentRoutes: [169.254.0.0,255.255.0.0,192.168.100.2,1]

Edge:
=======
DownloadDir: C:\Users\Taurus\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-440998740-4008055368-1726229258-1001 -> hxxps://www.yandex.ru/?win=479&clid=2278150
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2021-05-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2021-05-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [No File]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Taurus\AppData\Local\Google\Chrome\User Data\Default [2021-12-31]
CHR DownloadDir: C:\Users\Taurus\Downloads
CHR Notifications: Default -> hxxps://www.facebook.com; hxxps://www.youtube.com
CHR Extension: (YouTube) - C:\Users\Taurus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-02-10]
CHR Extension: (YoutubeDownloader) - C:\Users\Taurus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfcdbodapcbfckbfpmgeldfkkgjknceo [2021-12-16] [UpdateUrl:hxxps://clients24.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Taurus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-12-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Taurus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Profile: C:\Users\Taurus\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-09-21]
CHR Extension: (YoutubeDownloader) - C:\Users\Taurus\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\gfcdbodapcbfckbfpmgeldfkkgjknceo [2021-12-16] [UpdateUrl:hxxps://clients57.google.com/service/update2/crx] <==== ATTENTION
CHR Profile: C:\Users\Taurus\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-11-27]
CHR Notifications: Profile 1 -> hxxps://www.youtube.com
CHR Extension: (Prezentace) - C:\Users\Taurus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-09-09]
CHR Extension: (Dokumenty) - C:\Users\Taurus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2020-09-09]
CHR Extension: (Disk Google) - C:\Users\Taurus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-30]
CHR Extension: (Новости онлайн. Новости с доставкой) - C:\Users\Taurus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beodcaglcadkdfgnlgdpcchgonahgpek [2021-03-01]
CHR Extension: (YouTube) - C:\Users\Taurus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-09-09]
CHR Extension: (Tabulky) - C:\Users\Taurus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-09-09]
CHR Extension: (Gifty Box) - C:\Users\Taurus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ffbpkekeilfbbedekpbdmmoocjfaakpm [2021-03-01]
CHR Extension: (YoutubeDownloader) - C:\Users\Taurus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gfcdbodapcbfckbfpmgeldfkkgjknceo [2021-12-16] [UpdateUrl:hxxps://clients44.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (Dokumenty Google offline) - C:\Users\Taurus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Taurus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-02]
CHR Extension: (Gmail) - C:\Users\Taurus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-30]
CHR Profile: C:\Users\Taurus\AppData\Local\Google\Chrome\User Data\System Profile [2021-09-21]
CHR Extension: (YoutubeDownloader) - C:\Users\Taurus\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\gfcdbodapcbfckbfpmgeldfkkgjknceo [2021-12-16] [UpdateUrl:hxxps://clients14.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (d8yI+Hf7rX) - C:\Users\Taurus\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\oaalopfehfjhglmfgfccdekgfoegogeb [2020-09-09]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AppVClient; C:\Windows\system32\AppVClient.exe [1355776 2021-11-10] (Microsoft Corporation) [File not signed]
S2 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [9422848 2021-03-05] () [File not signed]
R2 COMSysApp; C:\Windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [1249280 2020-10-15] (Microsoft Corporation) [File not signed]
R2 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [1330688 2021-11-10] (Microsoft Corporation) [File not signed]
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934368 2021-10-01] (Epic Games Inc. -> Epic Games, Inc.)
S2 Fax; C:\Windows\system32\fxssvc.exe [1240576 2021-02-12] (Microsoft Corporation) [File not signed]
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [156944 2020-07-08] (IObit Information Technology -> IObit)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8421888 2021-11-28] (Malwarebytes) [File not signed]
R2 MSDTC; C:\Windows\System32\msdtc.exe [1384960 2019-12-07] (Microsoft Corporation) [File not signed]
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 perceptionsimulation; C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe [1342464 2021-01-13] (Microsoft Corporation) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6656000 2021-12-16] (Microsoft Corporation) [File not signed]
R2 spectrum; C:\Windows\system32\spectrum.exe [1456128 2021-08-10] (Microsoft Corporation) [File not signed]
S2 sppsvc; C:\Windows\system32\sppsvc.exe [5161984 2021-12-16] (Microsoft Corporation) [File not signed]
R2 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [1617920 2021-05-12] () [File not signed]
R2 vds; C:\Windows\System32\vds.exe [1319424 2021-09-14] (Microsoft Corporation) [File not signed]
R2 VSS; C:\Windows\system32\vssvc.exe [2084864 2021-11-10] (Microsoft Corporation) [File not signed]
S2 wbengine; C:\Windows\system32\wbengine.exe [2164736 2021-12-30] (Microsoft Corporation) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\NisSrv.exe [2343112 2020-09-22] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0\MsMpEng.exe [128360 2020-09-22] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [1445888 2021-11-10] (Microsoft Corporation) [File not signed]
S2 AppServicea; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServiceb; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServicec; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServiced; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServicee; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServicef; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServiceg; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServiceh; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServicei; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServicej; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServicek; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServicel; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServicem; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServicen; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServiceo; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServicep; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServiceq; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServicer; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServices; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServicet; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServiceu; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServicev; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServicew; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServicex; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S2 AppServicey; C:\Windows\system32\XVUR0LIU9V.tmp [X] <==== ATTENTION
S3 Origin Client Service; "C:\Program Files (x86)\Origin\OriginClientService.exe" [X]
S2 Origin Web Helper Service; "C:\Program Files (x86)\Origin\OriginWebHelperService.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [320744 2021-11-23] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 DroidCam; C:\Windows\System32\drivers\droidcam.sys [32240 2020-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Dev47Apps)
S3 DroidCamVideo; C:\Windows\System32\drivers\droidcamvideo.sys [33784 2020-10-04] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [44104 2020-07-08] (IObit Information Technology -> IObit)
R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37328 2020-07-08] (IObit Information Technology -> IObit)
R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [49800 2020-07-08] (IObit Information Technology -> IObit)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2021-06-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-11-28] (Malwarebytes Inc -> Malwarebytes)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [48520 2020-09-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [428256 2020-09-22] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [69856 2020-09-22] (Microsoft Windows -> Microsoft Corporation)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [310536 2021-01-05] (Beijing Duodian Online Science and Technology Co.,Ltd -> BigNox Corporation)
S3 cpuz145; \??\C:\Windows\temp\cpuz145\cpuz145_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-12-31 00:24 - 2021-12-31 00:25 - 000020462 _____ C:\Users\Taurus\Desktop\FRST.txt
2021-12-31 00:23 - 2021-12-31 00:23 - 002311168 _____ (Farbar) C:\Users\Taurus\Desktop\FRST64.exe
2021-12-30 20:43 - 2021-12-30 20:43 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-12-30 17:04 - 2021-12-30 17:04 - 002164736 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2021-12-30 16:51 - 2021-12-30 16:51 - 000026816 _____ C:\Users\Taurus\Desktop\setříhání na YT.veg
2021-12-30 16:35 - 2021-12-30 16:35 - 000319720 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_7ab890d9a_klark.sys
2021-12-30 16:35 - 2021-12-30 16:35 - 000229248 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_7ab890d9a_mark.sys
2021-12-30 16:34 - 2021-12-31 00:05 - 000000000 ____D C:\KVRT2020_Data
2021-12-30 16:32 - 2021-12-30 16:33 - 111920128 _____ (AO Kaspersky Lab) C:\Users\Taurus\Desktop\KVRT.exe
2021-12-30 13:03 - 2021-12-30 20:23 - 000000000 ____D C:\Users\Taurus\Desktop\Na viry (forum)
2021-12-30 12:34 - 2021-12-31 00:24 - 000000000 ____D C:\FRST
2021-12-30 11:55 - 2021-12-30 11:55 - 000012320 _____ C:\Users\Taurus\AppData\Roaming\fcbc8b467ea1ddfb.bin
2021-12-28 23:49 - 2021-12-28 23:49 - 000000000 ____D C:\Users\Taurus\AppData\LocalLow\Z_Software GmbH
2021-12-28 23:09 - 2021-12-30 20:42 - 016252928 _____ C:\Windows\system32\config\SYSTEM
2021-12-28 23:09 - 2021-12-28 23:09 - 016252928 _____ C:\Windows\system32\config\BCD000000
2021-12-28 19:24 - 2021-12-28 19:24 - 000000000 ____D C:\Users\Taurus\AppData\Local\KC Quality Consult Ltd
2021-12-28 19:06 - 2021-12-28 23:33 - 000000000 __RHD C:\Users\Taurus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Adobe
2021-12-28 18:44 - 2021-12-28 18:44 - 000000000 _____ C:\Users\Taurus\AppData\Roaming\supra.exe
2021-12-28 18:43 - 2021-12-28 18:43 - 000000000 ____D C:\ProgramData\T2ZMO03X9ZY2BCQ31MWQY7DLZ
2021-12-28 18:41 - 2021-12-30 17:04 - 000000000 ___HD C:\Users\Taurus\AppData\Local\cache
2021-12-28 18:41 - 2021-12-28 19:06 - 000000000 ____D C:\Program Files (x86)\Company
2021-12-28 18:39 - 2021-12-28 23:33 - 000000000 ___HD C:\Users\Taurus\AppData\Roaming\16481079
2021-12-28 18:39 - 2021-12-28 18:39 - 000000000 ____D C:\ProgramData\SW4R25RDA6UJZWQNCAU6B8L1O
2021-12-28 18:37 - 2021-12-30 15:45 - 000000000 ____D C:\Users\Taurus\Downloads\Autobahn.Police.Simulator-RELOADED
2021-12-28 18:34 - 2021-12-30 15:46 - 000000000 ____D C:\Users\Taurus\AppData\LocalLow\uTorrent
2021-12-28 16:08 - 2021-12-28 23:32 - 000000000 ____D C:\Users\Taurus\AppData\LocalLow\IGDump
2021-12-27 16:49 - 2021-12-27 16:49 - 000393216 _____ C:\ProgramData\dccee.dll
2021-12-27 13:48 - 2021-12-27 14:32 - 000000000 ____D C:\Users\Taurus\AppData\Local\Roblox
2021-12-27 13:48 - 2021-12-27 13:58 - 000000252 _____ C:\Users\Taurus\AppData\LocalLow\rbxcsettings.rbx
2021-12-27 11:59 - 2021-12-27 11:59 - 000000000 ____D C:\Users\Taurus\AppData\LocalLow\Z-Software GmbH
2021-12-27 11:56 - 2021-12-30 20:23 - 000000000 ____D C:\Users\Taurus\Desktop\Autobahn Police Simulator 2
2021-12-22 17:08 - 2021-12-22 17:08 - 000000000 ____D C:\ProgramData\.mono
2021-12-22 17:04 - 2021-12-30 20:23 - 000000000 ____D C:\Users\Taurus\Desktop\CarX.Drift.Racing.Online.v1.0.3.Patch.1
2021-12-22 16:48 - 2021-12-22 16:48 - 000000000 ____D C:\Users\Taurus\AppData\LocalLow\CarX Technologies
2021-12-21 21:54 - 2021-12-21 21:54 - 000000000 ____D C:\Users\Taurus\AppData\LocalLow\U-Play online
2021-12-18 12:26 - 2021-12-18 12:26 - 000000270 __RSH C:\ProgramData\ntuser.pol
2021-12-16 22:34 - 2021-12-16 22:34 - 000781456 _____ C:\Users\Taurus\AppData\Local\fcf616d8-cb7c-4317-b20a-18b489d0e6f9.exe
2021-12-16 22:25 - 2021-12-16 22:25 - 000291476 _____ C:\Users\Taurus\AppData\LocalLow\8Syvpkyn004.zip
2021-12-16 22:08 - 2021-12-16 22:08 - 000000000 ____D C:\Users\Taurus\AppData\Local\mbam
2021-12-16 21:32 - 2021-12-16 21:32 - 000781456 _____ C:\Users\Taurus\AppData\Local\0618ad50-7012-45b0-9195-c4aa07e58317.exe
2021-12-16 21:30 - 2021-12-16 22:56 - 000000000 ____D C:\Users\Taurus\AppData\Local\Driver package
2021-12-16 21:20 - 2021-12-16 21:20 - 000000000 ____D C:\Users\Taurus\AppData\Local\WinDate
2021-12-16 21:12 - 2021-12-16 21:12 - 000000000 ____D C:\Windows\SystemTemp
2021-12-16 21:09 - 2021-12-16 21:09 - 000000000 ____D C:\ProgramData\A3SWD714T8NFW2JTP9A3N3HXY
2021-12-16 21:08 - 2021-12-16 22:56 - 000000000 ____D C:\Users\Taurus\AppData\Local\The Unspoken Vision
2021-12-16 21:07 - 2021-12-16 22:52 - 000000000 ____D C:\Users\Taurus\AppData\Roaming\Sysfiles
2021-12-16 21:06 - 2021-12-16 22:52 - 000000000 ____D C:\Users\Taurus\AppData\LocalLow\hJ0aK0
2021-12-16 21:06 - 2021-12-16 21:06 - 000232782 _____ C:\Users\Taurus\AppData\LocalLow\BfaGLZcxr6X.zip
2021-12-16 21:06 - 2021-12-16 21:06 - 000000000 ____D C:\Users\Taurus\AppData\LocalLow\discord_files
2021-12-16 21:04 - 2021-12-16 22:56 - 000000000 ____D C:\Users\Taurus\AppData\Roaming\neofed
2021-12-16 21:04 - 2021-12-16 21:04 - 000000000 ____D C:\Users\Taurus\AppData\Local\Calculator
2021-12-16 21:04 - 2021-12-16 21:04 - 000000000 ____D C:\Users\Taurus\AppData\Local\AdvinstAnalytics
2021-12-16 21:02 - 2021-12-16 21:02 - 000000000 ____D C:\Program Files\Common Files\DKKCWOYYBD
2021-12-16 21:01 - 2021-12-16 21:01 - 000000000 ____D C:\Users\Taurus\AppData\Roaming\{FBBC91BE-3FE9-4FDF-99EA-8DE339E10101}
2021-12-16 21:00 - 2021-12-16 21:07 - 000000000 ____D C:\ProgramData\PHM28YD1YL9D1Z23FZSORAZ6D
2021-12-16 21:00 - 2021-12-16 21:07 - 000000000 ____D C:\ProgramData\64WRJ003P3BPF5Z5DUIAJ3200
2021-12-16 21:00 - 2021-12-16 21:06 - 000000000 ____D C:\ProgramData\Y31B5TKSOTLW1Q2ML0G6XPZUP
2021-12-16 21:00 - 2021-12-16 21:00 - 000000000 ____D C:\Users\Taurus\AppData\Roaming\ProfCleaner
2021-12-16 21:00 - 2021-12-16 21:00 - 000000000 ____D C:\Users\Taurus\AppData\Local\Yandex
2021-12-16 17:43 - 2021-12-16 17:43 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
2021-12-16 17:43 - 2021-12-16 17:43 - 000011979 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-12-16 17:42 - 2021-12-16 17:42 - 005161984 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2021-12-16 17:42 - 2021-12-16 17:42 - 000272384 _____ C:\Windows\system32\TpmTool.exe
2021-12-16 17:42 - 2021-12-16 17:42 - 000162816 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2021-12-16 17:10 - 2021-12-16 17:10 - 000000000 ___HD C:\$WinREAgent
2021-12-04 11:45 - 2021-12-04 11:45 - 000226168 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2021-12-01 17:34 - 2021-12-04 16:28 - 000000000 ____D C:\Users\Taurus\AppData\Local\Riot Games

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-12-30 23:57 - 2020-08-10 21:23 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-12-30 23:52 - 2021-02-15 13:11 - 000000000 ____D C:\Program Files (x86)\Steam
2021-12-30 23:49 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-12-30 23:05 - 2021-11-29 13:32 - 000000000 ____D C:\ProgramData\BlueStacks_nxt
2021-12-30 21:26 - 2021-11-29 13:29 - 000000000 ____D C:\Program Files (x86)\BlueStacks X
2021-12-30 21:25 - 2020-08-10 21:21 - 000000000 ____D C:\Program Files\WinRAR
2021-12-30 20:44 - 2020-08-10 20:39 - 000000000 __SHD C:\Users\Taurus\IntelGraphicsProfiles
2021-12-30 20:43 - 2020-08-10 21:23 - 000008192 ___SH C:\DumpStack.log.tmp
2021-12-30 20:43 - 2020-08-10 21:23 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-12-30 20:43 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Registration
2021-12-30 20:42 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2021-12-30 20:23 - 2021-11-29 13:32 - 000000000 ____D C:\Program Files\BlueStacks_nxt
2021-12-30 20:23 - 2021-03-07 12:42 - 000000000 ____D C:\Users\Taurus\Desktop\Joos' - Jurassic Park Operation Genesis
2021-12-30 20:23 - 2021-01-05 13:58 - 000000000 ____D C:\Users\Taurus\AppData\Roaming\NoxSrv
2021-12-30 17:10 - 2020-08-10 20:33 - 001697062 _____ C:\Windows\system32\PerfStringBackup.INI
2021-12-30 17:10 - 2019-12-07 15:43 - 000717928 _____ C:\Windows\system32\perfh005.dat
2021-12-30 17:10 - 2019-12-07 15:43 - 000145604 _____ C:\Windows\system32\perfc005.dat
2021-12-30 17:10 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2021-12-30 17:04 - 2021-01-22 09:18 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-12-30 16:58 - 2019-12-07 10:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2021-12-30 16:49 - 2021-08-31 19:56 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2021-12-30 16:41 - 2020-08-10 20:47 - 000000000 ____D C:\Program Files (x86)\Google
2021-12-30 16:24 - 2020-08-29 22:20 - 000000000 ____D C:\Users\Taurus\AppData\Roaming\.tlauncher
2021-12-30 16:15 - 2021-05-13 13:55 - 000001944 _____ C:\Users\Taurus\Desktop\TLauncher.lnk
2021-12-30 15:46 - 2020-09-11 13:55 - 000000000 ____D C:\Users\Taurus\AppData\Roaming\uTorrent
2021-12-30 00:50 - 2020-08-29 22:19 - 000000000 ____D C:\Users\Taurus\AppData\Roaming\.minecraft
2021-12-28 23:08 - 2020-08-10 20:37 - 000000000 ____D C:\Users\Taurus
2021-12-28 21:15 - 2020-09-11 16:49 - 000000000 ____D C:\Games
2021-12-28 20:54 - 2021-11-30 16:08 - 000000000 ____D C:\Users\Taurus\AppData\Local\CrashDumps
2021-12-28 19:07 - 2020-08-11 00:12 - 000000000 ____D C:\ProgramData\ProductData
2021-12-28 18:44 - 2021-11-28 21:10 - 000000000 ____D C:\Users\Taurus\AppData\Local\BitTorrentHelper
2021-12-28 16:21 - 2020-08-24 14:12 - 000000000 ____D C:\ProgramData\Riot Games
2021-12-27 13:49 - 2020-09-18 13:49 - 000000000 ____D C:\Users\Taurus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2021-12-25 14:30 - 2020-10-13 11:30 - 000000000 ____D C:\Users\Taurus\Desktop\Pro fb a rekt
2021-12-23 09:43 - 2020-10-14 16:24 - 000000000 ____D C:\Users\Taurus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2021-12-23 09:38 - 2021-11-29 20:40 - 000000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2021-12-21 22:17 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-12-21 22:17 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2021-12-16 21:16 - 2020-08-10 21:23 - 000409232 _____ C:\Windows\system32\FNTCACHE.DAT
2021-12-16 21:12 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-12-16 21:12 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-12-16 21:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2021-12-16 21:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2021-12-16 21:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2021-12-16 21:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lv-LV
2021-12-16 21:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lt-LT
2021-12-16 21:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\et-EE
2021-12-16 21:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\es-MX
2021-12-16 21:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Provisioning
2021-12-16 21:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-12-16 21:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2021-12-16 17:57 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2021-12-16 17:05 - 2020-10-29 10:03 - 000000000 ____D C:\Windows\system32\MRT
2021-12-16 17:02 - 2020-10-29 10:02 - 137938848 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-12-16 06:23 - 2020-08-10 20:48 - 000002301 _____ C:\Users\Taurus\Desktop\Google Chrome.lnk
2021-12-15 17:02 - 2021-11-26 18:21 - 000000000 ____D C:\Users\Taurus\AppData\Local\GameAnalytics
2021-12-15 15:24 - 2021-11-07 21:45 - 000000000 ____D C:\Users\Taurus\Desktop\Blbůstky
2021-12-10 22:32 - 2021-05-27 05:56 - 000000000 ____D C:\Program Files\Epic Games
2021-12-09 18:33 - 2020-08-10 23:16 - 000000000 ____D C:\ProgramData\Package Cache
2021-12-05 21:17 - 2021-11-21 13:33 - 000000000 ____D C:\Users\Taurus\Desktop\Wojta
2021-12-05 21:17 - 2021-10-24 20:12 - 000000000 ____D C:\Users\Taurus\Desktop\RANDOM VIDEA NA SETŘÍHÁNÍ
2021-12-04 16:28 - 2021-10-25 19:14 - 000001491 _____ C:\Users\Taurus\Desktop\Riot Client.lnk

==================== Files in the root of some directories ========

2021-12-27 16:49 - 2021-12-27 16:49 - 000393216 _____ () C:\ProgramData\dccee.dll
2021-09-19 21:02 - 2021-09-19 21:02 - 000000025 _____ () C:\Users\Taurus\AppData\Roaming\alsoft.ini
2021-06-09 15:05 - 2021-06-09 15:05 - 000264192 _____ () C:\Users\Taurus\AppData\Roaming\cfwtsti
2020-08-14 20:33 - 2020-08-28 14:46 - 000028672 _____ () C:\Users\Taurus\AppData\Roaming\crash.bin
2021-12-30 11:55 - 2021-12-30 11:55 - 000012320 _____ () C:\Users\Taurus\AppData\Roaming\fcbc8b467ea1ddfb.bin
2020-11-13 08:26 - 2020-11-13 08:26 - 000320202 ___SH () C:\Users\Taurus\AppData\Roaming\fvcdfvw
2021-06-09 15:05 - 2021-06-09 15:05 - 000339456 _____ () C:\Users\Taurus\AppData\Roaming\fwwtsti
2021-06-09 15:05 - 2021-06-09 15:05 - 000307712 _____ () C:\Users\Taurus\AppData\Roaming\iswtsti
2020-10-19 12:48 - 2021-02-14 22:25 - 000000209 _____ () C:\Users\Taurus\AppData\Roaming\jjv5conf.json
2021-02-18 21:42 - 2021-02-18 22:40 - 000000096 _____ () C:\Users\Taurus\AppData\Roaming\LauncherSettings_live.cfg
2021-01-26 09:50 - 2021-01-26 09:50 - 000000015 _____ () C:\Users\Taurus\AppData\Roaming\obs-virtualcam.txt
2021-06-09 15:05 - 2021-06-09 15:05 - 000248375 ___SH () C:\Users\Taurus\AppData\Roaming\rdhrbuf
2021-12-28 18:44 - 2021-12-28 18:44 - 000000000 _____ () C:\Users\Taurus\AppData\Roaming\supra.exe
2021-08-27 15:09 - 2021-08-27 15:09 - 000019852 _____ () C:\Users\Taurus\AppData\Roaming\Microsoft\CharGlobal
2021-12-16 21:32 - 2021-12-16 21:32 - 000781456 _____ () C:\Users\Taurus\AppData\Local\0618ad50-7012-45b0-9195-c4aa07e58317.exe
2021-12-16 22:34 - 2021-12-16 22:34 - 000781456 _____ () C:\Users\Taurus\AppData\Local\fcf616d8-cb7c-4317-b20a-18b489d0e6f9.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\dllhost.exe
[2020-10-15 15:03] - [2020-10-15 15:03] - 001249280 _____ (Microsoft Corporation) 62D0B370547E631A9835000FA5A1C85A

==================== End of FRST.txt ========================







Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-12-2021
Ran by Taurus (31-12-2021 00:26:11)
Running from C:\Users\Taurus\Desktop
Microsoft Windows 10 Pro Version 20H2 19042.1415 (X64) (2020-08-10 19:29:41)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-440998740-4008055368-1726229258-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-440998740-4008055368-1726229258-503 - Limited - Disabled)
Guest (S-1-5-21-440998740-4008055368-1726229258-501 - Limited - Disabled)
Taurus (S-1-5-21-440998740-4008055368-1726229258-1001 - Administrator - Enabled) => C:\Users\Taurus
WDAGUtilityAccount (S-1-5-21-440998740-4008055368-1726229258-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-440998740-4008055368-1726229258-1001\...\uTorrent) (Version: 3.5.5.46096 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
ApowerEdit V1.6.1.8 (HKLM-x32\...\{3089CCCD-BC5F-4309-A3C1-45B5ACA7A5E7}_is1) (Version: 1.6.1.8 - Apowersoft LIMITED)
Batman: Arkham City (HKLM-x32\...\Batman: Arkham City_is1) (Version: - )
Blackmagic RAW Common Components (HKLM\...\{C569CAEE-D0BF-45DE-833E-E97988B5CB8B}) (Version: 1.8 - Blackmagic Design)
BlueStacks 5 (HKLM\...\BlueStacks_nxt) (Version: 5.4.50.1009 - BlueStack Systems, Inc.)
BlueStacks X (HKU\S-1-5-21-440998740-4008055368-1726229258-1001\...\BlueStacks X) (Version: 0.12.1.8 - BlueStack Systems, Inc.)
Epic Games Launcher (HKLM-x32\...\{38032CA4-BABE-44FB-813F-E152455B8FED}) (Version: 1.1.291.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.110 - Google LLC)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F4200 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{8C925017-72A8-4C4A-AF21-84901E26638F}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 22.9 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5144 - Intel Corporation)
Intel(R) Virtual RAID on CPU (HKLM-x32\...\{fe14d5b2-aa03-4c4d-8458-f089749db800}) (Version: 6.2.0.1239 - Intel Corporation)
IObit Uninstaller 9 (HKLM-x32\...\IObitUninstall) (Version: 9.6.0.3 - IObit)
Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-440998740-4008055368-1726229258-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Malwarebytes version 4.4.10.144 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.10.144 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.9060.3 - Waves Audio Ltd.) Hidden
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{51adbf11-493f-431c-a862-967a0fae2944}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30135 (HKLM-x32\...\{fa7f6d52-f85e-48ef-8f56-a37268aa5772}) (Version: 14.29.30135.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30133 (HKLM-x32\...\{38b2c744-ad08-4d5b-91a2-3fb6f739ff3e}) (Version: 14.29.30133.0 - Microsoft Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.0.2 - OBS Project)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6127 - Realtek Semiconductor Corp.)
Roblox Player for Taurus (HKU\S-1-5-21-440998740-4008055368-1726229258-1001\...\roblox-player) (Version: - Roblox Corporation)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Splinter Cell: Blacklist (HKLM-x32\...\Splinter Cell: Blacklist_is1) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tom Clancys Splinter Cell Blacklist [1.03] (HKLM-x32\...\Tom Clancys Splinter Cell Blacklist_is1) (Version: - Ubisoft Toronto)
Train Simulator 2016 (HKLM-x32\...\Train Simulator 2016_is1) (Version: - )
TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 124.3.10571 - Ubisoft)
Vegas Pro 13.0 (64-bit) (HKLM\...\{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 - Sony)
Vegas Pro 13.0 (64-bit) (HKLM-x32\...\Vegas Pro 13.0 (64-bit)) (Version: 13.0 (64-bit) - Exµs ™)
Wargaming.net Game Center (HKU\S-1-5-21-440998740-4008055368-1726229258-1001\...\Wargaming.net Game Center) (Version: 21.8.2.7331 - Wargaming.net)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Youtubers Life (HKLM-x32\...\Youtubers Life_is1) (Version: - )

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-09-08] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-08-11] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-08-11] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-440998740-4008055368-1726229258-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-440998740-4008055368-1726229258-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-440998740-4008055368-1726229258-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-440998740-4008055368-1726229258-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-440998740-4008055368-1726229258-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-440998740-4008055368-1726229258-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll -> No File
ContextMenuHandlers1: [AIMPClassic] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-08] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [SmartGameBoosterMenu] -> {96C86AD1-055D-457D-9C00-0D4A91ECF1B4} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-06-13] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64.dll -> No File
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-08] (IObit Information Technology -> IObit)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2020-10-18] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-08] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-06-13] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2019-08-30] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2019-08-30] (Beepa P/L) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-10-03 18:26 - 2013-01-24 15:24 - 000359936 _____ (CANON INC.) [File not signed] C:\Windows\System32\CNMN6PPM.DLL
2010-08-06 10:15 - 2010-08-06 10:15 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-08-06 10:15 - 2010-08-06 10:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Taurus:.repos [2118]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [9558]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-440998740-4008055368-1726229258-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yandex.ru/?win=479&clid=2278150
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2020-01-31] (IObit Information Technology -> IObit)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2021-05-13] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2021-05-13] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: No Name -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> No File
BHO-x32: IObit Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\PROGRA~2\IObit\ADVANC~1\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll => No File
Toolbar: HKLM-x32 - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
Toolbar: HKU\S-1-5-21-440998740-4008055368-1726229258-1001 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-440998740-4008055368-1726229258-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-440998740-4008055368-1726229258-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2021-12-28 20:53 - 000000000 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-440998740-4008055368-1726229258-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 62.129.50.20 - 85.135.32.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKU\S-1-5-21-440998740-4008055368-1726229258-1001\...\StartupApproved\StartupFolder: => "9D55.exe"
HKU\S-1-5-21-440998740-4008055368-1726229258-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-440998740-4008055368-1726229258-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-440998740-4008055368-1726229258-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-440998740-4008055368-1726229258-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-440998740-4008055368-1726229258-1001\...\StartupApproved\Run: => "Wargaming.net Game Center"
HKU\S-1-5-21-440998740-4008055368-1726229258-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-440998740-4008055368-1726229258-1001\...\StartupApproved\Run: => "ut"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{9A68AE86-45D8-4F9F-A222-B321D0CB7064}C:\windows\syswow64\svchost.exe] => (Allow) C:\windows\syswow64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [UDP Query User{1977A68E-3117-47D1-BE58-544DE965BA1F}C:\windows\syswow64\svchost.exe] => (Allow) C:\windows\syswow64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [TCP Query User{4505D3C0-DB62-4897-A00B-EC6B6E11E22D}C:\users\taurus\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\taurus\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{2D62C831-C06C-444D-A5F0-B1E0D94216BF}C:\users\taurus\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\taurus\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{AD35ABE4-7BCF-45E1-BFB6-297EBBF29AC6}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Editor Pro\Video Editor Pro.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{C6105F22-4D56-4E58-A9F2-8ECD3FE59ADD}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Editor Pro\Video Editor Pro.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{156FFDDC-CE9B-4507-8ED9-3246402080CA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9270D77C-D4B4-41DA-AE99-39E640CE781F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{501B694E-9A88-4ECD-A1EE-EF0712524056}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{31F663E4-A5BC-4F72-96A9-F2E4BEBA221F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5AE210F5-C7C7-4C59-A345-D4E1B07BF9FC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation) [File not signed]
FirewallRules: [{5CE27B86-9A93-4FC8-A83F-EBC06F9F1B65}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation) [File not signed]
FirewallRules: [TCP Query User{D4BEF23F-03AD-420F-8E64-B1CA6B3EAFA3}C:\users\taurus\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\taurus\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{8EC89896-C584-465C-A8FF-7C215960A857}C:\users\taurus\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\taurus\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{0CC05DD9-390E-4CDC-99FF-934CED2A4290}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net) [File not signed]
FirewallRules: [UDP Query User{2C6234FC-D256-4D84-94A7-3043CDC27087}C:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net) [File not signed]
FirewallRules: [{349C1293-6211-461A-9C15-F015EB08BF36}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe => No File
FirewallRules: [{4E33C180-BDFB-4D57-BEFD-BF36A8EBCABB}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe => No File
FirewallRules: [{C9D0BEBE-67E1-4C0A-8C7F-C2448FDA8DB7}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe => No File
FirewallRules: [{39C0509E-2753-42A7-9D0C-3A04EA0D93F0}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe => No File
FirewallRules: [TCP Query User{7C134FF5-02B1-451F-9D8B-D5B11C7B27DB}C:\program files (x86)\r.g. mechanics\medal of honor warfighter\mohw.exe] => (Allow) C:\program files (x86)\r.g. mechanics\medal of honor warfighter\mohw.exe => No File
FirewallRules: [UDP Query User{9E8ADDA2-F0B0-45BA-99EB-775845BEE1C2}C:\program files (x86)\r.g. mechanics\medal of honor warfighter\mohw.exe] => (Allow) C:\program files (x86)\r.g. mechanics\medal of honor warfighter\mohw.exe => No File
FirewallRules: [{BE70BBC0-2670-473D-840A-C3B2AF10D2CA}] => (Allow) C:\Games\World_of_Warplanes\WorldOfWarplanes.exe => No File
FirewallRules: [{EA444AEF-BA38-4CAB-ACE5-15BB8CC97598}] => (Allow) C:\Games\World_of_Warplanes\WorldOfWarplanes.exe => No File
FirewallRules: [{398EF542-698C-40FC-8699-FBB6B8354DB1}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe => No File
FirewallRules: [{08BF0D8E-4688-4708-AB8C-33282BFBA818}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe => No File
FirewallRules: [{C256CC04-52CC-40DC-9DEA-C2E05473381A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe => No File
FirewallRules: [{A121CAA2-E378-4CD7-A124-EE635A63FCAA}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe => No File
FirewallRules: [TCP Query User{D8CC171D-C9E8-4E63-AF4C-5D1B7B06244C}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe => No File
FirewallRules: [UDP Query User{C66BA71F-54AC-4B4A-81C9-CC67F77D0733}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe => No File
FirewallRules: [{56DC793D-5E76-4D7A-A090-E615C563D4F3}] => (Allow) C:\Users\Taurus\Desktop\4ukey-password-manager.exe => No File
FirewallRules: [{6F276EB3-1171-43AA-8B6C-729DFBCBF7AA}] => (Allow) C:\Users\Taurus\Desktop\4ukey-password-manager.exe => No File
FirewallRules: [TCP Query User{455F5A1D-F8F7-49F0-82ED-5C256D949F1D}C:\users\taurus\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\taurus\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe => No File
FirewallRules: [UDP Query User{DFF4C241-3165-46AF-9D7F-0B93D9A354F2}C:\users\taurus\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\taurus\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe => No File
FirewallRules: [TCP Query User{A3D81961-11A6-45BA-BD35-360C37FB6810}C:\program files (x86)\steam\steamapps\common\drug dealer simulator free sample\drugdealersimfs\binaries\win64\drugdealersimulator-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\drug dealer simulator free sample\drugdealersimfs\binaries\win64\drugdealersimulator-win64-shipping.exe => No File
FirewallRules: [UDP Query User{1CBB3BC2-F9A8-4488-A568-C155482CB2BE}C:\program files (x86)\steam\steamapps\common\drug dealer simulator free sample\drugdealersimfs\binaries\win64\drugdealersimulator-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\drug dealer simulator free sample\drugdealersimfs\binaries\win64\drugdealersimulator-win64-shipping.exe => No File
FirewallRules: [{D307776E-0953-4C64-91E2-AD573EEAE405}] => (Allow) C:\Users\Taurus\Desktop\reiboot.exe => No File
FirewallRules: [{786BCA97-0BD4-4016-B63F-6ADAFBBD334F}] => (Allow) C:\Users\Taurus\Desktop\reiboot.exe => No File
FirewallRules: [TCP Query User{AB5E6394-AF2F-4A99-8A6D-FADF7F9BC1E1}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe => No File
FirewallRules: [UDP Query User{4C7854CD-36B9-4C91-B82D-4117D40C1D1B}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe => No File
FirewallRules: [{A75F791F-65A5-44F3-9BD4-D46601CFC4EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\OpenTTD\openttd.exe (OpenTTD Development Team) [File not signed]
FirewallRules: [{031C117B-21B0-49B1-8FD1-3F9EEDBA215A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\OpenTTD\openttd.exe (OpenTTD Development Team) [File not signed]
FirewallRules: [TCP Query User{62EB36C8-414E-4082-9E82-42EC5FCE735A}C:\program files (x86)\city car driving\bin\win32\starter.exe] => (Allow) C:\program files (x86)\city car driving\bin\win32\starter.exe => No File
FirewallRules: [UDP Query User{C2116DCD-90B0-4CC2-883D-7091EA76F861}C:\program files (x86)\city car driving\bin\win32\starter.exe] => (Allow) C:\program files (x86)\city car driving\bin\win32\starter.exe => No File
FirewallRules: [TCP Query User{84F51D1C-EB5A-419C-8505-B3517EE8B6DB}C:\users\taurus\desktop\police simulator patrol officers\boston\binaries\win64\boston-win64-shipping.exe] => (Allow) C:\users\taurus\desktop\police simulator patrol officers\boston\binaries\win64\boston-win64-shipping.exe => No File
FirewallRules: [UDP Query User{72A6DA29-C7DC-41AE-8004-4AE06FA282F1}C:\users\taurus\desktop\police simulator patrol officers\boston\binaries\win64\boston-win64-shipping.exe] => (Allow) C:\users\taurus\desktop\police simulator patrol officers\boston\binaries\win64\boston-win64-shipping.exe => No File
FirewallRules: [{735DDF1B-ED96-4A41-AE49-E2995582C82A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gas Station Simulator - Early Days\GSS2.exe => No File
FirewallRules: [{F0074B75-51C5-4146-A6E9-DCAC9EBD5F0A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gas Station Simulator - Early Days\GSS2.exe => No File
FirewallRules: [{D353F9CF-F94C-428D-9B77-526BB080264F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{F9BF900A-69B4-4134-8556-4B687DE72954}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{76B72DE1-1134-4EE4-964F-69C9CE5085D1}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe (BlueStack Systems) [File not signed]
FirewallRules: [{842B703B-C7F7-4CE7-815E-B89E3E3F5CB1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe => No File
FirewallRules: [{15F40F64-44C0-47F1-9DBD-3956B046C211}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe => No File
FirewallRules: [{5AAAF1C4-FF3E-4783-B59E-6210F1509E47}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe => No File
FirewallRules: [{1ADDE272-0C70-4DDA-9DEE-75CC62D5BEBB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe => No File
FirewallRules: [{83AF2F7B-414E-4EB1-A9BE-65EF8A9AFFA7}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe => No File
FirewallRules: [{F8FD6879-B135-4184-BC82-26D9F197DA72}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe => No File
FirewallRules: [{62C8C736-D2AD-4E1D-B28B-890D20EF5F61}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============

Name: DAEMON Tools Lite Virtual USB Bus
Description: DAEMON Tools Lite Virtual USB Bus
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Disc Soft Ltd
Service: dtliteusbbus
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: DAEMON Tools Lite Virtual SCSI Bus
Description: DAEMON Tools Lite Virtual SCSI Bus
Class Guid: {4d36e97b-e325-11ce-bfc1-08002be10318}
Manufacturer: Disc Soft Ltd
Service: dtlitescsibus
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


==================== Event log errors: ========================

Application errors:
==================
Error: (12/30/2021 08:46:29 PM) (Source: MSDTC) (EventID: 4437) (User: )
Description: Účet, pod kterým je služba MS DTC spuštěná, je neplatný. Tato situace může nastat v případě, že se informace o účtu služby změnily pomocí modulu snap-in Služby v konzole Microsoft Management Console (MMC). Služba MS DTC se bude dál spouštět. Zajistěte aktualizaci informací o účtu služby MS DTC pomocí nástroje Component Services Explorer.

Error: (12/30/2021 05:07:28 PM) (Source: MSDTC) (EventID: 4437) (User: )
Description: Účet, pod kterým je služba MS DTC spuštěná, je neplatný. Tato situace může nastat v případě, že se informace o účtu služby změnily pomocí modulu snap-in Služby v konzole Microsoft Management Console (MMC). Služba MS DTC se bude dál spouštět. Zajistěte aktualizaci informací o účtu služby MS DTC pomocí nástroje Component Services Explorer.

Error: (12/30/2021 04:27:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program javaw.exe verze 8.0.2810.9 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1508

Čas spuštění: 01d7fd9146197e8d

Čas ukončení: 91

Cesta k aplikaci: C:\Users\Taurus\AppData\Roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe

ID hlášení: 67722d20-6d11-4a15-8fcc-2b1362a9c9c2

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (12/30/2021 04:15:27 PM) (Source: MSDTC) (EventID: 4437) (User: )
Description: Účet, pod kterým je služba MS DTC spuštěná, je neplatný. Tato situace může nastat v případě, že se informace o účtu služby změnily pomocí modulu snap-in Služby v konzole Microsoft Management Console (MMC). Služba MS DTC se bude dál spouštět. Zajistěte aktualizaci informací o účtu služby MS DTC pomocí nástroje Component Services Explorer.

Error: (12/30/2021 04:14:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program javaw.exe verze 8.0.2810.9 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1d0c

Čas spuštění: 01d7fd8fd8eff4dd

Čas ukončení: 48

Cesta k aplikaci: C:\Users\Taurus\AppData\Roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe

ID hlášení: 3b4a741f-87e8-439c-8baa-90c9195d9163

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (12/30/2021 04:13:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program javaw.exe verze 8.0.2810.9 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 4f4

Čas spuštění: 01d7fd8f88065c38

Čas ukončení: 141

Cesta k aplikaci: C:\Users\Taurus\AppData\Roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe

ID hlášení: e408e2eb-3e97-44c9-aa84-f6b867d8ea2f

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (12/30/2021 12:37:06 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program javaw.exe verze 8.0.2810.9 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 154c

Čas spuštění: 01d7fd0c57b20338

Čas ukončení: 31

Cesta k aplikaci: C:\Users\Taurus\AppData\Roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe

ID hlášení: 2a42fe5d-5865-4ce3-aa10-90e4dfda082a

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (12/29/2021 05:46:27 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)


System errors:
=============
Error: (12/30/2021 11:59:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Ochrana softwaru neuspěla při spuštění v důsledku následující chyby:
V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.

Error: (12/30/2021 11:54:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Ochrana softwaru neuspěla při spuštění v důsledku následující chyby:
V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.

Error: (12/30/2021 11:50:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Ochrana softwaru neuspěla při spuštění v důsledku následující chyby:
V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.

Error: (12/30/2021 11:17:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Ochrana softwaru neuspěla při spuštění v důsledku následující chyby:
V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.

Error: (12/30/2021 11:11:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Ochrana softwaru neuspěla při spuštění v důsledku následující chyby:
V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.

Error: (12/30/2021 11:02:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Ochrana softwaru neuspěla při spuštění v důsledku následující chyby:
V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.

Error: (12/30/2021 10:55:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Ochrana softwaru neuspěla při spuštění v důsledku následující chyby:
V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.

Error: (12/30/2021 10:50:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Ochrana softwaru neuspěla při spuštění v důsledku následující chyby:
V systému Windows nelze ověřit digitální podpis tohoto souboru. Při nedávné změně hardwaru nebo softwaru mohl být nainstalován nesprávně podepsaný nebo poškozený soubor nebo soubor škodlivého softwaru z neznámého zdroje.


Windows Defender:
================
Date: 2020-09-25 11:00:36
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: App:Utorrent
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\Taurus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\µTorrent.lnk; file:_C:\Users\Taurus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk; file:_C:\Users\Taurus\AppData\Roaming\uTorrent\uTorrent.exe; file:_C:\Users\Taurus\Desktop\µTorrent.lnk; process:_pid:10196,ProcessStart:132454849080306146; regkey:_HKCU@S-1-5-21-440998740-4008055368-1726229258-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\uTorrent; regkey:_HKCU@S-1-5-21-440998740-4008055368-1726229258-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\uTorrent; runkey:_HKCU@S-1-5-21-440998740-4008055368-1726229258-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\uTorrent; uninstall:_HKCU@S-1-5-21-440998740-4008055368-1726229258-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\uTorrent
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel:
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.323.1852.0, AS: 1.323.1852.0, NIS: 1.323.1852.0
Verze modulu: AM: 1.1.17400.5, NIS: 1.1.17400.5

Date: 2020-09-25 10:56:45
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: App:Utorrent
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\Taurus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\µTorrent.lnk; file:_C:\Users\Taurus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk; file:_C:\Users\Taurus\AppData\Roaming\uTorrent\uTorrent.exe; file:_C:\Users\Taurus\Desktop\µTorrent.lnk; process:_pid:10196,ProcessStart:132454849080306146; regkey:_HKCU@S-1-5-21-440998740-4008055368-1726229258-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\uTorrent; regkey:_HKCU@S-1-5-21-440998740-4008055368-1726229258-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\uTorrent; runkey:_HKCU@S-1-5-21-440998740-4008055368-1726229258-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\uTorrent; uninstall:_HKCU@S-1-5-21-440998740-4008055368-1726229258-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\uTorrent
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.323.1852.0, AS: 1.323.1852.0, NIS: 1.323.1852.0
Verze modulu: AM: 1.1.17400.5, NIS: 1.1.17400.5

Date: 2020-09-25 10:47:57
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Adware:MSIL/CsdiMonetize!MSR
Závažnost: Vysoké
Kategorie: Software placený zobrazováním reklamy
Cesta: file:_C:\Users\Taurus\AppData\Local\Temp\swdovzxL\MosnwzLRRx19.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Verze bezpečnostních informací: AV: 1.323.1852.0, AS: 1.323.1852.0, NIS: 1.323.1852.0
Verze modulu: AM: 1.1.17400.5, NIS: 1.1.17400.5

Date: 2020-09-25 10:47:57
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Ymacco.AA8B
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Taurus\AppData\Local\Temp\rqcx1spbwq3\wyfdggm.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Verze bezpečnostních informací: AV: 1.323.1852.0, AS: 1.323.1852.0, NIS: 1.323.1852.0
Verze modulu: AM: 1.1.17400.5, NIS: 1.1.17400.5

Date: 2020-09-25 10:47:41
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Ymacco.AAD3
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Taurus\AppData\Local\Temp\3qmfw3vkjkx\ifhvvyy.exe; file:_C:\Users\Taurus\AppData\Local\Temp\fuimfk1fgog\ifhvvyy.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Verze bezpečnostních informací: AV: 1.323.1852.0, AS: 1.323.1852.0, NIS: 1.323.1852.0
Verze modulu: AM: 1.1.17400.5, NIS: 1.1.17400.5
Event[0]:

Date: 2020-08-11 20:06:11
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.1158.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===============
Date: 2021-12-31 00:25:42
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sppsvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-12-31 00:24:47
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Common Files\BattlEye\BEService.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-12-30 23:59:43
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sppsvc.exe because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

BIOS: Dell Inc. A15 02/02/2018
Motherboard: Dell Inc. 02YYK5
Processor: Intel(R) Core(TM) i3-4150 CPU @ 3.50GHz
Percentage of memory in use: 51%
Total physical RAM: 8100.14 MB
Available physical RAM: 3942.5 MB
Total Virtual: 9444.14 MB
Available Virtual: 5157.69 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.65 GB) (Free:216.89 GB) NTFS
Drive d: () (Removable) (Total:28.88 GB) (Free:28.87 GB) FAT32

\\?\Volume{0bc0bd82-37db-41d6-ae36-5ea087bc0ed5}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: C6ABB2D7)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 28.9 GB) (Disk ID: 7176D4B7)
Partition 1: (Not Active) - (Size=28.9 GB) - (Type=0C)

==================== End of Addition.txt =======================

[JaRon]

je to o poznanie lepsie, ALE:
stale tam vidim IOBit
preventivne odinstaluj aj javu
vycisti PC s Adwcleanerom log sem

[Ríša]

Fajn tak to jsem moc rád.
Jo a ono jde o to, že ten IObit jestli myslíte IObit Uninstaller, tak to je jediná moje aplikace na odinstalování her a já nevím čeho všeho ještě. A taky ohledně té javy, to teďka právě že potřebuju nainstalovat, jinak pak nemůžu hrát jednu hru. A mě to teď prostě nechce nainstalovat zpět. Co by jste mi prosím poradil vy? Předem děkuji.

[JaRon]

od IOBit by som do PC nedal NIC
doporucujem vycistit PC s CCleanerom vcetne registrov
Restart
javu mozes potom nainstalovat z www.java.com

[Ríša]

Dobrá, děkuji tady máte ten LOG z ADWcleaner.


# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2021-12-02.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-31-2021
# Duration: 00:00:03
# OS: Windows 10 Pro
# Cleaned: 28
# Failed: 0


***** [ Services ] *****

Deleted AppServiceb

***** [ Folders ] *****

Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted C:\Users\Taurus\AppData\Roaming\IObit\Advanced SystemCare
Deleted C:\Users\Taurus\AppData\Roaming\SysFiles
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\SOFTWARE\DFE38A35C1FBAEDA8A2E4B759D217A6A
Deleted HKCU\Software\IObit\Advanced SystemCare
Deleted HKCU\Software\Microsoft\Etsy
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\csastats
Deleted HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted HKLM\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted HKLM\Software\Classes\CLSID\{2803063F-4B8D-4dc6-8874-D1802487FE2D}
Deleted HKLM\Software\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99}
Deleted HKLM\Software\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}
Deleted HKLM\Software\Wow6432Node\IOBIT\ASC
Deleted HKLM\Software\Wow6432Node\IObit\Advanced SystemCare
Deleted HKLM\Software\Wow6432Node\IObit\RealTimeProtector
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}
Deleted HKLM\Software\Wow6432Node\\Google\Chrome\NativeMessagingHosts\com.ascplugin.protect
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [4141 octets] - [31/12/2021 13:00:44]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

[JaRon]

Dalsi krok spravnym smerom

[Ríša]

Super.
Jenže mám tu ještě jeden problém. Vlastně jich je trošku víc
1. Chci si zahrát nějakou hru. Ale abych si tu hru mohl zahrát, tak potřebuju stáhnout Steam a pak tu hru. Jenže ta hra mi nejde aktualizovat a píše mi to tam, že poškozené soubory aktualizace. Nevíte prosím co s tím?
2. Ta další věc. Nejde mi pořád nainstalovat Java. Píše mi to, že to není nainstalované a píše mi to, že tam je nějaká chyba 1601.
Posílám screenshot.
3. Po tom co jsem vyčistil pc, se mi ukázal dole na obrazovce text, který je seklý a ukazuje se mi všude, jako by to byl nějaký vodotisk. Ten text je: "aktivujte windows, přejděte do nastavení a aktivujte systém windows".

Moc děkuji.

[JaRon]

Rozhodne zacni bodom 3
Do okno pre kod Win zadaj znaky z nalepky na PC prip. s pomocou MS support
Java po odinstalovani by mala ist nainstalovat

[Ríša]

Dobrý den, hned jsem začal bodem 3 jak jste mi poradil jenže já najedu do nastavení tam je windows update furt se mi to načítá tudíž se nemůžu dostat do kategorie aktivace ale jelikož se mi to furt načítá tak se nemohu dostat nikde jinde, a pak se mi to nastavení vypne. A takhle to furt je.

ohledně toho windows MS support a ATD. co jste mi psaly tak to jsem trochu nepochopil absoultně nevím jak najet nevím jaké okýnko pro windows. omlouvám se ale nechápu.

a ohledně té Javy to opravdu nejde odinstaloval jsem ji a už to nejde zpátky fuurt mi to píše že nějaký error 1601 a že to nebylo nainstalované.

[JaRon]

Co sa tyka javy skus aplikovat bod 13 https://tipsmake.com/how-to-fix-the-err ... stall-java
Ohladne Win - je ten OS legalny

[Ríša]

Noo nefunguje nic z té stránky co jsem zkoušel bohužel no. Aa ohledně toho windowsu ten jsem našel na googlu pak jsem to stáhl přetáhl do flashky a pak jsem to stáhl do tohohle počítače a dal jsem tam kod co byl na tom počítači. ted mě jenom tak napadlo asi by bylo dobré to naběhnout VŠECHNO ODZNOVA jakože ten systém. Dát to do továrního nastavení.

[JaRon]

Aktivacia https://pptechnews.com/how-to/how-to-ac ... indows-10/
Ak mas kod z krabice nemal by byt problem

[Ríša]

Dobrý den.
No, jakoby to moje nastavení pořád nejde, když najedu na windows update tak se mi to načítá dejme tomu třeba 2 minuty až třeba 4 a pak mi to nastavení spadne. Ohledně toho nastavení mi to vždycky najede na kategorii windows update a už to pak nejde třeba přepnout na aktivace. co se týče té Javy, pořád a pořád se mi nedaří nainstalovat a pořád mi to tam píše tu chybku. (že to nebylo nainstalováno a to číslo 1601) Ale tak co, bohužel to asi budu muset dát do továrního nastavení. A doufám že registry pak budou v pohodě, že Java půjde nainstalovat a tu jednu hru, kterou si chci zahrát, tak taky půjde.
No je toho hodně, tak teda doufám, že to pak půjde a že to neudělám zbytečně. A to je asi všechno. Jinak teda děkuju za pomoc. Díky Vám jsem přišel na dobré antivirové aplikace a pomohl jste mi ten počítač nějak zrychlit,
odvirovat atd..
Tak teda děkuju a přeji hezký zbytek dne.