Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Preventivka - dlouho nekontrolováno

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Lorganification
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 14 zář 2021 10:34

Preventivka - dlouho nekontrolováno

#1 Příspěvek od Lorganification »

Zdravíčko :-)

Dlouho jsem si u Vás nenechal kontrolovat log (dřív jsem měl jinou accountu a hodně jste mi zde pomáhali, ale ta už je v propadlišti dějin xD), tak mě napadlo, že bych rád poprosil o kontrolu :worship:

FRST.txt zde

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-03-2023
Ran by X230 (administrator) on DESKTOP-KNL8DH0 (LENOVO 2325VJV) (30-03-2023 14:13:51)
Running from C:\Users\X230\Desktop
Loaded Profiles: X230
Platform: Microsoft Windows 10 Pro Version 22H2 19045.2728 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ->) (Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(cmd.exe ->) (Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Users\X230\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(DriverStore\FileRepository\fn.inf_amd64_6df953d54d3099b9\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FN32EE~1.INF\driver\shtctky.exe
(DriverStore\FileRepository\fn.inf_amd64_6df953d54d3099b9\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FN32EE~1.INF\driver\tpnumlkd.exe
(DriverStore\FileRepository\fn.inf_amd64_6df953d54d3099b9\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FN32EE~1.INF\driver\tposd.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <23>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(services.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_6df953d54d3099b9\driver\tphkload.exe
(services.exe ->) (Lenovo -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (Trafficreg Software) [File not signed] C:\Program Files\TMeter\TrafSvc.exe
(svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23012.167.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19572536 2021-07-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617880 2021-07-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [220056 2023-03-16] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [TrafMonitor] => C:\Program Files\TMeter\trafmonitor.exe [550400 2018-03-04] () [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3269600821-496837758-4138566819-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4282328 2022-06-07] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3269600821-496837758-4138566819-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5704656 2023-03-21] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3269600821-496837758-4138566819-1001\...\Run: [Microsoft Edge Update] => C:\Users\X230\AppData\Local\Microsoft\EdgeUpdate\1.3.173.51\MicrosoftEdgeUpdateCore.exe [263648 2023-03-18] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3269600821-496837758-4138566819-1001\...\Run: [GalaxyClient] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe /launchViaAutoStart (No File)
HKU\S-1-5-21-3269600821-496837758-4138566819-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38966072 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3269600821-496837758-4138566819-1001\...\MountPoints2: {887ba6e6-1213-11ec-b4c4-2cd05a7fe6a2} - "E:\Lenovo_Suite.exe"
HKU\S-1-5-21-3269600821-496837758-4138566819-500\...\Run: [MicrosoftEdgeAutoLaunch_98769996E24836F99EC8617644423B4C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4055952 2023-03-24] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3269600821-496837758-4138566819-500\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3269600821-496837758-4138566819-500\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\111.0.5563.147\Installer\chrmstp.exe [2023-03-29] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0FBFACBC-98F7-4129-8E24-BF2E605DBC6C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-06-20] (Google LLC -> Google LLC)
Task: {1B5D9D24-638A-4CA0-BCD7-3983D608214E} - System32\Tasks\CCleanerSkipUAC - X230 => C:\Program Files\CCleaner\CCleaner.exe [32631096 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {2C846061-65C6-4667-A1EA-B3D56B2340BB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-06-20] (Google LLC -> Google LLC)
Task: {2EA0419D-729A-4408-BDBD-48AA06CA7970} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3269600821-496837758-4138566819-1001Core => C:\Users\X230\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205744 2022-06-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {376EDD45-456C-45D2-B166-B9E25A9A73B5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1560056 2023-02-01] (Adobe Inc. -> Adobe Inc.)
Task: {45F4698D-D292-4E36-8BE8-EF1C4DF0E6A2} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\Windows\SysWOW64\PowerMgrInst.exe [65016 2022-12-05] (Lenovo -> )
Task: {4BA98C3B-E7D9-4437-9A07-26D6BC763A52} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2023-02-08] (Piriform Software Ltd -> Piriform)
Task: {57F912B8-6AC0-4FEF-9DC0-15BC907011DB} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "f369150a-2f54-41e5-8f3b-05139d7f4726" --version "6.09.10300" --silent
Task: {5C25C2A1-8B52-4A8C-A3F5-CC91069B8FB9} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe PendingTask (No File)
Task: {7244790E-DD85-4F0D-9912-91FF836522EA} - System32\Tasks\Trojan Remover => C:\Program Files\Loaris Trojan Remover\ltr.exe (No File)
Task: {7282EC2A-43CF-4494-93AA-AC24A8BC56BD} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-03-22] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {833F7938-2948-4596-BF71-76810AB5B994} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5000600 2023-03-16] (Avast Software s.r.o. -> AVAST Software)
Task: {926C4A5E-A7C8-4C34-AA40-DCB36BEE19AA} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [129016 2022-12-05] (Lenovo -> Lenovo)
Task: {B2F04EFA-6646-4F94-9A1C-7CADF6D55035} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3269600821-496837758-4138566819-1001UA => C:\Users\X230\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205744 2022-06-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {C02C6542-F1E8-4454-AC45-98827C1C3360} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe -autostart (No File)
Task: {C3BBF21D-C392-4935-826D-905F84FD7666} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-3269600821-496837758-4138566819-1001 => C:\Users\X230\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [89096 2022-10-19] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {D9391932-5463-417A-BE2F-FA0C89D317B5} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [718752 2023-03-22] (Mozilla Corporation -> Mozilla Foundation)
Task: {E28B1C7D-860A-4EE3-917C-C359E47F94B7} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe /CM -search R -action INSTALL -includerebootpackages 1,3,4,5 -noicon -noreboot -nolicense -defaultupdate -schtask (No File)
Task: {E7BAA6EC-057F-4742-BF34-8709F489D312} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2295192 2023-01-30] (Avast Software s.r.o. -> Avast Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{98c74573-7e83-4ad0-be21-bcc636c59d39}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{a7530307-1f26-43a0-aa24-ffdedaf46210}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge Profile: C:\Users\X230\AppData\Local\Microsoft\Edge\User Data\Default [2022-12-28]

FireFox:
========
FF DefaultProfile: ptdnnier.default
FF ProfilePath: C:\Users\X230\AppData\Roaming\Mozilla\Firefox\Profiles\ptdnnier.default [2021-09-14]
FF Homepage: Mozilla\Firefox\Profiles\ptdnnier.default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF NewTab: Mozilla\Firefox\Profiles\ptdnnier.default -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF ProfilePath: C:\Users\X230\AppData\Roaming\Mozilla\Firefox\Profiles\xft4p477.default-release [2023-03-30]
FF Homepage: Mozilla\Firefox\Profiles\xft4p477.default-release -> hxxps://www.csfd.cz/film/75613-agatha-christie- ... t/prehled/
FF NewTab: Mozilla\Firefox\Profiles\xft4p477.default-release -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF Extension: (Facebook Container) - C:\Users\X230\AppData\Roaming\Mozilla\Firefox\Profiles\xft4p477.default-release\Extensions\@contain-facebook.xpi [2022-11-04]
FF Extension: (AdBlocker Ultimate) - C:\Users\X230\AppData\Roaming\Mozilla\Firefox\Profiles\xft4p477.default-release\Extensions\adblockultimate@adblockultimate.net.xpi [2023-01-25]
FF Extension: (Language: English (GB)) - C:\Users\X230\AppData\Roaming\Mozilla\Firefox\Profiles\xft4p477.default-release\Extensions\langpack-en-GB@firefox.mozilla.org.xpi [2023-03-22]
FF Extension: (British English Dictionary (Marco Pinto)) - C:\Users\X230\AppData\Roaming\Mozilla\Firefox\Profiles\xft4p477.default-release\Extensions\marcoagpinto@mail.telepac.pt.xpi [2023-03-02]
FF Extension: (Twitch Now) - C:\Users\X230\AppData\Roaming\Mozilla\Firefox\Profiles\xft4p477.default-release\Extensions\{8f080f97-8c85-4e04-8769-f0bba29f5858}.xpi [2021-09-28]
FF Extension: (Dictionary Anywhere) - C:\Users\X230\AppData\Roaming\Mozilla\Firefox\Profiles\xft4p477.default-release\Extensions\{e90f5de4-8510-4515-9f67-3b6654e1e8c2}.xpi [2021-09-14]
FF SearchPlugin: C:\Users\X230\AppData\Roaming\Mozilla\Firefox\Profiles\xft4p477.default-release\searchplugins\Poshukach Engin Search.xml [2021-09-11]
FF Plugin: @java.com/DTPlugin,version=11.361.2 -> C:\Program Files\Java\jre1.8.0_361\bin\dtplugin\npDeployJava1.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.361.2 -> C:\Program Files\Java\jre1.8.0_361\bin\plugin2\npjp2.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.14 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-03-21] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\X230\AppData\Local\Google\Chrome\User Data\Default [2023-03-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\X230\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-09-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\X230\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-20]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-02-01] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8905624 2023-03-16] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [583064 2023-03-16] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [583576 2023-03-16] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-09-11] (Avast Software s.r.o. -> AVAST Software)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6841416 2022-07-01] (GOG Sp. z o.o. -> GOG.com)
S2 LPlatSvc; C:\Windows\System32\LPlatSvc.exe [892288 2019-12-11] (Lenovo -> Lenovo.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [226976 2023-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TPHKLOAD; C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_6df953d54d3099b9\driver\TPHKLOAD.exe [465192 2021-03-30] (Lenovo -> Lenovo Group Limited)
R2 TrafSvc; C:\Program Files\TMeter\TrafSvc.exe [2204672 2018-03-04] (Trafficreg Software) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe [2772856 2021-09-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe [136640 2021-09-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 GalaxyClientService; "C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [31424 2023-03-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [231808 2023-03-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [391856 2023-03-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [297880 2023-03-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [95960 2023-03-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [25576 2022-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [39648 2023-03-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [268480 2023-03-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [557136 2023-03-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [105248 2023-03-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [80416 2023-03-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [941928 2023-03-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [699624 2023-03-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [212640 2023-03-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [319056 2023-03-16] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R3 GemCCID; C:\Windows\System32\drivers\GemCCID.sys [137712 2016-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Gemalto)
S3 ldiagio; C:\Program Files\Lenovo\Lenovo Diagnostics Tool\ldiagio.sys [31568 2020-09-01] (WDKTestCert andre.luis,132164092889939783 -> Lenovo Group Limited (R))
R3 LnvHIDHW; C:\Windows\System32\drivers\LnvHIDHW.sys [27496 2012-07-30] (Lenovo(Japan)Ltd. -> Lenovo)
R3 MbmUsbSerial; C:\Windows\System32\Drivers\MbmUsbSerial.sys [81392 2015-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Ericsson AB)
R3 MkBusFilter; C:\Windows\system32\DRIVERS\MbmDeviceFilter.sys [42208 2015-06-30] (Ericsson AB -> )
R0 PMDRVS; C:\Windows\System32\drivers\pmdrvs.sys [38160 2019-12-11] (Lenovo -> Lenovo.)
R3 risdxc; C:\Windows\System32\drivers\risdxc64.sys [106496 2013-09-08] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R3 rtwlane_13; C:\Windows\System32\drivers\rtwlane_13.sys [3717120 2019-12-07] (Microsoft Windows -> Realtek Semiconductor Corporation)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R1 tmeter; C:\Windows\system32\DRIVERS\tmeter.sys [54376 2018-03-04] (Mainline Net Holdings Limited -> Trafficreg Software)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [48536 2021-09-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [433384 2021-09-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86264 2021-09-10] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-03-30 14:13 - 2023-03-30 14:14 - 000023327 _____ C:\Users\X230\Desktop\FRST.txt
2023-03-30 14:09 - 2023-03-30 14:09 - 002379264 _____ (Farbar) C:\Users\X230\Desktop\FRST64 (1).exe
2023-03-29 22:42 - 2023-03-29 22:42 - 000135736 _____ C:\Users\X230\Downloads\[SkT]Hvezdna_brana___Stargate_SG1_S1_(CZ)[1080p]_=_CSFD_72%.torrent
2023-03-29 21:19 - 2023-03-29 21:19 - 000357732 _____ C:\Users\X230\Downloads\[SkT]Hvezdna_Brana_-_Komplet_SG-1,_SGA,_SGU,_Film_(1994_-_2009)(CZ_EN)_=_CSFD_76%.torrent
2023-03-29 15:43 - 2023-03-29 15:43 - 000035516 _____ C:\Users\X230\Downloads\[SkT]Star_Trek _Do_temnoty___Star_Trek_Into_Darkness_(2013)(CZ_EN)[1080p]_=_CSFD_81%(1).torrent
2023-03-29 13:31 - 2023-03-29 13:31 - 000058880 _____ C:\Users\X230\Downloads\vyvoj-sp-rezortu-mo-v-letech--1992---2022.xls
2023-03-29 01:44 - 2023-03-29 01:44 - 000000000 ____D C:\Users\X230\AppData\LocalLow\Nerial
2023-03-29 01:31 - 2023-03-29 01:31 - 000001812 _____ C:\Users\Public\Desktop\Reigns - Game of Thrones.lnk
2023-03-29 01:31 - 2023-03-29 01:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reigns - Game of Thrones [GOG.com]
2023-03-29 01:02 - 2023-03-29 01:20 - 332049686 _____ C:\Users\X230\Downloads\Reigns Game of Thrones 1.0 (24471) GOG.rar
2023-03-27 23:03 - 2023-03-28 00:14 - 1308408388 _____ C:\Users\X230\Downloads\Star Trek 2009 CZ dabing.AVI
2023-03-27 22:40 - 2023-03-27 22:40 - 000035516 _____ C:\Users\X230\Downloads\[SkT]Star_Trek _Do_temnoty___Star_Trek_Into_Darkness_(2013)(CZ_EN)[1080p]_=_CSFD_81%.torrent
2023-03-27 22:39 - 2023-03-27 22:39 - 000018633 _____ C:\Users\X230\Downloads\[SkT]Star_Trek _Do_temnoty___Star_Trek_Into_Darkness_(2013)(CZ_EN)[720p]_=_CSFD_81%.torrent
2023-03-27 22:33 - 2022-07-16 00:59 - 000000000 ____D C:\Users\X230\Downloads\Star Trek (2009) [1080p] {Legendado}
2023-03-27 19:39 - 2023-03-27 19:39 - 000016331 _____ C:\Users\X230\Downloads\[SkT]Star_Trek_(2009)(CZ)_=_CSFD_84%.torrent
2023-03-27 19:37 - 2023-03-27 19:37 - 000072610 _____ C:\Users\X230\Downloads\[SkT]Star_Trek_(2009)(CZ_EN)[1080p]_=_CSFD_84%.torrent
2023-03-27 19:35 - 2023-03-27 19:35 - 000552821 _____ C:\Users\X230\Downloads\[SkT]Star_Trek_-_Komplet_(1979-2009)(CZ_EN)[1080p]_=_CSFD_74%.torrent
2023-03-27 18:28 - 2023-03-27 18:28 - 000036591 _____ C:\Users\X230\Downloads\[SkT]Star_trek_(2009)(CZ_EN)[720p]_=_CSFD_84%.torrent
2023-03-27 15:39 - 2023-03-27 15:39 - 000000000 ____D C:\Users\X230\Downloads\gldirect5_opensource
2023-03-27 15:38 - 2023-03-27 15:38 - 002306095 _____ C:\Users\X230\Downloads\gldirect5_opensource.zip
2023-03-27 15:29 - 2023-03-27 15:29 - 000001059 _____ C:\Users\Public\Desktop\Play Star Wars Jedi Knight Jedi Academy.lnk
2023-03-27 15:29 - 2023-03-27 15:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Wars Jedi Knight Jedi Academy
2023-03-26 14:39 - 2023-03-26 14:39 - 000000000 ____D C:\Temp
2023-03-25 12:29 - 2023-03-25 12:29 - 000699487 _____ C:\Users\X230\Downloads\WB_BattleSizer_Install(1).exe
2023-03-25 12:25 - 2023-03-25 12:25 - 000001112 _____ C:\Users\X230\Desktop\M&B Battle Sizer.lnk
2023-03-25 12:22 - 2023-03-25 12:22 - 000001826 _____ C:\Users\Public\Desktop\Mount and Blade - Warband.lnk
2023-03-25 12:21 - 2023-03-25 12:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mount and Blade - Warband [GOG.com]
2023-03-25 12:18 - 2023-03-25 12:18 - 000716248 _____ C:\Users\X230\Downloads\battlesizer_install.exe
2023-03-25 12:18 - 2023-03-25 12:18 - 000716248 _____ C:\Users\X230\Downloads\battlesizer_install(1).exe
2023-03-25 12:06 - 2023-03-25 12:15 - 859366204 _____ C:\Users\X230\Downloads\TLD_3.6_wb.7z
2023-03-25 11:50 - 2023-03-25 12:06 - 1168818246 _____ C:\Users\X230\Downloads\Perisno_1.4.5.7z
2023-03-22 23:26 - 2023-03-24 11:25 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-03-22 16:27 - 2023-03-22 16:27 - 000251113 _____ C:\Users\X230\Downloads\[SkT]Hvezdne_valky_-_Kolekce___Star_Wars_-_Collection_(1977-2005)(CZ_EN)[1080p]_=_CSFD_79%.torrent
2023-03-22 14:38 - 2023-03-22 14:38 - 000004166 _____ C:\Users\X230\Downloads\[SkT]Prelet_nad_kukaccim_hnizdem___One_Flew_Over_the_Cuckoo's_Nest_(1975)(Mastered)(Hevc)(1080p)(BluRay)(English-CZ)_=_CSFD_92%.torrent
2023-03-22 14:14 - 2023-03-22 14:14 - 000015460 _____ C:\Users\X230\Downloads\[SkT]Apokalypsa_v_Hollywoodu___This_Is_the_End_(2013)(CZ)_=_CSFD_61%.torrent
2023-03-21 13:33 - 2023-03-21 17:48 - 372523722 _____ C:\Users\X230\Downloads\Zachraňte vojína Rya.. (1998) Cz,Sk,En digitálne remastrované.mkv
2023-03-21 13:30 - 2023-03-21 13:30 - 000031778 _____ C:\Users\X230\Downloads\[SkT]Zachrante_vojina_Ryana___Zachrante_vojaka_Ryana___Saving_Private_Ryan_(1998)(CZ)_=_CSFD_89%.torrent
2023-03-20 13:17 - 2023-03-20 14:00 - 799748119 _____ C:\Users\X230\Downloads\WHyr.DOC Cestování červí dírou s Morganem Freemanem-S05E10-Počátek času.mkv
2023-03-20 12:37 - 2023-03-20 13:17 - 729113853 _____ C:\Users\X230\Downloads\Cestování.červí.dírou.s.Morganem.Freemanem.S4E02.Přežijeme.smrt.Slunce.2013.720p.WEBRip.CZ.mp4
2023-03-20 12:36 - 2023-03-20 12:36 - 000018338 _____ C:\Users\X230\Downloads\[SkT]Cestovani_cervi_dirou_s_Morganem_Freemanem___Through_the_Wormhole_-_4._serie_(CZ)[WebRip]_=_CSFD_85%.torrent
2023-03-19 23:26 - 2023-03-19 23:26 - 000013327 _____ C:\Users\X230\Downloads\[SkT]Forest_Gump_(1994)(CZ)_=_CSFD_95%.torrent
2023-03-16 12:33 - 2023-03-16 12:33 - 000308120 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2023-03-15 10:41 - 2023-03-15 10:41 - 000000000 ___HD C:\$WinREAgent
2023-03-14 12:31 - 2023-03-14 12:31 - 000148362 _____ C:\Users\X230\Downloads\[SkT]Futurama_-_Komplet_ _Futufilmy_(2009-2016)(CZ)_=_CSFD_88%.torrent
2023-03-14 12:25 - 2023-03-14 12:25 - 000134720 _____ C:\Users\X230\Downloads\[SkT]____Futurama_1._-_7._serie_ _Futufilmy_(CZ)[TvRip][HEVC]_=_CSFD_88%.torrent
2023-03-12 11:56 - 2023-03-12 14:08 - 2440965143 _____ C:\Users\X230\Downloads\Pátý Element {The Fifth Element}(1997)[FHD,H.265;5.1]_Cz&En-Dub+Cz-Sub.mkv
2023-03-12 11:51 - 2023-03-12 11:51 - 000017949 _____ C:\Users\X230\Downloads\[SkT]Paty_element___Le_Cinquieme_element_(1997)(CZ)_=_CSFD_84%.torrent
2023-03-09 05:52 - 2023-03-09 06:05 - 000000000 ____D C:\Users\X230\Downloads\Patrick Rothfuss Kronika Královraha 2 Strach moudrého muže (audiokniha) Celek.zip
2023-03-07 06:19 - 2023-03-07 06:19 - 000000000 ____D C:\Users\X230\Downloads\Rothfuss, Patrick - Jméno větru II
2023-03-06 22:30 - 2023-03-06 23:17 - 860191596 _____ C:\Users\X230\Downloads\Rothfuss, Patrick - Jméno větru II.rar
2023-03-06 21:47 - 2023-03-06 21:47 - 005083088 _____ (Blizzard Entertainment) C:\Users\X230\Downloads\Heroes-of-the-Storm-Setup.exe
2023-03-04 11:52 - 2023-03-04 11:52 - 001876505 _____ C:\Users\X230\Downloads\document.pdf
2023-03-02 14:04 - 2023-03-02 14:04 - 000000000 ____D C:\Users\X230\Downloads\Rothfuss, Patrick - Jméno větru I
2023-03-02 11:31 - 2023-03-02 12:21 - 910212318 _____ C:\Users\X230\Downloads\Rothfuss, Patrick - Jméno větru I.rar

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-03-30 14:14 - 2021-09-14 13:41 - 000000000 ____D C:\FRST
2023-03-30 14:13 - 2021-09-11 11:43 - 000000000 ____D C:\Users\X230\AppData\LocalLow\Mozilla
2023-03-30 13:46 - 2022-09-30 18:39 - 000003046 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-03-30 13:46 - 2022-09-30 18:39 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-03-30 13:46 - 2022-07-05 16:31 - 000003058 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3269600821-496837758-4138566819-500
2023-03-30 13:46 - 2022-07-05 16:31 - 000002854 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3269600821-496837758-4138566819-500
2023-03-30 13:46 - 2022-06-30 17:05 - 000003740 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3269600821-496837758-4138566819-1001UA
2023-03-30 13:46 - 2022-06-30 17:05 - 000003644 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3269600821-496837758-4138566819-1001Core
2023-03-30 13:46 - 2021-12-13 15:50 - 000003062 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3269600821-496837758-4138566819-1001
2023-03-30 13:46 - 2021-09-14 12:50 - 000002394 _____ C:\Windows\system32\Tasks\Trojan Remover
2023-03-30 13:46 - 2021-09-11 11:47 - 000002988 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-03-30 13:46 - 2021-09-11 11:47 - 000002250 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - X230
2023-03-30 13:46 - 2021-06-20 21:03 - 000002274 _____ C:\Windows\system32\Tasks\DolbySelectorTask
2023-03-30 13:46 - 2021-06-20 21:02 - 000003482 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2023-03-30 13:46 - 2021-06-20 20:44 - 000003402 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2023-03-30 13:46 - 2021-06-20 20:44 - 000003178 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2023-03-30 13:46 - 2021-06-20 20:25 - 000002858 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3269600821-496837758-4138566819-1001
2023-03-30 13:46 - 2021-06-20 19:35 - 000003568 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-03-30 13:46 - 2021-06-20 19:35 - 000003344 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-03-30 13:37 - 2021-06-20 19:34 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-03-30 13:16 - 2021-09-11 14:25 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2023-03-30 12:02 - 2021-06-20 20:44 - 000000000 ____D C:\Users\X230\AppData\Roaming\vlc
2023-03-30 11:57 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-03-30 11:57 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2023-03-30 11:55 - 2021-09-11 11:47 - 000000000 ____D C:\Program Files\CCleaner
2023-03-30 11:52 - 2021-06-20 20:44 - 000000000 ____D C:\Program Files (x86)\Google
2023-03-30 11:52 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-03-30 01:26 - 2021-06-20 21:08 - 000000000 __SHD C:\Users\X230\IntelGraphicsProfiles
2023-03-30 01:25 - 2021-09-11 13:14 - 000000000 ____D C:\Users\X230\AppData\Roaming\uTorrent
2023-03-30 00:28 - 2022-10-12 20:51 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2023-03-30 00:28 - 2022-10-12 20:51 - 000002124 _____ C:\Users\Public\Desktop\Acrobat Reader.lnk
2023-03-30 00:07 - 2021-09-14 13:58 - 000000000 ____D C:\SHBLAS
2023-03-29 23:36 - 2021-06-20 20:44 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-03-29 23:36 - 2021-06-20 20:44 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-03-29 21:35 - 2021-09-11 13:17 - 000000000 ____D C:\Users\X230\AppData\Local\BitTorrentHelper
2023-03-29 15:42 - 2022-08-16 16:47 - 000000000 ____D C:\Games
2023-03-29 13:19 - 2021-06-20 19:41 - 001693712 _____ C:\Windows\system32\PerfStringBackup.INI
2023-03-29 13:19 - 2019-12-07 16:43 - 000718160 _____ C:\Windows\system32\perfh005.dat
2023-03-29 13:19 - 2019-12-07 16:43 - 000145302 _____ C:\Windows\system32\perfc005.dat
2023-03-29 13:19 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2023-03-29 01:31 - 2022-04-16 15:26 - 000000000 ____D C:\GOG Games
2023-03-27 16:02 - 2021-09-14 11:03 - 000000000 ____D C:\Users\X230\AppData\Local\CrashDumps
2023-03-27 14:49 - 2021-09-15 12:11 - 000000000 ____D C:\Users\X230\AppData\Local\ElevatedDiagnostics
2023-03-27 02:15 - 2021-09-11 14:26 - 000000000 ____D C:\Users\X230\AppData\Local\Avast Software
2023-03-27 01:44 - 2021-09-11 14:25 - 000004264 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2023-03-26 14:41 - 2021-06-20 20:23 - 000002374 _____ C:\Users\X230\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-03-26 14:40 - 2023-01-16 23:18 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-03-26 14:40 - 2021-06-20 19:35 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-03-24 11:26 - 2021-09-11 13:16 - 000000000 ____D C:\ProgramData\Avast Software
2023-03-24 11:25 - 2021-09-11 11:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-03-24 11:25 - 2021-06-20 19:35 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-03-24 11:25 - 2021-06-20 19:34 - 000008192 ___SH C:\DumpStack.log.tmp
2023-03-23 23:08 - 2019-12-07 11:03 - 001048576 _____ C:\Windows\system32\config\BBI
2023-03-23 16:52 - 2022-06-29 22:25 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2023-03-23 16:52 - 2021-09-11 11:43 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-03-22 23:11 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2023-03-22 12:24 - 2023-02-18 11:40 - 000000000 ____D C:\Users\X230\AppData\Roaming\.minecraft
2023-03-19 18:35 - 2021-06-20 19:34 - 000295216 _____ C:\Windows\system32\FNTCACHE.DAT
2023-03-19 18:34 - 2021-09-14 14:04 - 000000000 ____D C:\Windows\system32\Drivers\en-GB
2023-03-19 18:34 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-03-19 18:34 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-03-19 18:34 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2023-03-19 18:34 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2023-03-19 18:34 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-03-19 18:34 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2023-03-16 12:33 - 2021-09-11 14:25 - 000941928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2023-03-16 12:33 - 2021-09-11 14:25 - 000699624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2023-03-16 12:33 - 2021-09-11 14:25 - 000557136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2023-03-16 12:33 - 2021-09-11 14:25 - 000391856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2023-03-16 12:33 - 2021-09-11 14:25 - 000319056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2023-03-16 12:33 - 2021-09-11 14:25 - 000297880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2023-03-16 12:33 - 2021-09-11 14:25 - 000268480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2023-03-16 12:33 - 2021-09-11 14:25 - 000231808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2023-03-16 12:33 - 2021-09-11 14:25 - 000105248 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2023-03-16 12:33 - 2021-09-11 14:25 - 000095960 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2023-03-16 12:33 - 2021-09-11 14:25 - 000080416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2023-03-16 12:33 - 2021-09-11 14:25 - 000039648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2023-03-16 12:33 - 2021-09-11 14:25 - 000031424 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2023-03-16 12:33 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-03-15 11:16 - 2023-02-06 15:51 - 000070447 _____ C:\Users\X230\Desktop\Matouš - CV.pdf
2023-03-15 11:16 - 2023-02-06 14:56 - 000019024 _____ C:\Users\X230\Desktop\Matouš - CV.odt
2023-03-15 10:50 - 2021-06-20 19:39 - 003015680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-03-15 10:39 - 2021-06-20 20:37 - 000000000 ____D C:\Windows\system32\MRT
2023-03-15 10:34 - 2021-06-20 20:37 - 153620824 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-03-09 06:02 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\LiveKernelReports

==================== Files in the root of some directories ========

2022-01-10 20:50 - 2021-12-16 03:34 - 171627088 _____ () C:\Program Files\Creality_Slicer-4.8.2-build-205-win64.exe
2021-10-17 14:09 - 2021-10-17 14:09 - 000000045 _____ () C:\Users\X230\AppData\Roaming\~SiMPLEX.ini
2021-10-04 13:41 - 2021-10-04 13:41 - 000007602 _____ () C:\Users\X230\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Addition.txt zde

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-03-2023
Ran by X230 (30-03-2023 14:15:51)
Running from C:\Users\X230\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.2728 (X64) (2021-06-20 17:37:23)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3269600821-496837758-4138566819-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-3269600821-496837758-4138566819-503 - Limited - Disabled)
Guest (S-1-5-21-3269600821-496837758-4138566819-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3269600821-496837758-4138566819-504 - Limited - Disabled)
X230 (S-1-5-21-3269600821-496837758-4138566819-1001 - Administrator - Enabled) => C:\Users\X230

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3269600821-496837758-4138566819-1001\...\uTorrent) (Version: 3.6.0.46738 - BitTorrent Inc.)
4K Video Downloader (HKLM\...\{03F69D1E-C059-4EB9-B009-DD540D9D8E20}) (Version: 4.18.5.4570 - Open Media LLC) Hidden
4K Video Downloader (HKLM-x32\...\{402c7116-7403-4e59-b91f-0a3898c7b7c6}) (Version: 4.18.5.4570 - Open Media LLC)
7-Zip 21.06 (x64) (HKLM\...\7-Zip) (Version: 21.06 - Igor Pavlov)
7-Zip 22.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-2200-000001000000}) (Version: 22.00.00.0 - Igor Pavlov)
Adobe Acrobat Reader (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 23.001.20093 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601042}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Age of Empires II HD (c) Microsoft Studios version 1 (HKLM-x32\...\QWdlIG9mIEVtcGlyZXMgSUkgSEQgKGMpIE1pY3Jvc29mdCBTdHVkaW9z_is1) (Version: 1 - )
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.00 - Ubisoft)
AutoHotkey 1.1.33.10 (HKLM\...\AutoHotkey) (Version: 1.1.33.10 - Lexikos)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 23.2.6053 - Avast Software)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1189.1 - AVAST Software) Hidden
Balíček ovladače systému Windows - Adafruit Industries LLC (usbser) Ports (02/25/2016 6.2.2600.0) (HKLM\...\1245A5961AC9D2C18ADF9EEC931D77E059B7F74E) (Version: 02/25/2016 6.2.2600.0 - Adafruit Industries LLC)
Balíček ovladače systému Windows - Arduino LLC (www.arduino.cc) Arduino USB Driver (11/24/2015 1.2.3.0) (HKLM\...\8B585560B248755A6C5A24D5C0F50FA998310883) (Version: 11/24/2015 1.2.3.0 - Arduino LLC (www.arduino.cc))
Balíček ovladače systému Windows - Arduino LLC (www.arduino.cc) Genuino USB Driver (01/07/2016 1.0.3.0) (HKLM\...\EC414D98E2986DCA1628FAED2163CD1C9A4ED7EC) (Version: 01/07/2016 1.0.3.0 - Arduino LLC (www.arduino.cc))
Balíček ovladače systému Windows - libusb-win32 (libusb0) libusb-win32 devices (04/21/2015 1.0.0.0) (HKLM\...\28E91B69CA377EB48D6E1B92C37F897036E8A818) (Version: 04/21/2015 1.0.0.0 - libusb-win32)
Beat Hazard Ultra (HKLM-x32\...\2129967154_is1) (Version: 1.6 - GOG.com)
blender (HKLM\...\{8E411BEA-E05E-4E73-B9D3-A89A3084D67D}) (Version: 3.0.0 - Blender Foundation)
CCleaner (HKLM\...\CCleaner) (Version: 6.09 - Piriform)
CPUID HWMonitor 1.44 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.44 - CPUID, Inc.)
Creality Slicer 4.8.2 (HKLM-x32\...\Creality Slicer 4.8.2) (Version: 4.8.2 - Creality Company)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
Game of Thrones: A Telltale Games Series - Episodes 1-6 (HKLM-x32\...\Game of Thrones: A Telltale Games Series - Episodes 1-6_is1) (Version: - )
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Earth Pro (HKLM\...\{F27DBA46-80E1-4858-9285-19198FFFBF3D}) (Version: 7.3.6.9345 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 111.0.5563.147 - Google LLC)
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
iMyFone AnyRecover 5.3.1.5 (HKLM-x32\...\{89DFCC5A-39CC-4AE7-8313-1ED6553E1ADD}_is1) (Version: 5.3.1.5 - Shenzhen iMyFone Technology Co., Ltd.)
Intel(R) Chipset Device Software (HKLM\...\{55398EAC-F58E-4F19-B553-BDF8B9EFD839}) (Version: 10.1.1.9 - Intel Corporation) Hidden
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 18.5 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4425 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Java 8 Update 361 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180361F0}) (Version: 8.0.3610.9 - Oracle Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Lenovo Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.82.00.20 - Lenovo)
Lenovo Diagnostics Tool (HKLM\...\{01ADF966-E3BA-40DC-9037-E90BBA9ED50E}_is1) (Version: 4.35.4 - LENOVO (UNITED STATES) INC.)
LIMBO (HKLM-x32\...\LIMBO) (Version: - )
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 111.0.1661.54 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 111.0.1661.54 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3269600821-496837758-4138566819-1001\...\OneDriveSetup.exe) (Version: 23.048.0305.0002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3269600821-496837758-4138566819-500\...\OneDriveSetup.exe) (Version: 22.141.0703.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.25.28508 (HKLM\...\{7D0B74C2-C3F8-4AF1-940F-CD79AB4B2DCE}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.25.28508 (HKLM\...\{EEA66967-97E2-4561-A999-5C22E3CDE428}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.25.28508 (HKLM-x32\...\{0FA68574-690B-4B00-89AA-B28946231449}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.25.28508 (HKLM-x32\...\{2BC3BD4D-FABA-4394-93C7-9AC82A263FE2}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft1.7.2 (HKLM-x32\...\Minecraft1.7.2) (Version: - )
Mirror's Edge™ (HKLM-x32\...\{AEDBD563-24BB-4EE3-8366-A654DAC2D988}) (Version: 1.0.0.0 - Electronic Arts)
Mobile Broadband Drivers (HKLM\...\{053BB205-59BA-44E5-AD33-F5402494BAB7}) (Version: 8.2.5 - Lenovo) Hidden
Mobile Broadband Drivers v8.2.5 (HKLM-x32\...\{47786bea-6a7b-4d85-9b51-d1db1d022f0a}) (Version: 8.2.5 - Lenovo)
Mount and Blade Warband - Viking Conquest Reforged Edition (HKLM-x32\...\Mount and Blade Warband - Viking Conquest Reforg~0F961404_is1) (Version: - )
Mount and Blade: Warband (2.028_(1.172)_hotfix) (HKLM-x32\...\1207666913_is1) (Version: 0.1.1.310 - GOG.com)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 111.0.1 (x64 cs)) (Version: 111.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 92.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
OpenOffice 4.1.10 (HKLM-x32\...\{7CC01309-694E-48C0-86A7-1DDEE4232E9A}) (Version: 4.110.9807 - Apache Software Foundation)
Path of Exile (HKLM-x32\...\{0f5df724-608b-42fa-91fb-a5a70ee0a10f}) (Version: 3.20.0.10531 - Grinding Gear Games)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 3.20.0.10531 - Grinding Gear Games) Hidden
PrusaSlicer 2.4.0 (HKLM\...\{BB1B5259-42ED-4A8C-A4F7-0D9FD6BF50A7}) (Version: 2.4.0 - Prusa Research) Hidden
PrusaSlicer 2.4.0 (HKLM\...\PrusaSlicer 2.4.0 2.4.0) (Version: 2.4.0 - Prusa Research)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9205.1 - Realtek Semiconductor Corp.)
Reigns: Game of Thrones (HKLM-x32\...\2060365190_is1) (Version: 1.0 - GOG.com)
RimWorld Ideology (HKLM-x32\...\RimWorld Ideology_is1) (Version: - )
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Star Wars Jedi Knight Jedi Academy (HKLM-x32\...\Star Wars Jedi Knight Jedi Academy_is1) (Version: 0.0.0 - DODI-Repacks)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\1207665503_is1) (Version: v1.4.3.6 - GOG.com)
The Battle for Middle-earth (tm) II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version: - )
The Elder Scrolls V Skyrim - Legendary Edition (HKLM-x32\...\The Elder Scrolls V Skyrim - Legendary Edition_is1) (Version: - )
The Stanley Parable (HKLM-x32\...\The Stanley Parable_is1) (Version: - )
The Stanley Parable: Ultra Deluxe (HKLM-x32\...\The Stanley Parable: Ultra Deluxe_is1) (Version: - )
They Are Billions (HKU\S-1-5-21-3269600821-496837758-4138566819-1001\...\They Are Billions) (Version: - HOODLUM)
TMeter 18.0.875 (HKLM\...\TMeter_is1) (Version: - Trafficreg Software)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
ULauncher (HKU\S-1-5-21-3269600821-496837758-4138566819-1001\...\ULauncher) (Version: 0.33.52 - uwow.biz)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Wiggles (HKLM-x32\...\InstallShield_{6CF4CAD7-5102-4CC3-B216-F7AB7462CB96}) (Version: 1.00.000 - Innonics)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Wrye Bash (HKLM-x32\...\Wrye Bash) (Version: 309.1.0.0.0 - Wrye & Wrye Bash Development Team)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-01-02] (Microsoft Corporation)
Reader Notification Client -> C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2022-02-05] (Adobe Systems Incorporated)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-03-22] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0 [2023-03-30] (Spotify AB) [Startup Task]
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x64__8wekyb3d8bbwe [2023-02-24] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.802.31.0_x64__8wekyb3d8bbwe [2023-03-17] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.802.31.0_x86__8wekyb3d8bbwe [2023-03-17] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3269600821-496837758-4138566819-1001_Classes\CLSID\{2EF7E390-2F7C-4F9A-9B7D-4A87B56B711D}\InprocServer32 -> C:\Users\X230\AppData\Local\Microsoft\EdgeUpdate\1.3.173.51\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3269600821-496837758-4138566819-1001_Classes\CLSID\{38971E90-14FD-44F6-AA45-1447B653F873}\InprocServer32 -> C:\Users\X230\AppData\Local\Microsoft\EdgeUpdate\1.3.173.45\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3269600821-496837758-4138566819-1001_Classes\CLSID\{5EA43877-C6D8-4885-B77A-C0BB27E94372}\InprocServer32 -> C:\Users\X230\AppData\Local\Microsoft\EdgeUpdate\1.3.173.51\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3269600821-496837758-4138566819-1001_Classes\CLSID\{81093D63-7825-417B-BFC8-ADC63FA4E53D}\InprocServer32 -> C:\Users\X230\AppData\Local\Microsoft\EdgeUpdate\1.3.173.51\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3269600821-496837758-4138566819-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3269600821-496837758-4138566819-1001_Classes\CLSID\{88B20FC8-EBD6-4181-B5F6-50F45BFF722E}\InprocServer32 -> C:\Users\X230\AppData\Local\Microsoft\EdgeUpdate\1.3.167.21\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3269600821-496837758-4138566819-1001_Classes\CLSID\{997809F3-33FD-4FD6-A2ED-CEF50F3263B1}\InprocServer32 -> C:\Users\X230\AppData\Local\Microsoft\EdgeUpdate\1.3.169.31\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3269600821-496837758-4138566819-1001_Classes\CLSID\{ABF66F82-B04C-4FE4-8272-661539463FE1}\InprocServer32 -> C:\Users\X230\AppData\Local\Microsoft\EdgeUpdate\1.3.171.37\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3269600821-496837758-4138566819-1001_Classes\CLSID\{B29F5F83-90DF-479A-BDE7-8A9F4412E394}\InprocServer32 -> C:\Users\X230\AppData\Local\Microsoft\EdgeUpdate\1.3.171.39\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3269600821-496837758-4138566819-1001_Classes\CLSID\{BFBE0943-74C5-40E0-9E80-0B808109E95D}\InprocServer32 -> C:\Users\X230\AppData\Local\Microsoft\EdgeUpdate\1.3.163.19\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3269600821-496837758-4138566819-1001_Classes\CLSID\{D1CE12B0-2529-4B24-BE8E-189735EA0DC1}\InprocServer32 -> C:\Users\X230\AppData\Local\Microsoft\EdgeUpdate\1.3.165.21\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3269600821-496837758-4138566819-1001_Classes\CLSID\{E8791438-3525-48BF-A600-C577AD1674C2}\InprocServer32 -> C:\Users\X230\AppData\Local\Microsoft\EdgeUpdate\1.3.173.49\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\X230\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\X230\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\X230\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-03-23] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-03-23] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-06-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-03-23] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\X230\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\X230\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-03-23] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\X230\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-06-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\X230\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2016-04-14] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-06-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-03-23] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2008-09-05] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2008-09-05] (Electronic Arts -> On2.com)

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2022-01-31 17:07 - 2018-03-04 12:24 - 005365248 _____ () [File not signed] C:\Program Files\TMeter\mysqlcppconn.dll
2022-06-15 18:00 - 2022-06-15 18:00 - 000094720 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2022-01-31 17:07 - 2018-03-04 12:24 - 000061440 _____ (NT Kernel Resources) [File not signed] C:\Program Files\TMeter\ndisapi.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\DP45977C.lfl:677104FCAA [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk:980850BA8A [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk:DC8F23BC3A [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) HD Graphics Control Panel.lnk:46707D9487 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk:F208FC6732 [10]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_361\bin\ssv.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_361\bin\jp2ssv.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3269600821-496837758-4138566819-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 11:14 - 2022-08-17 01:30 - 000002408 _____ C:\Windows\system32\drivers\etc\hosts
109.94.209.70 fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 fitgirlrepack.games # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 www.fitgirlrepack.games # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repack.net # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site
109.94.209.70 fitgirlpack.site # Fake FitGirl site
109.94.209.70 www.fitgirlpack.site # Fake FitGirl site
109.94.209.70 fitgirl-repack.org # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.org # Fake FitGirl site

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3269600821-496837758-4138566819-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\X230\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-3269600821-496837758-4138566819-500\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Mobilní síť 11: TMeter LightWeight Filter -> nt_tmeter (enabled)
Mobilní síť 7: TMeter LightWeight Filter -> nt_tmeter (enabled)
Mobilní síť 5: TMeter LightWeight Filter -> nt_tmeter (enabled)
Mobilní síť 10: TMeter LightWeight Filter -> nt_tmeter (enabled)
Mobilní síť 2: TMeter LightWeight Filter -> nt_tmeter (enabled)
Ethernet: TMeter LightWeight Filter -> nt_tmeter (enabled)
Mobilní síť 9: TMeter LightWeight Filter -> nt_tmeter (enabled)
Wi-Fi: TMeter LightWeight Filter -> nt_tmeter (enabled)
Mobilní síť 6: TMeter LightWeight Filter -> nt_tmeter (enabled)
Mobilní síť 14: TMeter LightWeight Filter -> nt_tmeter (enabled)
Mobilní síť: TMeter LightWeight Filter -> nt_tmeter (enabled)
Mobilní síť 16: TMeter LightWeight Filter -> nt_tmeter (enabled)
Mobilní síť 8: TMeter LightWeight Filter -> nt_tmeter (enabled)
Mobilní síť 15: TMeter LightWeight Filter -> nt_tmeter (enabled)
Mobilní síť 3: TMeter LightWeight Filter -> nt_tmeter (enabled)
Mobilní síť 12: TMeter LightWeight Filter -> nt_tmeter (enabled)
Mobilní síť 4: TMeter LightWeight Filter -> nt_tmeter (enabled)
Mobilní síť 13: TMeter LightWeight Filter -> nt_tmeter (enabled)
Mobilní síť 17: TMeter LightWeight Filter -> nt_tmeter (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run: => "TrafMonitor"
HKU\S-1-5-21-3269600821-496837758-4138566819-1001\...\StartupApproved\StartupFolder: => "Sonarr.lnk"
HKU\S-1-5-21-3269600821-496837758-4138566819-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3269600821-496837758-4138566819-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3269600821-496837758-4138566819-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3269600821-496837758-4138566819-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3269600821-496837758-4138566819-1001\...\StartupApproved\Run: => "GalaxyClient"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{7B838B66-40B2-45B6-90CC-1B617C8164A0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{055D82F8-0018-4DC7-8068-54237050EAF9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{86371322-1E4A-4C16-99A1-0FC911BE819B}] => (Allow) C:\Users\X230\AppData\Roaming\uTorrent\uTorrent.exe (Rainberry Inc -> BitTorrent Inc.)
FirewallRules: [{F7798305-FF48-4408-A78A-7411A2D571B0}] => (Allow) C:\Users\X230\AppData\Roaming\uTorrent\uTorrent.exe (Rainberry Inc -> BitTorrent Inc.)
FirewallRules: [{BBEE2B1D-511A-4990-8763-D17FF41EB1D7}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{85B0F42C-D9E3-4FAD-A977-1F255D581971}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{6E7EE9A2-1C52-464C-9B2F-72239A42F538}C:\users\x230\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\x230\appdata\roaming\spotify\spotify.exe => No File
FirewallRules: [UDP Query User{7D9D31D0-F22E-4B0B-A347-B0F23FCCD84D}C:\users\x230\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\x230\appdata\roaming\spotify\spotify.exe => No File
FirewallRules: [{9960DD6A-0272-47F5-9FE8-15C95A9FE24F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{5AD66DF6-0CD7-41C9-8546-4B5C8B7C68A6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{442F60C6-D042-4C93-A55F-4E30F43F9CBF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3869FF3E-F983-4C09-A5D1-B3D43308AF98}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B114774A-7B39-45EF-8735-E8035C005986}] => (Allow) C:\Program Files (x86)\EA Games\Mirror's Edge\Binaries\MirrorsEdge.exe => No File
FirewallRules: [{29D2F8E4-D192-4D3D-81FF-93042E797EBE}] => (Allow) C:\Program Files (x86)\EA Games\Mirror's Edge\Binaries\MirrorsEdge.exe => No File
FirewallRules: [{8FB5FE21-2E69-48A6-A1F4-BB6F1FD10895}] => (Allow) LPort=8989
FirewallRules: [{1430FFC4-D546-4EBD-ABB5-D175D74765FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForever.exe () [File not signed]
FirewallRules: [{0455F967-3A0C-4C92-9829-C665E031E0DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForever.exe () [File not signed]
FirewallRules: [{5BB01470-9D7B-4A49-8205-F002E389ED67}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe () [File not signed]
FirewallRules: [{37830FA2-655A-4BD2-BF71-C44B6A247856}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe () [File not signed]
FirewallRules: [TCP Query User{571DC747-0993-4AA3-81E3-BB1577D44ED0}C:\shblas\the stanley parable\thestanleyparable.exe] => (Allow) C:\shblas\the stanley parable\thestanleyparable.exe => No File
FirewallRules: [UDP Query User{DF69058A-BB89-46F3-88A3-BA237EEBFE2E}C:\shblas\the stanley parable\thestanleyparable.exe] => (Allow) C:\shblas\the stanley parable\thestanleyparable.exe => No File
FirewallRules: [TCP Query User{6926388F-33B1-4A75-A3F3-09B6FDD28A86}C:\shblas\terraria.v1.4.2.3\terraria.v1.4.2.3\terraria.exe] => (Allow) C:\shblas\terraria.v1.4.2.3\terraria.v1.4.2.3\terraria.exe => No File
FirewallRules: [UDP Query User{742D0501-B9E8-4F72-9F31-3D6642D6BA80}C:\shblas\terraria.v1.4.2.3\terraria.v1.4.2.3\terraria.exe] => (Allow) C:\shblas\terraria.v1.4.2.3\terraria.v1.4.2.3\terraria.exe => No File
FirewallRules: [TCP Query User{F7A4ED5B-EC66-4D6A-B8C6-A437C379C0CB}C:\shblas\terraria.v1.4.2.3\terraria.v1.4.2.3\terrariaserver.exe] => (Allow) C:\shblas\terraria.v1.4.2.3\terraria.v1.4.2.3\terrariaserver.exe => No File
FirewallRules: [UDP Query User{E776EA13-CD5B-4567-A989-000B8024213C}C:\shblas\terraria.v1.4.2.3\terraria.v1.4.2.3\terrariaserver.exe] => (Allow) C:\shblas\terraria.v1.4.2.3\terraria.v1.4.2.3\terrariaserver.exe => No File
FirewallRules: [TCP Query User{FDE07DD8-952E-447C-9068-DFE20233BC29}C:\program files (x86)\innonics\wiggles\wiggles.exe] => (Allow) C:\program files (x86)\innonics\wiggles\wiggles.exe (SEK-Ost) [File not signed]
FirewallRules: [UDP Query User{45EBF3FA-B9E5-45FC-84FC-4BD06DDE0707}C:\program files (x86)\innonics\wiggles\wiggles.exe] => (Allow) C:\program files (x86)\innonics\wiggles\wiggles.exe (SEK-Ost) [File not signed]
FirewallRules: [{7EE9CA9A-F717-4ECB-A49B-D18AC993564E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tile Runner\game.exe () [File not signed]
FirewallRules: [{5C6C183F-D282-4592-815D-D5CFDF63BB11}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tile Runner\game.exe () [File not signed]
FirewallRules: [TCP Query User{0ADD18B2-C8F7-47BA-B2F8-EBE391826A32}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{D182B734-ED13-4BE4-9DC3-C94F476085A4}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{BE9C4FB9-B478-41BE-A2E7-75D14CBA68AC}C:\program files\dragon.age.origins.ultimate.v2.1.1.5.repack-kaos\bin_ship\daorigins.exe] => (Allow) C:\program files\dragon.age.origins.ultimate.v2.1.1.5.repack-kaos\bin_ship\daorigins.exe => No File
FirewallRules: [UDP Query User{5EFFA72D-1D0E-487A-877C-D7E84A91C9BC}C:\program files\dragon.age.origins.ultimate.v2.1.1.5.repack-kaos\bin_ship\daorigins.exe] => (Allow) C:\program files\dragon.age.origins.ultimate.v2.1.1.5.repack-kaos\bin_ship\daorigins.exe => No File
FirewallRules: [{3FE235E5-7722-45DB-82A9-5C3AC60C05D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Micro Platformer\Micro Platformer.exe () [File not signed]
FirewallRules: [{04B02E2F-A233-4366-9C3D-209DBE33E81D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Micro Platformer\Micro Platformer.exe () [File not signed]
FirewallRules: [TCP Query User{B1F7A75F-4DD3-4906-B83C-8C0279CBDDBF}C:\shblas\the.escapists.2.v1.1.10\theescapists2.exe] => (Block) C:\shblas\the.escapists.2.v1.1.10\theescapists2.exe => No File
FirewallRules: [UDP Query User{3526D03D-5170-4F3F-B0D5-F45D4C8F82E4}C:\shblas\the.escapists.2.v1.1.10\theescapists2.exe] => (Block) C:\shblas\the.escapists.2.v1.1.10\theescapists2.exe => No File
FirewallRules: [TCP Query User{BAAC5159-F75C-4D05-841C-4FA83352786D}C:\program files\creality slicer 4.8.2\crealityslicer.exe] => (Allow) C:\program files\creality slicer 4.8.2\crealityslicer.exe () [File not signed]
FirewallRules: [UDP Query User{E0B4E26B-6D8C-440A-A1BD-E141B0513F48}C:\program files\creality slicer 4.8.2\crealityslicer.exe] => (Allow) C:\program files\creality slicer 4.8.2\crealityslicer.exe () [File not signed]
FirewallRules: [TCP Query User{57EBF15E-76E4-4AF7-B57C-AA2991EE93E8}C:\program files\creality slicer 4.8.2\crealityslicercli.exe] => (Allow) C:\program files\creality slicer 4.8.2\crealityslicercli.exe () [File not signed]
FirewallRules: [UDP Query User{F7A8F702-912E-4352-BDCF-1F6015DAAC06}C:\program files\creality slicer 4.8.2\crealityslicercli.exe] => (Allow) C:\program files\creality slicer 4.8.2\crealityslicercli.exe () [File not signed]
FirewallRules: [TCP Query User{81B50EDD-E6D7-4EB8-9E60-73E748F041F3}C:\shblas\the.beginners.guide\the beginner's guide\beginnersguide.exe] => (Allow) C:\shblas\the.beginners.guide\the beginner's guide\beginnersguide.exe => No File
FirewallRules: [UDP Query User{7B4B8262-4D71-4952-9B6A-93BBC5E28774}C:\shblas\the.beginners.guide\the beginner's guide\beginnersguide.exe] => (Allow) C:\shblas\the.beginners.guide\the beginner's guide\beginnersguide.exe => No File
FirewallRules: [TCP Query User{FAA718BD-FD09-44B4-9A34-2BE76FCE8D83}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe => No File
FirewallRules: [UDP Query User{5CE21945-AE78-49EF-BC42-57F61E406BDB}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe => No File
FirewallRules: [{B89ABDBD-58D8-427E-B957-EE9D4D97CEAC}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe => No File
FirewallRules: [{BC87CE1B-73B4-480E-AC41-9409C06188E6}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe => No File
FirewallRules: [{A1F5F899-D32E-4F40-828B-6606B00E2DF4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe () [File not signed]
FirewallRules: [{B73EF72B-C219-4000-9A1E-015A4C09DF24}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe () [File not signed]
FirewallRules: [{2505469A-A7D4-4B8C-9271-BD5CDEE53F17}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe => No File
FirewallRules: [{E66C95F1-89AF-45EE-A020-5BEF3E48F2C7}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe => No File
FirewallRules: [{38D4D188-FB37-4C51-A055-C2E227A154AC}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe => No File
FirewallRules: [{19365D5F-F4E5-4B29-84DB-D2AE7C31C079}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe => No File
FirewallRules: [{9988CA93-7FA3-4F2E-9BF3-124C3DD71437}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\UPlayBrowser.exe => No File
FirewallRules: [{90120F36-E085-43CF-A1AA-3F48E27D8B67}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\UPlayBrowser.exe => No File
FirewallRules: [TCP Query User{FEA93739-51B4-46EE-8789-60011B873DFA}C:\shblas\ultimate.epic.battle.simulator.v1.9\ultimate.epic.battle.simulator.v1.9\uebs.exe] => (Allow) C:\shblas\ultimate.epic.battle.simulator.v1.9\ultimate.epic.battle.simulator.v1.9\uebs.exe => No File
FirewallRules: [UDP Query User{D33DC823-F38F-4C1E-8A09-E0639D83F83C}C:\shblas\ultimate.epic.battle.simulator.v1.9\ultimate.epic.battle.simulator.v1.9\uebs.exe] => (Allow) C:\shblas\ultimate.epic.battle.simulator.v1.9\ultimate.epic.battle.simulator.v1.9\uebs.exe => No File
FirewallRules: [TCP Query User{BD462CF5-7186-421E-B485-0CDF44A6C8C3}C:\shblas\event 0\event 0\event0.exe] => (Allow) C:\shblas\event 0\event 0\event0.exe => No File
FirewallRules: [UDP Query User{462C29D9-2CE0-47C5-83AA-CA1D39EB3C57}C:\shblas\event 0\event 0\event0.exe] => (Allow) C:\shblas\event 0\event 0\event0.exe => No File
FirewallRules: [TCP Query User{81B81CBD-A0EC-423A-8302-551D3E8411ED}C:\shblas\vampire.survivors.v0.7.230\vampire.survivors.v0.7.230\vampiresurvivors.exe] => (Allow) C:\shblas\vampire.survivors.v0.7.230\vampire.survivors.v0.7.230\vampiresurvivors.exe (Luca Galante) [File not signed]
FirewallRules: [UDP Query User{18FB6128-9A96-4DCB-87BF-E90190D5CA21}C:\shblas\vampire.survivors.v0.7.230\vampire.survivors.v0.7.230\vampiresurvivors.exe] => (Allow) C:\shblas\vampire.survivors.v0.7.230\vampire.survivors.v0.7.230\vampiresurvivors.exe (Luca Galante) [File not signed]
FirewallRules: [TCP Query User{3E0781AD-94AC-43EB-980C-4831B5B321D6}C:\shblas\the.long.drive.v14.04.2022\the.long.drive\thelongdrive.exe] => (Allow) C:\shblas\the.long.drive.v14.04.2022\the.long.drive\thelongdrive.exe => No File
FirewallRules: [UDP Query User{5DB858B7-D702-4D02-81FB-DCB467EB4E80}C:\shblas\the.long.drive.v14.04.2022\the.long.drive\thelongdrive.exe] => (Allow) C:\shblas\the.long.drive.v14.04.2022\the.long.drive\thelongdrive.exe => No File
FirewallRules: [TCP Query User{0CC12F28-BB68-4269-9255-DB11044D6514}C:\shblas\software.inc.v1.1.22\software.inc.v1.1.22\software inc.exe] => (Allow) C:\shblas\software.inc.v1.1.22\software.inc.v1.1.22\software inc.exe => No File
FirewallRules: [UDP Query User{B8DF18EF-F174-438B-891E-5055DFFB8BE8}C:\shblas\software.inc.v1.1.22\software.inc.v1.1.22\software inc.exe] => (Allow) C:\shblas\software.inc.v1.1.22\software.inc.v1.1.22\software inc.exe => No File
FirewallRules: [{B03FF7FB-F63C-453D-834F-7D3C6C6ECD28}] => (Allow) C:\Users\X230\AppData\Local\uwow.biz\ULauncher\ULauncher.exe (Nikitenko Vitalii -> )
FirewallRules: [{3D04ECC9-8C07-4956-8D4C-F3554B0FE34A}] => (Allow) C:\Users\X230\AppData\Local\uwow.biz\ULauncher\ULauncher.exe (Nikitenko Vitalii -> )
FirewallRules: [{49F1F179-BA03-40D1-A89D-E9D25A09DE30}] => (Allow) C:\Users\X230\AppData\Local\uwow.biz\ULauncher\ULauncher-64.exe (Nikitenko Vitalii -> )
FirewallRules: [{C32B7E50-3CA0-4BFD-8722-A1DF27D16793}] => (Allow) C:\Users\X230\AppData\Local\uwow.biz\ULauncher\ULauncher-64.exe (Nikitenko Vitalii -> )
FirewallRules: [TCP Query User{6371FA01-2809-4E0D-91CE-5C17C0F19145}C:\users\x230\appdata\roaming\utorrent\updates\utorrent.exe] => (Allow) C:\users\x230\appdata\roaming\utorrent\updates\utorrent.exe (Rainberry Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{1DB146D7-4A21-40F1-AEDE-CBC56CE0EDB6}C:\users\x230\appdata\roaming\utorrent\updates\utorrent.exe] => (Allow) C:\users\x230\appdata\roaming\utorrent\updates\utorrent.exe (Rainberry Inc -> BitTorrent Inc.)
FirewallRules: [{E344E122-68EE-4C7D-91E5-5CCC3026AE2B}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\111.0.1661.54\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B62816E4-D2E7-4129-928C-D7E190825ADC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.95.3413.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B360BA29-4566-4FF5-B2F6-8562F9870538}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.95.3413.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C1C4A624-CB1B-48FA-BA0A-E33AFE8E1DAB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.95.3413.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{47C011CF-ED53-480F-9151-EF9E3C1F4019}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.95.3413.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{ECE15261-4E99-4B9B-BC19-BC969CD3D2FF}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{69B3B1E5-04FD-4584-BD79-C0289B1163EF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{21122E8C-B715-4DF3-9331-B03F40147107}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C46A6253-3FAD-4C00-A8A9-D3BCF8D84049}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{24D1B0EF-DE2C-4EE7-9E29-88B7AEEFE1B1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1168F0AE-DCFB-41A6-85EA-50F872F7DE47}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2A7C1EBC-0E84-43B8-995D-4545C569751B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C1F15E26-89C3-4BE1-9C61-62DC8F07FAE6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E81C9351-E5E7-4C31-86D0-C8844986EF2E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AF75460E-FDD8-4640-91A0-B063D7BF0956}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CDB44135-F5C5-447A-AE7A-4433BEC0A822}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/27/2023 04:02:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: jasp.exe, verze: 1.0.1.0, časové razítko: 0x3f999a27
Název chybujícího modulu: D3D9.DLL, verze: 10.0.19041.2311, časové razítko: 0x28d34277
Kód výjimky: 0xc0000005
Posun chyby: 0x0007f27f
ID chybujícího procesu: 0x23ec
Čas spuštění chybující aplikace: 0x01d960b34e8ad43f
Cesta k chybující aplikaci: C:\SHBLAS\Star Wars Jedi Knight Jedi Academycc\GameData\jasp.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\D3D9.DLL
ID zprávy: 84314543-e4d0-492a-910a-6228d75f833f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/27/2023 03:41:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: jasp.exe, verze: 1.0.1.0, časové razítko: 0x3f999a27
Název chybujícího modulu: D3D9.DLL, verze: 10.0.19041.2311, časové razítko: 0x28d34277
Kód výjimky: 0xc0000005
Posun chyby: 0x0007f27f
ID chybujícího procesu: 0x27bc
Čas spuštění chybující aplikace: 0x01d960b1d1f421b5
Cesta k chybující aplikaci: C:\SHBLAS\Star Wars Jedi Knight Jedi Academycc\GameData\jasp.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\D3D9.DLL
ID zprávy: e99989f2-80f1-4e0b-82d5-0701e535ce23
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/27/2023 03:37:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: jasp.exe, verze: 1.0.1.0, časové razítko: 0x3f999a27
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x4252415f
ID chybujícího procesu: 0x3524
Čas spuštění chybující aplikace: 0x01d960b1400f7929
Cesta k chybující aplikaci: C:\SHBLAS\Star Wars Jedi Knight Jedi Academycc\GameData\jasp.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 6eb6db9e-c2d6-4f76-95a3-1f95c7df11d4
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/27/2023 03:37:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: jasp.exe, verze: 1.0.1.0, časové razítko: 0x3f999a27
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x4252415f
ID chybujícího procesu: 0x138c
Čas spuštění chybující aplikace: 0x01d960b136e9348c
Cesta k chybující aplikaci: C:\SHBLAS\Star Wars Jedi Knight Jedi Academycc\GameData\jasp.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 1cab4da1-40e4-43ad-b41f-63837e72405b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/27/2023 02:50:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: jasp.exe, verze: 1.0.1.0, časové razítko: 0x3f999a27
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x4252415f
ID chybujícího procesu: 0x2230
Čas spuštění chybující aplikace: 0x01d960aaa20d8f64
Cesta k chybující aplikaci: C:\GOG Games\Star Wars Jedi Knight - Jedi Academy\GameData\jasp.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 8b9967c4-b40f-4f75-940f-2457e18747dc
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/27/2023 02:49:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: jasp.exe, verze: 1.0.1.0, časové razítko: 0x3f999a27
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x4252415f
ID chybujícího procesu: 0x1624
Čas spuštění chybující aplikace: 0x01d960aa91bb9ed2
Cesta k chybující aplikaci: C:\GOG Games\Star Wars Jedi Knight - Jedi Academy\GameData\jasp.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 816a7a40-9df8-47e1-8d56-2558a76a2cfb
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/27/2023 02:48:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: JediAcademy.exe, verze: 0.0.0.0, časové razítko: 0x3f09c821
Název chybujícího modulu: JediAcademy.exe, verze: 0.0.0.0, časové razítko: 0x3f09c821
Kód výjimky: 0xc0000005
Posun chyby: 0x00013056
ID chybujícího procesu: 0x27e0
Čas spuštění chybující aplikace: 0x01d960aa76b5c908
Cesta k chybující aplikaci: C:\GOG Games\Star Wars Jedi Knight - Jedi Academy\JediAcademy.exe
Cesta k chybujícímu modulu: C:\GOG Games\Star Wars Jedi Knight - Jedi Academy\JediAcademy.exe
ID zprávy: 500189c4-8df8-43c6-98ff-e1d0c12cb805
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/27/2023 02:48:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: JediAcademy.exe, verze: 0.0.0.0, časové razítko: 0x3f09c821
Název chybujícího modulu: JediAcademy.exe, verze: 0.0.0.0, časové razítko: 0x3f09c821
Kód výjimky: 0xc0000409
Posun chyby: 0x00013056
ID chybujícího procesu: 0x27e0
Čas spuštění chybující aplikace: 0x01d960aa76b5c908
Cesta k chybující aplikaci: C:\GOG Games\Star Wars Jedi Knight - Jedi Academy\JediAcademy.exe
Cesta k chybujícímu modulu: C:\GOG Games\Star Wars Jedi Knight - Jedi Academy\JediAcademy.exe
ID zprávy: 1027e37c-f83f-4cbc-85ca-d3f1e86ad463
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (03/30/2023 11:57:05 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (03/30/2023 11:52:33 AM) (Source: Tcpip) (EventID: 4294) (User: )
Description: Pokus o vymazání filtru slučování paketů ze síťového adaptéru s hardwarovou adresou 24-FD-52-1B-80-10 se nezdařil (IPv4 0xc023002f 5).

Error: (03/30/2023 01:25:34 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-KNL8DH0)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/29/2023 04:28:38 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (03/28/2023 10:39:32 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_6b94164 byla ukončena s následující chybou:
Zařízení není připraveno.

Error: (03/28/2023 06:15:39 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-KNL8DH0)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/28/2023 02:03:46 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-KNL8DH0)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/28/2023 02:03:46 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-KNL8DH0)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
================
Date: 2021-09-11 13:12:49
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUA:Win32/uTorrent
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\X230\Downloads\uTorrent.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-KNL8DH0\X230
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.349.536.0, AS: 1.349.536.0, NIS: 1.349.536.0
Verze modulu: AM: 1.1.18500.10, NIS: 1.1.18500.10

Date: 2021-09-11 13:11:18
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: App:Utorrent_BundleInstaller
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\X230\Downloads\utweb_installer.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-KNL8DH0\X230
Název procesu: C:\Program Files\Mozilla Firefox\firefox.exe
Verze bezpečnostních informací: AV: 1.349.536.0, AS: 1.349.536.0, NIS: 1.349.536.0
Verze modulu: AM: 1.1.18500.10, NIS: 1.1.18500.10

Date: 2021-09-11 12:05:08
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1F7A08C1-4117-42DC-95B0-1374EC7499ED}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-09-11 11:54:31
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {756DFA09-DE59-4F6C-9B8D-10AEEE3F0686}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-09-11 11:52:10
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {8D7862E3-4F7F-49BE-A78A-17B0343D9A02}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2021-07-08 11:17:16
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.343.615.0
Předchozí verze bezpečnostních informací: 1.341.1110.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-07-08 11:17:16
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.343.615.0
Předchozí verze bezpečnostních informací: 1.341.1110.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-07-08 11:17:16
Description:
Program Antivirová ochrana v programu Microsoft Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-07-08 11:10:43
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.343.615.0
Předchozí verze bezpečnostních informací: 1.341.1110.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-07-08 11:10:43
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.343.615.0
Předchozí verze bezpečnostních informací: 1.341.1110.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

CodeIntegrity:
===============
Date: 2023-03-30 11:54:53
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO G2ETB7WW (2.77 ) 09/24/2019
Motherboard: LENOVO 2325VJV
Processor: Intel(R) Core(TM) i7-3520M CPU @ 2.90GHz
Percentage of memory in use: 51%
Total physical RAM: 8009.91 MB
Available physical RAM: 3887.66 MB
Total Virtual: 9289.91 MB
Available Virtual: 4271.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.96 GB) (Free:6.55 GB) (Model: KIOXIA-EXCERIA SATA SSD) NTFS

\\?\Volume{1770d6a2-6fd8-48b2-a01d-abe3e3e39064}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{1e5900d8-02cf-46a0-8634-ac17005e7dbc}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Koukám, že se tam asi něco najde :lol:
Dííky moc za pomoc :D

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118195
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Preventivka - dlouho nekontrolováno

#2 Příspěvek od Rudy »

Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3269600821-496837758-4138566819-1001\...\Run: [GalaxyClient] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe /launchViaAutoStart (No File)
HKU\S-1-5-21-3269600821-496837758-4138566819-1001\...\MountPoints2: {887ba6e6-1213-11ec-b4c4-2cd05a7fe6a2} - "E:\Lenovo_Suite.exe"
HKU\S-1-5-21-3269600821-496837758-4138566819-500\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3269600821-496837758-4138566819-500\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {2C846061-65C6-4667-A1EA-B3D56B2340BB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-06-20] (Google LLC -> Google LLC)
Task: {5C25C2A1-8B52-4A8C-A3F5-CC91069B8FB9} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe PendingTask (No File)
Task: {7244790E-DD85-4F0D-9912-91FF836522EA} - System32\Tasks\Trojan Remover => C:\Program Files\Loaris Trojan Remover\ltr.exe (No File)
Task: {C02C6542-F1E8-4454-AC45-98827C1C3360} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe -autostart (No File)
Task: {0FBFACBC-98F7-4129-8E24-BF2E605DBC6C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-06-20] (Google LLC -> Google LLC)
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Users\X230\AppData\Roaming\~SiMPLEX.ini
CustomCLSID: HKU\S-1-5-21-3269600821-496837758-4138566819-1001_Classes\CLSID\{38971E90-14FD-44F6-AA45-1447B653F873}\InprocServer32 -> C:\Users\X230\AppData\Local\Microsoft\EdgeUpdate\1.3.173.45\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3269600821-496837758-4138566819-1001_Classes\CLSID\{88B20FC8-EBD6-4181-B5F6-50F45BFF722E}\InprocServer32 -> C:\Users\X230\AppData\Local\Microsoft\EdgeUpdate\1.3.167.21\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3269600821-496837758-4138566819-1001_Classes\CLSID\{997809F3-33FD-4FD6-A2ED-CEF50F3263B1}\InprocServer32 -> C:\Users\X230\AppData\Local\Microsoft\EdgeUpdate\1.3.169.31\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3269600821-496837758-4138566819-1001_Classes\CLSID\{ABF66F82-B04C-4FE4-8272-661539463FE1}\InprocServer32 -> C:\Users\X230\AppData\Local\Microsoft\EdgeUpdate\1.3.171.37\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3269600821-496837758-4138566819-1001_Classes\CLSID\{B29F5F83-90DF-479A-BDE7-8A9F4412E394}\InprocServer32 -> C:\Users\X230\AppData\Local\Microsoft\EdgeUpdate\1.3.171.39\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3269600821-496837758-4138566819-1001_Classes\CLSID\{BFBE0943-74C5-40E0-9E80-0B808109E95D}\InprocServer32 -> C:\Users\X230\AppData\Local\Microsoft\EdgeUpdate\1.3.163.19\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3269600821-496837758-4138566819-1001_Classes\CLSID\{D1CE12B0-2529-4B24-BE8E-189735EA0DC1}\InprocServer32 -> C:\Users\X230\AppData\Local\Microsoft\EdgeUpdate\1.3.165.21\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3269600821-496837758-4138566819-1001_Classes\CLSID\{E8791438-3525-48BF-A600-C577AD1674C2}\InprocServer32 -> C:\Users\X230\AppData\Local\Microsoft\EdgeUpdate\1.3.173.49\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\X230\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\X230\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\X230\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\X230\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\X230\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\X230\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\X230\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\ProgramData\DP45977C.lfl:677104FCAA [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk:980850BA8A [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk:DC8F23BC3A [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) HD Graphics Control Panel.lnk:46707D9487 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk:F208FC6732 [10]
FirewallRules: [TCP Query User{6E7EE9A2-1C52-464C-9B2F-72239A42F538}C:\users\x230\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\x230\appdata\roaming\spotify\spotify.exe => No File
FirewallRules: [UDP Query User{7D9D31D0-F22E-4B0B-A347-B0F23FCCD84D}C:\users\x230\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\x230\appdata\roaming\spotify\spotify.exe => No File
FirewallRules: [{B114774A-7B39-45EF-8735-E8035C005986}] => (Allow) C:\Program Files (x86)\EA Games\Mirror's Edge\Binaries\MirrorsEdge.exe => No File
FirewallRules: [{29D2F8E4-D192-4D3D-81FF-93042E797EBE}] => (Allow) C:\Program Files (x86)\EA Games\Mirror's Edge\Binaries\MirrorsEdge.exe => No File
FirewallRules: [TCP Query User{571DC747-0993-4AA3-81E3-BB1577D44ED0}C:\shblas\the stanley parable\thestanleyparable.exe] => (Allow) C:\shblas\the stanley parable\thestanleyparable.exe => No File
FirewallRules: [UDP Query User{DF69058A-BB89-46F3-88A3-BA237EEBFE2E}C:\shblas\the stanley parable\thestanleyparable.exe] => (Allow) C:\shblas\the stanley parable\thestanleyparable.exe => No File
FirewallRules: [TCP Query User{6926388F-33B1-4A75-A3F3-09B6FDD28A86}C:\shblas\terraria.v1.4.2.3\terraria.v1.4.2.3\terraria.exe] => (Allow) C:\shblas\terraria.v1.4.2.3\terraria.v1.4.2.3\terraria.exe => No File
FirewallRules: [UDP Query User{742D0501-B9E8-4F72-9F31-3D6642D6BA80}C:\shblas\terraria.v1.4.2.3\terraria.v1.4.2.3\terraria.exe] => (Allow) C:\shblas\terraria.v1.4.2.3\terraria.v1.4.2.3\terraria.exe => No File
FirewallRules: [TCP Query User{F7A4ED5B-EC66-4D6A-B8C6-A437C379C0CB}C:\shblas\terraria.v1.4.2.3\terraria.v1.4.2.3\terrariaserver.exe] => (Allow) C:\shblas\terraria.v1.4.2.3\terraria.v1.4.2.3\terrariaserver.exe => No File
FirewallRules: [UDP Query User{E776EA13-CD5B-4567-A989-000B8024213C}C:\shblas\terraria.v1.4.2.3\terraria.v1.4.2.3\terrariaserver.exe] => (Allow) C:\shblas\terraria.v1.4.2.3\terraria.v1.4.2.3\terrariaserver.exe => No File
FirewallRules: [TCP Query User{BE9C4FB9-B478-41BE-A2E7-75D14CBA68AC}C:\program files\dragon.age.origins.ultimate.v2.1.1.5.repack-kaos\bin_ship\daorigins.exe] => (Allow) C:\program files\dragon.age.origins.ultimate.v2.1.1.5.repack-kaos\bin_ship\daorigins.exe => No File
FirewallRules: [UDP Query User{5EFFA72D-1D0E-487A-877C-D7E84A91C9BC}C:\program files\dragon.age.origins.ultimate.v2.1.1.5.repack-kaos\bin_ship\daorigins.exe] => (Allow) C:\program files\dragon.age.origins.ultimate.v2.1.1.5.repack-kaos\bin_ship\daorigins.exe => No File
FirewallRules: [TCP Query User{B1F7A75F-4DD3-4906-B83C-8C0279CBDDBF}C:\shblas\the.escapists.2.v1.1.10\theescapists2.exe] => (Block) C:\shblas\the.escapists.2.v1.1.10\theescapists2.exe => No File
FirewallRules: [UDP Query User{3526D03D-5170-4F3F-B0D5-F45D4C8F82E4}C:\shblas\the.escapists.2.v1.1.10\theescapists2.exe] => (Block) C:\shblas\the.escapists.2.v1.1.10\theescapists2.exe => No File
FirewallRules: [TCP Query User{81B50EDD-E6D7-4EB8-9E60-73E748F041F3}C:\shblas\the.beginners.guide\the beginner's guide\beginnersguide.exe] => (Allow) C:\shblas\the.beginners.guide\the beginner's guide\beginnersguide.exe => No File
FirewallRules: [UDP Query User{7B4B8262-4D71-4952-9B6A-93BBC5E28774}C:\shblas\the.beginners.guide\the beginner's guide\beginnersguide.exe] => (Allow) C:\shblas\the.beginners.guide\the beginner's guide\beginnersguide.exe => No File
FirewallRules: [TCP Query User{FAA718BD-FD09-44B4-9A34-2BE76FCE8D83}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe => No File
FirewallRules: [UDP Query User{5CE21945-AE78-49EF-BC42-57F61E406BDB}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe => No File
FirewallRules: [{B89ABDBD-58D8-427E-B957-EE9D4D97CEAC}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe => No File
FirewallRules: [{BC87CE1B-73B4-480E-AC41-9409C06188E6}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe => No File
FirewallRules: [{2505469A-A7D4-4B8C-9271-BD5CDEE53F17}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe => No File
FirewallRules: [{E66C95F1-89AF-45EE-A020-5BEF3E48F2C7}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe => No File
FirewallRules: [{38D4D188-FB37-4C51-A055-C2E227A154AC}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe => No File
FirewallRules: [{19365D5F-F4E5-4B29-84DB-D2AE7C31C079}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe => No File
FirewallRules: [{9988CA93-7FA3-4F2E-9BF3-124C3DD71437}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\UPlayBrowser.exe => No File
FirewallRules: [{90120F36-E085-43CF-A1AA-3F48E27D8B67}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\UPlayBrowser.exe => No File
FirewallRules: [TCP Query User{FEA93739-51B4-46EE-8789-60011B873DFA}C:\shblas\ultimate.epic.battle.simulator.v1.9\ultimate.epic.battle.simulator.v1.9\uebs.exe] => (Allow) C:\shblas\ultimate.epic.battle.simulator.v1.9\ultimate.epic.battle.simulator.v1.9\uebs.exe => No File
FirewallRules: [UDP Query User{D33DC823-F38F-4C1E-8A09-E0639D83F83C}C:\shblas\ultimate.epic.battle.simulator.v1.9\ultimate.epic.battle.simulator.v1.9\uebs.exe] => (Allow) C:\shblas\ultimate.epic.battle.simulator.v1.9\ultimate.epic.battle.simulator.v1.9\uebs.exe => No File
FirewallRules: [TCP Query User{BD462CF5-7186-421E-B485-0CDF44A6C8C3}C:\shblas\event 0\event 0\event0.exe] => (Allow) C:\shblas\event 0\event 0\event0.exe => No File
FirewallRules: [UDP Query User{462C29D9-2CE0-47C5-83AA-CA1D39EB3C57}C:\shblas\event 0\event 0\event0.exe] => (Allow) C:\shblas\event 0\event 0\event0.exe => No File
FirewallRules: [TCP Query User{3E0781AD-94AC-43EB-980C-4831B5B321D6}C:\shblas\the.long.drive.v14.04.2022\the.long.drive\thelongdrive.exe] => (Allow) C:\shblas\the.long.drive.v14.04.2022\the.long.drive\thelongdrive.exe => No File
FirewallRules: [UDP Query User{5DB858B7-D702-4D02-81FB-DCB467EB4E80}C:\shblas\the.long.drive.v14.04.2022\the.long.drive\thelongdrive.exe] => (Allow) C:\shblas\the.long.drive.v14.04.2022\the.long.drive\thelongdrive.exe => No File
FirewallRules: [TCP Query User{0CC12F28-BB68-4269-9255-DB11044D6514}C:\shblas\software.inc.v1.1.22\software.inc.v1.1.22\software inc.exe] => (Allow) C:\shblas\software.inc.v1.1.22\software.inc.v1.1.22\software inc.exe => No File
FirewallRules: [UDP Query User{B8DF18EF-F174-438B-891E-5055DFFB8BE8}C:\shblas\software.inc.v1.1.22\software.inc.v1.1.22\software inc.exe] => (Allow) C:\shblas\software.inc.v1.1.22\software.inc.v1.1.22\software inc.exe => No File
C:\Users\X230\Downloads\uTorrent.exe
C:\Users\X230\Downloads\utweb_installer.exe

Hosts:
EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Lorganification
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 14 zář 2021 10:34

Re: Preventivka - dlouho nekontrolováno

#3 Příspěvek od Lorganification »

Zdravím! :-)

Omlouvám se za delší prodlevu, byl jsem pracovně mimo dosah svého pc :D

fixlog.txt -

Fix result of Farbar Recovery Scan Tool (x64) Version: 25-03-2023
Ran by X230 (03-04-2023 13:21:53) Run:1
Running from C:\Users\X230\Desktop
Loaded Profiles: X230 & Administrator
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3269600821-496837758-4138566819-1001\...\Run: [GalaxyClient] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe /launchViaAutoStart (No File)
HKU\S-1-5-21-3269600821-496837758-4138566819-1001\...\MountPoints2: {887ba6e6-1213-11ec-b4c4-2cd05a7fe6a2} - "E:\Lenovo_Suite.exe"
HKU\S-1-5-21-3269600821-496837758-4138566819-500\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3269600821-496837758-4138566819-500\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {2C846061-65C6-4667-A1EA-B3D56B2340BB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-06-20] (Google LLC -> Google LLC)
Task: {5C25C2A1-8B52-4A8C-A3F5-CC91069B8FB9} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe PendingTask (No File)
Task: {7244790E-DD85-4F0D-9912-91FF836522EA} - System32\Tasks\Trojan Remover => C:\Program Files\Loaris Trojan Remover\ltr.exe (No File)
Task: {C02C6542-F1E8-4454-AC45-98827C1C3360} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe -autostart (No File)
Task: {0FBFACBC-98F7-4129-8E24-BF2E605DBC6C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-06-20] (Google LLC -> Google LLC)
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Users\X230\AppData\Roaming\~SiMPLEX.ini
CustomCLSID: HKU\S-1-5-21-3269600821-496837758-4138566819-1001_Classes\CLSID\{38971E90-14FD-44F6-AA45-1447B653F873}\InprocServer32 -> C:\Users\X230\AppData\Local\Microsoft\EdgeUpdate\1.3.173.45\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3269600821-496837758-4138566819-1001_Classes\CLSID\{88B20FC8-EBD6-4181-B5F6-50F45BFF722E}\InprocServer32 -> C:\Users\X230\AppData\Local\Microsoft\EdgeUpdate\1.3.167.21\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3269600821-496837758-4138566819-1001_Classes\CLSID\{997809F3-33FD-4FD6-A2ED-CEF50F3263B1}\InprocServer32 -> C:\Users\X230\AppData\Local\Microsoft\EdgeUpdate\1.3.169.31\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3269600821-496837758-4138566819-1001_Classes\CLSID\{ABF66F82-B04C-4FE4-8272-661539463FE1}\InprocServer32 -> C:\Users\X230\AppData\Local\Microsoft\EdgeUpdate\1.3.171.37\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3269600821-496837758-4138566819-1001_Classes\CLSID\{B29F5F83-90DF-479A-BDE7-8A9F4412E394}\InprocServer32 -> C:\Users\X230\AppData\Local\Microsoft\EdgeUpdate\1.3.171.39\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3269600821-496837758-4138566819-1001_Classes\CLSID\{BFBE0943-74C5-40E0-9E80-0B808109E95D}\InprocServer32 -> C:\Users\X230\AppData\Local\Microsoft\EdgeUpdate\1.3.163.19\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3269600821-496837758-4138566819-1001_Classes\CLSID\{D1CE12B0-2529-4B24-BE8E-189735EA0DC1}\InprocServer32 -> C:\Users\X230\AppData\Local\Microsoft\EdgeUpdate\1.3.165.21\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3269600821-496837758-4138566819-1001_Classes\CLSID\{E8791438-3525-48BF-A600-C577AD1674C2}\InprocServer32 -> C:\Users\X230\AppData\Local\Microsoft\EdgeUpdate\1.3.173.49\psuser_64.dll => No File
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\X230\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\X230\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\X230\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\X230\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\X230\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\X230\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\X230\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\ProgramData\DP45977C.lfl:677104FCAA [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk:980850BA8A [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk:DC8F23BC3A [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) HD Graphics Control Panel.lnk:46707D9487 [10]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk:F208FC6732 [10]
FirewallRules: [TCP Query User{6E7EE9A2-1C52-464C-9B2F-72239A42F538}C:\users\x230\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\x230\appdata\roaming\spotify\spotify.exe => No File
FirewallRules: [UDP Query User{7D9D31D0-F22E-4B0B-A347-B0F23FCCD84D}C:\users\x230\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\x230\appdata\roaming\spotify\spotify.exe => No File
FirewallRules: [{B114774A-7B39-45EF-8735-E8035C005986}] => (Allow) C:\Program Files (x86)\EA Games\Mirror's Edge\Binaries\MirrorsEdge.exe => No File
FirewallRules: [{29D2F8E4-D192-4D3D-81FF-93042E797EBE}] => (Allow) C:\Program Files (x86)\EA Games\Mirror's Edge\Binaries\MirrorsEdge.exe => No File
FirewallRules: [TCP Query User{571DC747-0993-4AA3-81E3-BB1577D44ED0}C:\shblas\the stanley parable\thestanleyparable.exe] => (Allow) C:\shblas\the stanley parable\thestanleyparable.exe => No File
FirewallRules: [UDP Query User{DF69058A-BB89-46F3-88A3-BA237EEBFE2E}C:\shblas\the stanley parable\thestanleyparable.exe] => (Allow) C:\shblas\the stanley parable\thestanleyparable.exe => No File
FirewallRules: [TCP Query User{6926388F-33B1-4A75-A3F3-09B6FDD28A86}C:\shblas\terraria.v1.4.2.3\terraria.v1.4.2.3\terraria.exe] => (Allow) C:\shblas\terraria.v1.4.2.3\terraria.v1.4.2.3\terraria.exe => No File
FirewallRules: [UDP Query User{742D0501-B9E8-4F72-9F31-3D6642D6BA80}C:\shblas\terraria.v1.4.2.3\terraria.v1.4.2.3\terraria.exe] => (Allow) C:\shblas\terraria.v1.4.2.3\terraria.v1.4.2.3\terraria.exe => No File
FirewallRules: [TCP Query User{F7A4ED5B-EC66-4D6A-B8C6-A437C379C0CB}C:\shblas\terraria.v1.4.2.3\terraria.v1.4.2.3\terrariaserver.exe] => (Allow) C:\shblas\terraria.v1.4.2.3\terraria.v1.4.2.3\terrariaserver.exe => No File
FirewallRules: [UDP Query User{E776EA13-CD5B-4567-A989-000B8024213C}C:\shblas\terraria.v1.4.2.3\terraria.v1.4.2.3\terrariaserver.exe] => (Allow) C:\shblas\terraria.v1.4.2.3\terraria.v1.4.2.3\terrariaserver.exe => No File
FirewallRules: [TCP Query User{BE9C4FB9-B478-41BE-A2E7-75D14CBA68AC}C:\program files\dragon.age.origins.ultimate.v2.1.1.5.repack-kaos\bin_ship\daorigins.exe] => (Allow) C:\program files\dragon.age.origins.ultimate.v2.1.1.5.repack-kaos\bin_ship\daorigins.exe => No File
FirewallRules: [UDP Query User{5EFFA72D-1D0E-487A-877C-D7E84A91C9BC}C:\program files\dragon.age.origins.ultimate.v2.1.1.5.repack-kaos\bin_ship\daorigins.exe] => (Allow) C:\program files\dragon.age.origins.ultimate.v2.1.1.5.repack-kaos\bin_ship\daorigins.exe => No File
FirewallRules: [TCP Query User{B1F7A75F-4DD3-4906-B83C-8C0279CBDDBF}C:\shblas\the.escapists.2.v1.1.10\theescapists2.exe] => (Block) C:\shblas\the.escapists.2.v1.1.10\theescapists2.exe => No File
FirewallRules: [UDP Query User{3526D03D-5170-4F3F-B0D5-F45D4C8F82E4}C:\shblas\the.escapists.2.v1.1.10\theescapists2.exe] => (Block) C:\shblas\the.escapists.2.v1.1.10\theescapists2.exe => No File
FirewallRules: [TCP Query User{81B50EDD-E6D7-4EB8-9E60-73E748F041F3}C:\shblas\the.beginners.guide\the beginner's guide\beginnersguide.exe] => (Allow) C:\shblas\the.beginners.guide\the beginner's guide\beginnersguide.exe => No File
FirewallRules: [UDP Query User{7B4B8262-4D71-4952-9B6A-93BBC5E28774}C:\shblas\the.beginners.guide\the beginner's guide\beginnersguide.exe] => (Allow) C:\shblas\the.beginners.guide\the beginner's guide\beginnersguide.exe => No File
FirewallRules: [TCP Query User{FAA718BD-FD09-44B4-9A34-2BE76FCE8D83}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe => No File
FirewallRules: [UDP Query User{5CE21945-AE78-49EF-BC42-57F61E406BDB}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe => No File
FirewallRules: [{B89ABDBD-58D8-427E-B957-EE9D4D97CEAC}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe => No File
FirewallRules: [{BC87CE1B-73B4-480E-AC41-9409C06188E6}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe => No File
FirewallRules: [{2505469A-A7D4-4B8C-9271-BD5CDEE53F17}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe => No File
FirewallRules: [{E66C95F1-89AF-45EE-A020-5BEF3E48F2C7}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe => No File
FirewallRules: [{38D4D188-FB37-4C51-A055-C2E227A154AC}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe => No File
FirewallRules: [{19365D5F-F4E5-4B29-84DB-D2AE7C31C079}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe => No File
FirewallRules: [{9988CA93-7FA3-4F2E-9BF3-124C3DD71437}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\UPlayBrowser.exe => No File
FirewallRules: [{90120F36-E085-43CF-A1AA-3F48E27D8B67}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\UPlayBrowser.exe => No File
FirewallRules: [TCP Query User{FEA93739-51B4-46EE-8789-60011B873DFA}C:\shblas\ultimate.epic.battle.simulator.v1.9\ultimate.epic.battle.simulator.v1.9\uebs.exe] => (Allow) C:\shblas\ultimate.epic.battle.simulator.v1.9\ultimate.epic.battle.simulator.v1.9\uebs.exe => No File
FirewallRules: [UDP Query User{D33DC823-F38F-4C1E-8A09-E0639D83F83C}C:\shblas\ultimate.epic.battle.simulator.v1.9\ultimate.epic.battle.simulator.v1.9\uebs.exe] => (Allow) C:\shblas\ultimate.epic.battle.simulator.v1.9\ultimate.epic.battle.simulator.v1.9\uebs.exe => No File
FirewallRules: [TCP Query User{BD462CF5-7186-421E-B485-0CDF44A6C8C3}C:\shblas\event 0\event 0\event0.exe] => (Allow) C:\shblas\event 0\event 0\event0.exe => No File
FirewallRules: [UDP Query User{462C29D9-2CE0-47C5-83AA-CA1D39EB3C57}C:\shblas\event 0\event 0\event0.exe] => (Allow) C:\shblas\event 0\event 0\event0.exe => No File
FirewallRules: [TCP Query User{3E0781AD-94AC-43EB-980C-4831B5B321D6}C:\shblas\the.long.drive.v14.04.2022\the.long.drive\thelongdrive.exe] => (Allow) C:\shblas\the.long.drive.v14.04.2022\the.long.drive\thelongdrive.exe => No File
FirewallRules: [UDP Query User{5DB858B7-D702-4D02-81FB-DCB467EB4E80}C:\shblas\the.long.drive.v14.04.2022\the.long.drive\thelongdrive.exe] => (Allow) C:\shblas\the.long.drive.v14.04.2022\the.long.drive\thelongdrive.exe => No File
FirewallRules: [TCP Query User{0CC12F28-BB68-4269-9255-DB11044D6514}C:\shblas\software.inc.v1.1.22\software.inc.v1.1.22\software inc.exe] => (Allow) C:\shblas\software.inc.v1.1.22\software.inc.v1.1.22\software inc.exe => No File
FirewallRules: [UDP Query User{B8DF18EF-F174-438B-891E-5055DFFB8BE8}C:\shblas\software.inc.v1.1.22\software.inc.v1.1.22\software inc.exe] => (Allow) C:\shblas\software.inc.v1.1.22\software.inc.v1.1.22\software inc.exe => No File
C:\Users\X230\Downloads\uTorrent.exe
C:\Users\X230\Downloads\utweb_installer.exe

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
"HKU\S-1-5-21-3269600821-496837758-4138566819-1001\Software\Microsoft\Windows\CurrentVersion\Run\\GalaxyClient" => removed successfully
HKU\S-1-5-21-3269600821-496837758-4138566819-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{887ba6e6-1213-11ec-b4c4-2cd05a7fe6a2} => removed successfully
"HKU\S-1-5-21-3269600821-496837758-4138566819-500\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Delete Cached Update Binary" => removed successfully
"HKU\S-1-5-21-3269600821-496837758-4138566819-500\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Delete Cached Standalone Update Binary" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2C846061-65C6-4667-A1EA-B3D56B2340BB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C846061-65C6-4667-A1EA-B3D56B2340BB}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5C25C2A1-8B52-4A8C-A3F5-CC91069B8FB9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C25C2A1-8B52-4A8C-A3F5-CC91069B8FB9}" => removed successfully
C:\Windows\System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TVT\TVSUUpdateTask_UserLogOn" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7244790E-DD85-4F0D-9912-91FF836522EA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7244790E-DD85-4F0D-9912-91FF836522EA}" => removed successfully
C:\Windows\System32\Tasks\Trojan Remover => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Trojan Remover" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C02C6542-F1E8-4454-AC45-98827C1C3360}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C02C6542-F1E8-4454-AC45-98827C1C3360}" => removed successfully
C:\Windows\System32\Tasks\DolbySelectorTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DolbySelectorTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0FBFACBC-98F7-4129-8E24-BF2E605DBC6C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0FBFACBC-98F7-4129-8E24-BF2E605DBC6C}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
C:\Users\X230\AppData\Roaming\~SiMPLEX.ini => moved successfully
HKU\S-1-5-21-3269600821-496837758-4138566819-1001_Classes\CLSID\{38971E90-14FD-44F6-AA45-1447B653F873} => removed successfully
HKU\S-1-5-21-3269600821-496837758-4138566819-1001_Classes\CLSID\{88B20FC8-EBD6-4181-B5F6-50F45BFF722E} => removed successfully
HKU\S-1-5-21-3269600821-496837758-4138566819-1001_Classes\CLSID\{997809F3-33FD-4FD6-A2ED-CEF50F3263B1} => removed successfully
HKU\S-1-5-21-3269600821-496837758-4138566819-1001_Classes\CLSID\{ABF66F82-B04C-4FE4-8272-661539463FE1} => removed successfully
HKU\S-1-5-21-3269600821-496837758-4138566819-1001_Classes\CLSID\{B29F5F83-90DF-479A-BDE7-8A9F4412E394} => removed successfully
HKU\S-1-5-21-3269600821-496837758-4138566819-1001_Classes\CLSID\{BFBE0943-74C5-40E0-9E80-0B808109E95D} => removed successfully
HKU\S-1-5-21-3269600821-496837758-4138566819-1001_Classes\CLSID\{D1CE12B0-2529-4B24-BE8E-189735EA0DC1} => removed successfully
HKU\S-1-5-21-3269600821-496837758-4138566819-1001_Classes\CLSID\{E8791438-3525-48BF-A600-C577AD1674C2} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => subkey with invalid name -> removed successfully
HKLM\Software\Classes\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => subkey with invalid name -> removed successfully
HKLM\Software\Classes\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => subkey with invalid name -> removed successfully
HKLM\Software\Classes\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\CLSID\{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
C:\ProgramData\DP45977C.lfl => ":677104FCAA" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini => ":B1DA6C571C" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk => ":980850BA8A" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk => ":DC8F23BC3A" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) HD Graphics Control Panel.lnk => ":46707D9487" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk => ":F208FC6732" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6E7EE9A2-1C52-464C-9B2F-72239A42F538}C:\users\x230\appdata\roaming\spotify\spotify.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7D9D31D0-F22E-4B0B-A347-B0F23FCCD84D}C:\users\x230\appdata\roaming\spotify\spotify.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B114774A-7B39-45EF-8735-E8035C005986}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{29D2F8E4-D192-4D3D-81FF-93042E797EBE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{571DC747-0993-4AA3-81E3-BB1577D44ED0}C:\shblas\the stanley parable\thestanleyparable.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{DF69058A-BB89-46F3-88A3-BA237EEBFE2E}C:\shblas\the stanley parable\thestanleyparable.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6926388F-33B1-4A75-A3F3-09B6FDD28A86}C:\shblas\terraria.v1.4.2.3\terraria.v1.4.2.3\terraria.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{742D0501-B9E8-4F72-9F31-3D6642D6BA80}C:\shblas\terraria.v1.4.2.3\terraria.v1.4.2.3\terraria.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F7A4ED5B-EC66-4D6A-B8C6-A437C379C0CB}C:\shblas\terraria.v1.4.2.3\terraria.v1.4.2.3\terrariaserver.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E776EA13-CD5B-4567-A989-000B8024213C}C:\shblas\terraria.v1.4.2.3\terraria.v1.4.2.3\terrariaserver.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{BE9C4FB9-B478-41BE-A2E7-75D14CBA68AC}C:\program files\dragon.age.origins.ultimate.v2.1.1.5.repack-kaos\bin_ship\daorigins.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5EFFA72D-1D0E-487A-877C-D7E84A91C9BC}C:\program files\dragon.age.origins.ultimate.v2.1.1.5.repack-kaos\bin_ship\daorigins.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B1F7A75F-4DD3-4906-B83C-8C0279CBDDBF}C:\shblas\the.escapists.2.v1.1.10\theescapists2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3526D03D-5170-4F3F-B0D5-F45D4C8F82E4}C:\shblas\the.escapists.2.v1.1.10\theescapists2.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{81B50EDD-E6D7-4EB8-9E60-73E748F041F3}C:\shblas\the.beginners.guide\the beginner's guide\beginnersguide.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7B4B8262-4D71-4952-9B6A-93BBC5E28774}C:\shblas\the.beginners.guide\the beginner's guide\beginnersguide.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{FAA718BD-FD09-44B4-9A34-2BE76FCE8D83}C:\riot games\riot client\riotclientservices.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5CE21945-AE78-49EF-BC42-57F61E406BDB}C:\riot games\riot client\riotclientservices.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B89ABDBD-58D8-427E-B957-EE9D4D97CEAC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BC87CE1B-73B4-480E-AC41-9409C06188E6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2505469A-A7D4-4B8C-9271-BD5CDEE53F17}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E66C95F1-89AF-45EE-A020-5BEF3E48F2C7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{38D4D188-FB37-4C51-A055-C2E227A154AC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{19365D5F-F4E5-4B29-84DB-D2AE7C31C079}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9988CA93-7FA3-4F2E-9BF3-124C3DD71437}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{90120F36-E085-43CF-A1AA-3F48E27D8B67}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{FEA93739-51B4-46EE-8789-60011B873DFA}C:\shblas\ultimate.epic.battle.simulator.v1.9\ultimate.epic.battle.simulator.v1.9\uebs.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D33DC823-F38F-4C1E-8A09-E0639D83F83C}C:\shblas\ultimate.epic.battle.simulator.v1.9\ultimate.epic.battle.simulator.v1.9\uebs.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{BD462CF5-7186-421E-B485-0CDF44A6C8C3}C:\shblas\event 0\event 0\event0.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{462C29D9-2CE0-47C5-83AA-CA1D39EB3C57}C:\shblas\event 0\event 0\event0.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3E0781AD-94AC-43EB-980C-4831B5B321D6}C:\shblas\the.long.drive.v14.04.2022\the.long.drive\thelongdrive.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5DB858B7-D702-4D02-81FB-DCB467EB4E80}C:\shblas\the.long.drive.v14.04.2022\the.long.drive\thelongdrive.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0CC12F28-BB68-4269-9255-DB11044D6514}C:\shblas\software.inc.v1.1.22\software.inc.v1.1.22\software inc.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B8DF18EF-F174-438B-891E-5055DFFB8BE8}C:\shblas\software.inc.v1.1.22\software.inc.v1.1.22\software inc.exe" => removed successfully
C:\Users\X230\Downloads\uTorrent.exe => moved successfully
"C:\Users\X230\Downloads\utweb_installer.exe" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 170111194 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 316344293 B
Windows/system/drivers => 167751 B
Edge => 0 B
Chrome => 75056884 B
Firefox => 1335155138 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 23318 B
NetworkService => 23318 B
X230 => 20276476 B
Administrator => 130313781 B

RecycleBin => 13348941111 B
EmptyTemp: => 14.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 13:23:53 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118195
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Preventivka - dlouho nekontrolováno

#4 Příspěvek od Rudy »

Smazáno, log by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Lorganification
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 14 zář 2021 10:34

Re: Preventivka - dlouho nekontrolováno

#5 Příspěvek od Lorganification »

Díky moc! :)

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118195
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Preventivka - dlouho nekontrolováno

#6 Příspěvek od Rudy »

Rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno