Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-08-2023
Ran by YMER (administrator) on DESKTOP-00MKO9B (Gigabyte Technology Co., Ltd. P55-UD3L) (01-08-2023 16:15:03)
Running from E:\YMER\Desktop\FRST64.exe
Loaded Profiles: YMER
Platform: Microsoft Windows 10 Education Version 22H2 19045.3208 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <15>
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe
(services.exe ->) (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Microsoft Update Health Tools\uhssvc.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 9\activation-service.exe
(services.exe ->) (SafeNet, Inc. -> SafeNet Inc.) C:\Windows\System32\hasplms.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [220056 2023-07-11] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-04-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [83524968 2019-11-12] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [40412984 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4268456 2022-01-16] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\Run: [MicrosoftEdgeAutoLaunch_10DB1ECA466CE52BE5DB10F17A215C31] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4088256 2023-07-27] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\PDF Architect 9 Monitor: C:\WINDOWS\system32\spool\DRIVERS\x64\brand_solution_name_pdfpmon_v.6.23.0.2.dll [974120 2023-06-22] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com))
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\115.0.5790.110\Installer\chrmstp.exe [2023-07-28] (Google LLC -> Google LLC)
Startup: C:\Users\YMER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Gopher.exe [2020-01-07] () [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {6A4B032B-EA36-468A-9BFF-BFAE92D11793} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4940696 2023-07-11] (Avast Software s.r.o. -> AVAST Software)
Task: {79D688C3-C226-4A6E-9C5A-82BB92E210C6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2135448 2023-04-13] (Avast Software s.r.o. -> Avast Software)
Task: {DA08F8FF-76B5-4031-B58F-C974258C361B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {7FCC18A7-D498-42C4-A959-0FC2F6083557} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "96040b41-2c07-4b8f-b7cc-a967427de4e0" --version "6.11.10455" --silent
Task: {00E92E1E-2BD2-4EA7-905B-AEBDCD9AF8F2} - System32\Tasks\CCleanerSkipUAC - YMER => C:\Program Files\CCleaner\CCleaner.exe [34159416 2023-04-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {B3257AAF-7132-47C0-B867-B6C846817EB2} - System32\Tasks\GoogleUpdateTaskMachineCore{240D4983-72A0-4CD1-A9C8-82A06A19CBFC} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-14] (Google Inc -> Google Inc.)
Task: {8393C929-E06C-4580-A831-2997E0127570} - System32\Tasks\GoogleUpdateTaskMachineUA{6059593D-6214-4C8A-8C10-A45CB851E1ED} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-14] (Google Inc -> Google Inc.)
Task: {A31E0422-AE8C-4A3E-8D0E-3C2E147358E1} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2558224 2018-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {72269900-38AC-424A-A4C5-D240FD6A71F0} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1919760 2018-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {EE287196-5399-4B11-B186-3251014985CB} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [1992936 2018-07-19] (Microsoft Corporation -> Microsoft)
Task: {3ACCC9F8-B9D3-4120-8B9D-9AEA1940A74A} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [39664 2018-07-19] (Microsoft Corporation -> Microsoft)
Task: {BA275E91-D49A-4015-8201-246518447F57} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2558224 2018-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {EBD9B64B-B57D-4380-852D-5A60FC817FEF} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1919760 2018-07-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {1E9F1062-9509-4BEA-8E6A-5384682DD521} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [686496 2023-07-27] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {6D21C27E-E285-45A5-82EF-B2DAA7AE1611} - System32\Tasks\pdfforge GmbH\PDF Architect 9\App Notification => C:\Program Files\PDF Architect 9\architect-launcher.exe [2294720 2023-04-27] (pdfforge GmbH -> pdfforge GmbH)
Task: {3D9CB592-8CAC-48CE-BE4E-757E6869559A} - System32\Tasks\pdfforge GmbH\PDF Architect 9\App Notification Logon => C:\Program Files\PDF Architect 9\architect-launcher.exe [2294720 2023-04-27] (pdfforge GmbH -> pdfforge GmbH)
Task: {EBB20837-E095-47BD-A732-A8B54A5DB02B} - System32\Tasks\pdfforge GmbH\PDF Architect 9\Installer updater => C:\ProgramData\PDF Architect 9\Installation\PDF_Architect_9_Installer.exe [13910968 2023-06-22] (pdfforge GmbH -> pdfforge GmbH.)
Task: {139DFDD1-0C57-4AA8-BF93-017A8778567C} - System32\Tasks\pdfforge GmbH\PDF Architect 9\Update => C:\Program Files\PDF Architect 9\architect.exe [3457984 2023-04-27] (pdfforge GmbH -> pdfforge GmbH)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{478239f2-453d-4703-baba-54bc56621812}: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{73d61a7e-d77a-48d7-ab39-328ff848f1b5}: [DhcpNameServer] 192.168.164.46
Tcpip\..\Interfaces\{befebb7f-74f7-44af-93c9-456282bae772}: [DhcpNameServer] 62.129.50.20 85.135.32.100
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Profile: C:\Users\YMER\AppData\Local\Microsoft\Edge\User Data\Default [2023-06-19]
Edge Extension: (Edge relevant text changes) - C:\Users\YMER\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-06-07]
FireFox:
========
FF DefaultProfile: orxdtu8e.default-1544966886308
FF ProfilePath: C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308 [2023-08-01]
FF Notifications: Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308 -> hxxps://isport.blesk.cz; hxxps://drive.google.com; hxxps://www.heureka.cz; hxxps://top-fight.cz; hxxps://www.sportega.cz
FF Extension: (Cheers – Bold) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\cheers-bold-colorway@mozilla.org.xpi [2023-03-19]
FF Extension: (OneTab) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\extension@one-tab.com.xpi [2023-07-25]
FF Extension: (Blue Mozilla Firefox) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{250785ec-4aec-42b6-823f-05343d80e109}.xpi [2019-06-04]
FF Extension: (have a fox dream) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{3f1aff6b-0363-410f-b81b-9a286ffb4b10}.xpi [2019-05-13]
FF Extension: (Beach) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{7668c7ca-266d-42af-8bb0-fff91d127aaf}.xpi [2019-05-14]
FF Extension: (Mozilla: Firefox OS) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{93645565-f282-4c96-a85a-8133740c6273}.xpi [2019-07-12]
FF Extension: (esafox) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{b526b65f-3165-4dcc-a534-3474d1de766b}.xpi [2019-06-02]
FF Extension: (Complete Black Theme for Firefox) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{c161a71c-fb42-4608-b001-5634b3f59a8b}.xpi [2019-06-04]
FF Extension: (No Name) - C:\Users\YMER\AppData\Roaming\Mozilla\Firefox\Profiles\orxdtu8e.default-1544966886308\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2023-06-21]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_344.dll [2020-03-22] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-11-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-11-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_344.dll [2020-03-22] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-11-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-11-30] (Oracle America, Inc. -> Oracle Corporation)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-07-26]
CHR Notifications: Profile 1 -> hxxps://andalbrighth.pro
CHR Extension: (Dokumenty Google offline) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-07-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\YMER\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-09]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8892824 2023-07-11] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [578968 2023-07-11] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2091928 2023-07-11] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [579992 2023-07-11] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-02] (Avast Software s.r.o. -> AVAST Software)
S3 Disc Soft Lite Bus Service; E:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd)
R2 FoxitReaderUpdateService; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT PDF READER\FoxitPDFReaderUpdateService.exe [2358800 2022-05-19] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 hasplms; C:\Windows\system32\hasplms.exe [4609928 2013-08-01] (SafeNet, Inc. -> SafeNet Inc.)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-12-21] (Intel(R) Update Manager -> Intel Corporation)
S3 ManyCam Service; C:\ProgramData\ManyCam\Service\service.exe [77528 2015-12-15] (ManyCam -> Visicom Media Inc.)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes Corporation -> Malwarebytes)
R3 PDF Architect 9; C:\Program Files\PDF Architect 9\activation-service.exe [3182016 2023-04-27] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 9 Creator; C:\Program Files\PDF Architect 9\creator-ws.exe [508864 2023-04-27] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 9 Update Service; C:\Program Files\PDF Architect 9\update-service.exe [414144 2023-04-27] (pdfforge GmbH -> pdfforge GmbH)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402216 2023-06-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-05-22] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11665240 2019-02-26] (TeamViewer GmbH -> TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AmUStor; C:\WINDOWS\system32\drivers\AmUStor.SYS [118088 2019-04-20] (Alcorlink Corp. -> )
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [31368 2023-07-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [237424 2023-07-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [392832 2023-07-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [297832 2023-07-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [95960 2023-07-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [25576 2022-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [39600 2023-07-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [272016 2023-07-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [556576 2023-07-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [105248 2023-07-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [80416 2023-07-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [943456 2023-07-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [704264 2023-07-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [212632 2023-07-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [319512 2023-07-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2019-06-17] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2019-06-17] (Disc Soft Ltd -> Disc Soft Ltd)
S3 etdrv; C:\Windows\etdrv.sys [25640 2018-07-27] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
S3 gdrv; C:\Windows\gdrv.sys [25640 2018-11-07] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2018-07-27] (GIGA-BYTE TECHNOLOGY CO., LTD -> )
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331328 2013-08-01] (SafeNet, Inc. -> SafeNet Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-05-24] (Martin Malik - REALiX -> REALiX(tm))
R3 ManyCam; C:\WINDOWS\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (ManyCam -> Visicom Media Inc.)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2023-07-26] (Malwarebytes Corporation -> Malwarebytes)
R3 mcaudrv_simple; C:\WINDOWS\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (ManyCam -> Visicom Media Inc.)
R2 NEWDRIVER; C:\Windows\SysWow64\WinVDEdrv6.sys [197648 2018-10-01] (NewSoftwares.net Inc. SDN. BHD. -> )
S3 OSFMount; C:\Program Files (x86)\Counter-Strike Global Offensive\image\x64\OSFMount.sys [552888 2013-10-18] (PassMark Software Pty Ltd -> PassMark Software)
R2 Sentinel64; C:\WINDOWS\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc. -> SafeNet, Inc.)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-07-27 22:11 - 2023-07-28 09:08 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-07-13 10:18 - 2023-07-13 10:18 - 000000000 ___HD C:\$WinREAgent
2023-07-11 20:15 - 2023-07-11 20:15 - 000313240 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-08-01 16:16 - 2018-12-16 15:50 - 000000000 ____D C:\FRST
2023-08-01 15:59 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-08-01 15:53 - 2021-12-17 23:35 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-08-01 15:53 - 2018-05-14 20:38 - 000000000 ____D C:\Program Files (x86)\Google
2023-08-01 15:35 - 2023-05-12 18:38 - 000003046 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-08-01 15:35 - 2023-05-12 18:38 - 000002250 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - YMER
2023-08-01 15:35 - 2023-05-12 18:38 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-08-01 15:35 - 2023-04-08 10:34 - 000003486 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{6059593D-6214-4C8A-8C10-A45CB851E1ED}
2023-08-01 15:35 - 2023-04-08 10:34 - 000003262 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{240D4983-72A0-4CD1-A9C8-82A06A19CBFC}
2023-08-01 15:35 - 2023-01-27 11:58 - 000003644 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{1CA08CAA-9BE8-425E-8728-F74B2AEBAE39}
2023-08-01 15:35 - 2023-01-27 11:58 - 000003420 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{D08F0864-C715-4123-8761-7633BE474B0E}
2023-08-01 15:35 - 2020-12-07 18:15 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-08-01 15:35 - 2020-12-07 18:15 - 000002896 _____ C:\WINDOWS\system32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe
2023-08-01 15:35 - 2020-12-07 18:15 - 000002444 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2023-08-01 15:35 - 2020-12-07 18:15 - 000002392 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2023-08-01 15:35 - 2020-12-07 18:15 - 000002388 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_itype_exe
2023-08-01 15:35 - 2020-12-07 18:15 - 000002374 _____ C:\WINDOWS\system32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2023-08-01 15:35 - 2020-12-07 18:15 - 000002370 _____ C:\WINDOWS\system32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2023-08-01 15:34 - 2020-12-07 18:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2023-08-01 15:04 - 2020-12-07 18:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-08-01 14:32 - 2019-10-26 18:51 - 000000000 ____D C:\Program Files\CCleaner
2023-08-01 14:30 - 2022-02-11 23:56 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-08-01 14:29 - 2023-06-22 11:10 - 000000000 ____D C:\ProgramData\boost_interprocess
2023-08-01 14:29 - 2018-05-12 18:27 - 000000000 ____D C:\ProgramData\NVIDIA
2023-07-31 14:53 - 2018-07-19 15:53 - 000000000 ____D C:\Users\YMER\AppData\Local\AVAST Software
2023-07-30 18:54 - 2018-06-14 07:31 - 000000000 ____D C:\Users\YMER\AppData\Local\CrashDumps
2023-07-29 13:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-07-29 09:57 - 2020-12-07 18:08 - 000002439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-07-29 09:57 - 2020-12-07 18:08 - 000002277 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-07-29 09:57 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-07-28 19:35 - 2018-05-14 20:38 - 000002304 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-07-28 09:08 - 2018-12-16 15:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-07-28 09:08 - 2018-12-16 13:56 - 000001008 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-07-26 22:29 - 2021-01-31 13:42 - 000000000 ____D C:\Users\YMER\AppData\Roaming\vlc
2023-07-26 22:26 - 2021-02-07 18:28 - 000035328 _____ C:\Users\YMER\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2023-07-26 22:26 - 2020-02-12 16:18 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2023-07-26 09:42 - 2018-05-12 18:21 - 000000000 ____D C:\Users\YMER\AppData\Local\Packages
2023-07-17 22:15 - 2020-12-07 18:09 - 000000000 ____D C:\Users\YMER
2023-07-17 14:55 - 2020-12-07 18:17 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-07-17 14:55 - 2019-12-07 16:43 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2023-07-17 14:55 - 2019-12-07 16:43 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2023-07-17 14:55 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-07-17 14:48 - 2020-12-07 18:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-07-17 14:48 - 2020-12-07 18:04 - 000008192 ___SH C:\DumpStack.log.tmp
2023-07-13 23:52 - 2020-12-07 18:04 - 001731600 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-07-13 23:52 - 2018-05-12 23:24 - 000000000 ____D C:\ProgramData\AVAST Software
2023-07-13 23:51 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-07-13 23:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-07-13 23:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-07-13 23:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-07-13 23:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-07-13 23:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-07-13 10:33 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-07-12 19:08 - 2018-05-12 19:15 - 000416104 __RSH C:\bootmgr
2023-07-12 09:57 - 2018-05-12 22:26 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-07-12 09:50 - 2018-05-12 22:25 - 173351160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-07-11 20:15 - 2020-12-07 18:15 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2023-07-11 20:15 - 2020-10-22 18:10 - 000272016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2023-07-11 20:15 - 2020-08-11 18:22 - 000556576 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2023-07-11 20:15 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-07-11 20:15 - 2019-01-14 23:51 - 000392832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2023-07-11 20:15 - 2019-01-08 17:06 - 000297832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2023-07-11 20:15 - 2019-01-08 17:06 - 000095960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2023-07-11 20:15 - 2019-01-08 17:06 - 000031368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2023-07-11 20:15 - 2018-10-24 08:46 - 000039600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2023-07-11 20:15 - 2018-05-12 23:25 - 000943456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2023-07-11 20:15 - 2018-05-12 23:25 - 000704264 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2023-07-11 20:15 - 2018-05-12 23:25 - 000319512 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2023-07-11 20:15 - 2018-05-12 23:25 - 000237424 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2023-07-11 20:15 - 2018-05-12 23:25 - 000105248 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2023-07-11 20:15 - 2018-05-12 23:25 - 000080416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2023-07-03 19:32 - 2023-06-22 11:10 - 000000000 ____D C:\Users\YMER\AppData\Roaming\PDF Architect 9
==================== Files in the root of some directories ========
2022-10-20 21:29 - 2022-10-20 21:27 - 000634880 _____ (Steppschuh) C:\Program Files (x86)\SleepTimer.exe
2021-01-31 19:43 - 2021-01-31 19:43 - 000000012 _____ () C:\Users\YMER\AppData\Roaming\57194d7fac3eeb8711f0ca1082e7e000
2019-10-20 22:15 - 2023-01-06 16:28 - 000000132 _____ () C:\Users\YMER\AppData\Roaming\Adobe Formát BMP CS5 – předvolby
2018-05-28 23:58 - 2023-01-05 21:06 - 000000132 _____ () C:\Users\YMER\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2019-03-30 23:49 - 2019-03-30 23:53 - 000002971 _____ () C:\Users\YMER\AppData\Roaming\downloads.json
2018-11-05 16:33 - 2018-11-05 16:33 - 000001013 _____ () C:\Users\YMER\AppData\Roaming\pictur.jpeg
2020-12-07 21:51 - 2020-12-07 22:30 - 000000013 _____ () C:\Users\YMER\AppData\Roaming\WinSys32.crc
2021-02-07 18:28 - 2023-07-26 22:26 - 000035328 _____ () C:\Users\YMER\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-12-25 17:33 - 2019-12-25 17:33 - 000000001 _____ () C:\Users\YMER\AppData\Local\llftool.4.40.agreement
2018-05-12 20:18 - 2018-05-12 20:18 - 000000017 _____ () C:\Users\YMER\AppData\Local\resmon.resmoncfg
2018-10-01 08:44 - 2019-02-25 07:14 - 000000700 ___SH () C:\Users\YMER\AppData\Local\systemFL7.dat
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-08-2023
Ran by YMER (01-08-2023 16:17:49)
Running from E:\YMER\Desktop
Microsoft Windows 10 Education Version 22H2 19045.3208 (X64) (2020-12-07 16:16:10)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-169180647-2445698039-3035944160-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-169180647-2445698039-3035944160-503 - Limited - Disabled)
Guest (S-1-5-21-169180647-2445698039-3035944160-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-169180647-2445698039-3035944160-504 - Limited - Disabled)
YMER (S-1-5-21-169180647-2445698039-3035944160-1001 - Administrator - Enabled) => C:\Users\YMER
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.344 - Adobe)
Age of Empires II Definitive Edition (HKLM-x32\...\Age of Empires II Definitive Edition_is1) (Version: - )
Age of Empires: Definitive Edition [FULL REMOVAL] (HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\{1F36588A-148D-4BED-AD83-12C63E1F780E}_is1) (Version: 1.3.5101.2 - Microsoft Studios)
Audacity 3.1.0 (HKLM\...\Audacity_is1) (Version: 3.1.0 - Audacity Team)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 23.6.6070 - Avast Software)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 6.11 - Piriform)
CoffeeCup HTML Editor (HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\CoffeeCup HTML Editor) (Version: - CoffeeCup Software, Inc)
Divinity: Original Sin Enhanced Edition (2.0.119.430_(hotfix)) (HKLM-x32\...\1445516929_is1) (Version: 0.1.1.310 - GOG.com)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
ffdshow v1.3.4532 [2014-07-17] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4532.0 - )
FFmpeg v2.2.2 for Audacity - 64bit (HKLM\...\FFmpeg for Audacity_is1) (Version: - )
FIFA 19 (HKLM-x32\...\{3391E07D-8484-4124-817E-FCBDA859FD62}) (Version: 1.0.58.64628 - Electronic Arts)
Flvto Youtube Downloader (HKLM-x32\...\Flvto Youtube Downloader) (Version: 1.3.1 - Hotger)
Foxit PDF Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 12.0.1.12430 - Foxit Software Inc.)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Fury Unleashed (HKLM-x32\...\1559572798_is1) (Version: 1.9.0.2 - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 115.0.5790.110 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Grand Theft Auto V Update v1.36 (HKLM-x32\...\R3JhbmRUaGVmdEF1dG9W_is1) (Version: 1 - )
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Icecream Screen Recorder verze 5.30 (HKLM-x32\...\{7ADEC622-3230-4C9A-9DCE-9BD462B74095}_is1) (Version: 5.30 - Icecream Apps)
Intel(R) Update Manager (HKLM-x32\...\{AA8BC571-E96E-4478-927F-CB44CC7D7D07}) (Version: 3.5.2247 - Intel Corporation)
Intel® SSD Toolbox (HKLM-x32\...\{06D085C8-1F00-11B2-96A7-8f0CE39193ED}) (Version: 3.5.2.400 - Intel Corporation)
Java 8 Update 231 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
Java 8 Update 231 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
LAV Filters 0.74.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.74.1 - Hendrik Leppkes)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
LWS Facebook (HKLM-x32\...\{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}) (Version: 13.50.854.0 - Logitech) Hidden
LWS Gallery (HKLM-x32\...\{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}) (Version: 13.51.827.0 - Logitech) Hidden
LWS Help_main (HKLM-x32\...\{1651216E-E7AD-4250-92A1-FB8ED61391C9}) (Version: 13.51.828.0 - Logitech) Hidden
LWS Launcher (HKLM-x32\...\{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}) (Version: 13.51.828.0 - Logitech) Hidden
LWS Pictures And Video (HKLM-x32\...\{08610298-29AE-445B-B37D-EFBE05802967}) (Version: 13.51.815.0 - Logitech) Hidden
LWS Twitter (HKLM-x32\...\{174A3B31-4C43-43DD-866F-73C9DB887B48}) (Version: 13.30.1346.0 - Logitech) Hidden
LWS Webcam Software (HKLM-x32\...\{8937D274-C281-42E4-8CDB-A0B2DF979189}) (Version: 13.51.815.0 - Logitech) Hidden
LWS WLM Plugin (HKLM-x32\...\{9DAEA76B-E50F-4272-A595-0124E826553D}) (Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (HKLM-x32\...\{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}) (Version: 13.31.1038.0 - Logitech) Hidden
Mafia (HKLM-x32\...\{C72D7008-266D-4DD8-BF3C-296B736127F6}) (Version: 1.02 - )
Malwarebytes verze 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
ManyCam 5.1.0 (HKLM-x32\...\ManyCam) (Version: 5.1.0 - Visicom Media Inc.)
Metro 2033 - Redux (HKLM-x32\...\Metro 2033 - Redux_is1) (Version: 1.0.0.7 - Deep Silver)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 115.0.1901.188 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 115.0.1901.188 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 10.4.137.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 x64 Additional Runtime - 14.13.26020 (HKLM\...\{C5ECDB9A-D9B0-3107-BA85-1269998A5B3E}) (Version: 14.13.26020 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x64 Minimum Runtime - 14.13.26020 (HKLM\...\{221D6DB4-46E2-333C-B09B-5F49351D0980}) (Version: 14.13.26020 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x86 Additional Runtime - 14.13.26020 (HKLM-x32\...\{895D5198-C5DB-375E-86AB-133F4DAA9FE2}) (Version: 14.13.26020 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.13.26020 (HKLM-x32\...\{8F271F6C-6E7B-3D0A-951B-6E7B694D78BD}) (Version: 14.13.26020 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft 1.12.2 + Titan Launcher 3.7.0 (HKLM-x32\...\Minecraft 1.12.2 + Titan Launcher 3.7.0 1.12.2) (Version: 1.12.2 - Mojang)
Mortal Kombat XL (HKLM-x32\...\Mortal Kombat XL_is1) (Version: - )
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 115.0.3 (x64 cs)) (Version: 115.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 79.0 - Mozilla)
MSVCRT Redists (HKLM\...\{FECC0640-1A27-11E7-981A-C2A106E0D44C}) (Version: 1.0 - MAGIX Computer Products Intl. Co.) Hidden
NVIDIA GeForce Experience 3.15.0.186 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.15.0.186 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 456.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 456.71 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
PDF Architect 9 (HKLM-x32\...\PDF Architect 9) (Version: 9.0.42.2866 - pdfforge GmbH)
PDF Architect 9 Edit Module (HKLM\...\{8371AFFC-F4CA-4792-8FEC-14821FF9B84A}) (Version: 9.0.43.20940 - pdfforge GmbH) Hidden
PDF Architect 9 OCR Module (HKLM\...\{A132D533-5230-4631-8206-0FF01B13707B}) (Version: 9.0.43.20940 - pdfforge GmbH) Hidden
PDF Architect 9 OCR TESS Module (HKLM\...\{A6EF8672-C3F3-4BAA-B661-8C43AEB55A5B}) (Version: 9.0.43.20940 - pdfforge GmbH) Hidden
PDF Architect 9 View Module (HKLM\...\{B053D38A-2928-4095-B31A-1D2CDB21E9C6}) (Version: 9.0.43.20940 - pdfforge GmbH) Hidden
qBittorrent 4.2.1 (HKLM-x32\...\qBittorrent) (Version: 4.2.1 - The qBittorrent project)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.65.0 - Samsung Electronics Co., Ltd.)
Skype verze 8.54 (HKLM-x32\...\Skype_is1) (Version: 8.54 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.1.18533 - TeamViewer)
TP-Link TL-WN881ND Driver (HKLM-x32\...\{5656127B-0110-4450-9CBD-643E760F152D}) (Version: 2.1.0 - TP-Link)
Ulož.to FileManager 2.78 (64-bit) (HKLM\...\3f2e2cd28b0e4e4396c2402fbc85a0f0_is1) (Version: 2.78 - Uloz.to cloud a.s.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{0BAA0A93-3AD3-4B19-9105-4C8C3FA92A83}) (Version: 2.67.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{0746492E-47B6-4251-940C-44462DFD74BB}) (Version: 2.55.0.0 - Microsoft Corporation)
VEGAS Pro 14.0 (64-bit) (HKLM\...\{F7773180-1A27-11E7-864D-C2A106E0D44C}) (Version: 14.0.252 - VEGAS)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
WebM Project Directshow Filters (HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\webmdshow) (Version: 1.0.4.1 - WebM Project)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows KMS Activator Ultimate 2019 4.5 (HKLM\...\Windows KMS Activator Ultimate 2019 4.5_is1) (Version: 4.5 - )
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
WinTools.net Premium version 18.3.1 (HKLM-x32\...\{AA9A6236-EE61-41B7-A7EC-5F4496409D55}_is1) (Version: 18.3.1 - WinTools Software Engineering, Ltd.)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
Packages:
=========
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_1.1911.21713.0_x64__8wekyb3d8bbwe [2019-12-07] (Microsoft Corporation)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.2.173.0_x64__rz1tebttyb220 [2021-09-07] (Dolby Laboratories)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_30.1604.3938.0_x86__8xx8rvfyw5nnt [2018-07-05] (Instagram)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1805.2.0_x86__8wekyb3d8bbwe [2018-05-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2020-12-07] (Microsoft Corporation) [MS Ad]
MPEG2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.6.0_x64__8wekyb3d8bbwe [2018-08-21] (Microsoft Corporation)
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_x64__8wekyb3d8bbwe [2019-12-07] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2019-12-07] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2023-07-11] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2023-07-11] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2023-07-11] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [PDFArchitect8_ManagerExt] -> {EC981B88-4DFE-457D-B623-09D6C0E3EE6C} => C:\Program Files\PDF Architect 9\context-menu.dll [2023-04-27] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2023-07-11] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2023-07-11] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2017-12-22] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2017-12-22] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-07-17] () [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\YMER\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) =============
2018-08-12 15:01 - 2018-05-01 11:10 - 001677824 _____ (Igor Pavlov) [File not signed] C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\7z.dll
2021-02-08 19:14 - 2021-02-08 19:14 - 000007168 _____ (painter) [File not signed] C:\WINDOWS\System32\painter_x64.dll
2018-08-12 15:01 - 2018-01-18 16:15 - 000024576 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qgif.dll
2018-08-12 15:01 - 2018-01-18 16:16 - 000031232 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qicns.dll
2018-08-12 15:01 - 2018-01-18 16:15 - 000025088 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2018-08-12 15:01 - 2018-01-18 16:15 - 000242688 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qjpeg.dll
2018-08-12 15:01 - 2018-01-18 16:16 - 000019968 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2018-08-12 15:01 - 2018-01-18 16:16 - 000018944 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qtga.dll
2018-08-12 15:01 - 2018-01-18 16:16 - 000318976 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qtiff.dll
2018-08-12 15:01 - 2018-01-18 16:16 - 000017920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qwbmp.dll
2018-08-12 15:01 - 2018-01-18 16:16 - 000328704 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qwebp.dll
2018-08-12 15:01 - 2018-01-18 16:15 - 000993792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2018-08-12 15:01 - 2018-05-09 09:35 - 004809728 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2018-08-12 15:01 - 2018-01-18 16:12 - 005100032 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2018-08-12 15:01 - 2018-01-18 16:10 - 002012672 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2018-08-12 15:01 - 2018-01-18 16:18 - 002522112 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2018-08-12 15:01 - 2018-01-18 16:20 - 002570752 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2018-08-12 15:01 - 2018-01-18 16:16 - 000247808 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2018-08-12 15:01 - 2018-01-18 16:14 - 004482048 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2018-08-12 15:01 - 2018-01-18 16:24 - 000206336 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2018-08-12 15:01 - 2018-01-18 16:22 - 000013312 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2018-08-12 15:01 - 2018-01-18 16:22 - 000013824 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2018-08-12 15:01 - 2018-01-18 16:27 - 000698368 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2018-08-12 15:01 - 2018-01-18 16:27 - 000173056 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2018-08-12 15:01 - 2018-01-18 16:26 - 000069632 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2018-08-12 15:01 - 2018-01-18 16:27 - 000097280 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2018-08-12 15:01 - 2018-01-18 16:22 - 000013312 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll [2019-11-30] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-11-30] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\ssv.dll [2019-11-30] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-11-30] (Oracle America, Inc. -> Oracle Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-12 01:38 - 2020-03-11 07:56 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\Control Panel\Desktop\\Wallpaper -> E:\YMER\Downloads\1409751.jpg
DNS Servers: 62.129.50.20 - 85.135.32.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "LWS"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "ccleaner_update_helper"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\StartupFolder: => "Logitech . Registrace produktu.lnk"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\StartupFolder: => "Gopher.exe"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\Run: => "Viber"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\Run: => "WinFLTray"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\Run: => "FLBackup"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\Run: => "YouTubeToMP3"
HKU\S-1-5-21-169180647-2445698039-3035944160-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_10DB1ECA466CE52BE5DB10F17A215C31"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{398F405A-F814-4CDD-8AD1-96F136DAB69C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{62203F0C-EE89-426E-895B-1A987CB5F00F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{3DA89DD6-544A-439C-9AFF-0C0BE9CE66E3}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{88747454-D2D3-4CF9-85CA-C687627D8C56}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{01D36A21-E266-4A8A-A138-7F4E391E8469}C:\hry\metro 2033 - redux\metro.exe] => (Block) C:\hry\metro 2033 - redux\metro.exe (Koch Media GmbH -> 4A Games) [File not signed]
FirewallRules: [TCP Query User{D1B5CF7B-D0E6-4BCF-B501-645633A6DEA6}C:\hry\metro 2033 - redux\metro.exe] => (Block) C:\hry\metro 2033 - redux\metro.exe (Koch Media GmbH -> 4A Games) [File not signed]
FirewallRules: [{CA33303E-1CE0-4466-B74F-C22CF734136E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{373CA053-3B78-48DB-A28D-83287D9618FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [UDP Query User{E9EEC67E-ED21-44B1-A6D3-AB4520E657DB}E:\games\age of empires ii definitive edition\battleserver\battleserver.exe] => (Block) E:\games\age of empires ii definitive edition\battleserver\battleserver.exe () [File not signed]
FirewallRules: [TCP Query User{7E0B122D-2338-47F3-936B-A802E3E3D3E3}E:\games\age of empires ii definitive edition\battleserver\battleserver.exe] => (Block) E:\games\age of empires ii definitive edition\battleserver\battleserver.exe () [File not signed]
FirewallRules: [UDP Query User{3B0A6811-2943-494E-9278-73D3190D6D81}E:\games\age of empires ii definitive edition\aoe2de_s.exe] => (Block) E:\games\age of empires ii definitive edition\aoe2de_s.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{568AEFE4-93E6-48BB-BDAF-D268C352FDEE}E:\games\age of empires ii definitive edition\aoe2de_s.exe] => (Block) E:\games\age of empires ii definitive edition\aoe2de_s.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{284E3D5E-9C40-497A-AE2A-D5889E7290B3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{5118F53E-6720-45FC-9444-33828FA8FB83}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{EF84E1E3-0739-4BDE-8FB0-7ECC94D9B749}C:\program files\java\jre1.8.0_231\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_231\bin\javaw.exe
FirewallRules: [TCP Query User{8983D30F-A5E6-42B7-ADA3-4714015F7458}C:\program files\java\jre1.8.0_231\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_231\bin\javaw.exe
FirewallRules: [{3507F5D6-FF1A-471D-BB6B-678274798063}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{BFFF315B-2860-445E-8092-B7BA3603E414}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{543F9592-C384-4683-991F-DB3ADAF53075}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{192F9CFB-72A4-43C4-83F8-9BE7CCE9D8AC}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{39E80BF1-4733-4485-A038-0F1DD1DF5314}] => (Allow) C:\Windows\system32\hasplms.exe (SafeNet, Inc. -> SafeNet Inc.)
FirewallRules: [UDP Query User{F41A292A-E85A-4AD1-8E1F-D78A9C2ECD98}C:\games\divinity - original sin enhanced edition\shipping\eocapp.exe] => (Block) C:\games\divinity - original sin enhanced edition\shipping\eocapp.exe () [File not signed]
FirewallRules: [TCP Query User{820311FB-A5B6-4329-9C95-20EC0DEA16FF}C:\games\divinity - original sin enhanced edition\shipping\eocapp.exe] => (Block) C:\games\divinity - original sin enhanced edition\shipping\eocapp.exe () [File not signed]
FirewallRules: [{7D383B14-0B8A-49B4-AD08-521E3C8B872F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{FD978F39-CB2D-4BAA-8E9A-4262DA6F4825}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{872ECFA6-2368-46F3-95DA-6CAC8A5102AB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{E173D714-A66D-408E-923D-6FA2841C2FCC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{C7452D39-903B-4898-83D7-9397CD15AF59}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{37BDB13B-2DD9-4B63-9A53-E7272750605E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{E3D70879-BE59-4DA1-A415-00AA1111EFAD}C:\program files (x86)\fifa19\fifa19.exe] => (Block) C:\program files (x86)\fifa19\fifa19.exe (Electronic Arts) [File not signed]
FirewallRules: [TCP Query User{1B473C89-987B-4CFC-8FAE-CC37A37E156D}C:\program files (x86)\fifa19\fifa19.exe] => (Block) C:\program files (x86)\fifa19\fifa19.exe (Electronic Arts) [File not signed]
FirewallRules: [{D377EB3B-A0D9-44DC-8B5D-05AD8B64A629}] => (Allow) C:\Program Files (x86)\FIFA19\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{2FF1CA7F-544A-48E2-84A3-BD453E05EA30}] => (Allow) C:\Program Files (x86)\FIFA19\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{8CA790C4-1511-4D12-B644-39EF1FA6CBC4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F7AC80EB-9BEE-4AC6-B595-10C35778C6DD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0571D62C-24D6-415C-AE9D-434F041AB26A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{075EFF2E-0864-4F96-9260-4D494470675E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BDBE58D0-9D03-4302-9205-CA498D8F30D4}] => (Allow) E:\Games\Grand Theft Auto V\GTA5.exe (Rockstar Games) [File not signed]
FirewallRules: [{8BE7BDBE-961F-424F-B862-D02B04DD896B}] => (Allow) E:\Games\Grand Theft Auto V\GTA5.exe (Rockstar Games) [File not signed]
FirewallRules: [{E8724A30-F49C-4523-B27F-C5EE2DB8D87C}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{E0E98292-19D0-4908-A1E6-85D174BD5CB8}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [UDP Query User{09799398-045D-4372-90AF-B687258EF541}E:\games\mortal kombat xl\binaries\retail\mk10.exe] => (Block) E:\games\mortal kombat xl\binaries\retail\mk10.exe (WARNER BROS. ENTERTAINMENT INC. -> )
FirewallRules: [TCP Query User{FB600992-DB5B-4089-B1D1-F5E3B5628ECF}E:\games\mortal kombat xl\binaries\retail\mk10.exe] => (Block) E:\games\mortal kombat xl\binaries\retail\mk10.exe (WARNER BROS. ENTERTAINMENT INC. -> )
FirewallRules: [{81E73763-65A6-4728-90D2-FA284683CB41}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1E74BCD0-1DDC-4A02-94C0-248432757734}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A3150674-1406-4D89-9927-25DDEB5459BD}] => (Allow) LPort=57209
FirewallRules: [{BCA549EF-F9E9-4106-A480-E2834D34F9BD}] => (Allow) LPort=57209
FirewallRules: [TCP Query User{35C35E8E-13BF-461B-8DC8-97D1B7F944A7}C:\users\ymer\appdata\roaming\dvdfab downloader\youtubetomp3\youtubetomp3service.exe] => (Allow) C:\users\ymer\appdata\roaming\dvdfab downloader\youtubetomp3\youtubetomp3service.exe (DVDFab Software Inc. -> )
FirewallRules: [UDP Query User{C3EEDFF5-33F4-4CC8-AA7A-3A9F8EAA355F}C:\users\ymer\appdata\roaming\dvdfab downloader\youtubetomp3\youtubetomp3service.exe] => (Allow) C:\users\ymer\appdata\roaming\dvdfab downloader\youtubetomp3\youtubetomp3service.exe (DVDFab Software Inc. -> )
FirewallRules: [{C858B2AE-D384-4E36-B34C-161CC0CC8293}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{E4D17307-1C99-4492-82CE-20F4A5588F92}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{4F58140F-3521-468C-9DB8-2E2F3CE51278}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{D363B180-C6D0-44C2-9C7C-49754FD4892D}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{3096A815-2870-48F1-9FA9-D7E82AB0430D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{FBD7B9AE-92EC-4B1F-A871-A6F7E8A78624}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\115.0.1901.188\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
12-07-2023 12:41:03 Instalační služba modulů systému Windows
21-07-2023 20:06:20 Naplánovaný kontrolní bod
31-07-2023 21:31:59 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
Name: Neznámé zařízení USB (požadavek popisovače zařízení selhal)
Description: Neznámé zařízení USB (požadavek popisovače zařízení selhal)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standardní hostitelský řadič USB)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
Name: Alcor Micro USB 2.0 Card Reader
Description: Alcor Micro USB 2.0 Card Reader
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Alcor Micro, Corp.
Service: AmUStor
Problem: : Windows cannot use this hardware device because it has been prepared for safe removal, but it has not been removed from the computer. (Code 47)
Resolution: Unplug the device, and then plug it in again. Alternately, restart the computer to make the device available.
==================== Event log errors: ========================
Application errors:
==================
Error: (07/30/2023 06:54:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DllHost.exe, verze: 10.0.19041.546, časové razítko: 0xf25621f0
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.3155, časové razítko: 0xbf300201
Kód výjimky: 0xc06d007e
Posun chyby: 0x000000000002cf19
ID chybujícího procesu: 0x104c
Čas spuštění chybující aplikace: 0x01d9c30678f9e9e6
Cesta k chybující aplikaci: C:\WINDOWS\system32\DllHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 58b27555-9d7c-4efb-abbe-4715f35ff3ee
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/30/2023 06:54:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DllHost.exe, verze: 10.0.19041.546, časové razítko: 0xf25621f0
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.3155, časové razítko: 0xbf300201
Kód výjimky: 0xc06d007e
Posun chyby: 0x000000000002cf19
ID chybujícího procesu: 0x2a7c
Čas spuštění chybující aplikace: 0x01d9c306788816e5
Cesta k chybující aplikaci: C:\WINDOWS\system32\DllHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: c11bc452-bbad-4577-bc3f-81b1d4e2939f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/30/2023 06:54:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DllHost.exe, verze: 10.0.19041.546, časové razítko: 0xf25621f0
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.3155, časové razítko: 0xbf300201
Kód výjimky: 0xc06d007e
Posun chyby: 0x000000000002cf19
ID chybujícího procesu: 0x20d0
Čas spuštění chybující aplikace: 0x01d9c3067818f25b
Cesta k chybující aplikaci: C:\WINDOWS\system32\DllHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: d2cdebe4-793d-49c1-a077-275ce8813ee5
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/30/2023 06:54:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DllHost.exe, verze: 10.0.19041.546, časové razítko: 0xf25621f0
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.3155, časové razítko: 0xbf300201
Kód výjimky: 0xc06d007e
Posun chyby: 0x000000000002cf19
ID chybujícího procesu: 0x282c
Čas spuštění chybující aplikace: 0x01d9c30677a6ea7c
Cesta k chybující aplikaci: C:\WINDOWS\system32\DllHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: e7ed99a9-7480-42dc-91a0-c05201c61205
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/30/2023 06:54:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DllHost.exe, verze: 10.0.19041.546, časové razítko: 0xf25621f0
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.3155, časové razítko: 0xbf300201
Kód výjimky: 0xc06d007e
Posun chyby: 0x000000000002cf19
ID chybujícího procesu: 0xbdc
Čas spuštění chybující aplikace: 0x01d9c30677328542
Cesta k chybující aplikaci: C:\WINDOWS\system32\DllHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 880c66ea-560c-40b8-9013-2164b7e5cb86
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/30/2023 06:54:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DllHost.exe, verze: 10.0.19041.546, časové razítko: 0xf25621f0
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.3155, časové razítko: 0xbf300201
Kód výjimky: 0xc06d007e
Posun chyby: 0x000000000002cf19
ID chybujícího procesu: 0x101c
Čas spuštění chybující aplikace: 0x01d9c30676c481fa
Cesta k chybující aplikaci: C:\WINDOWS\system32\DllHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: d1a5c7c3-65a2-4ec4-99c6-e61a03942eaf
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/30/2023 06:54:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DllHost.exe, verze: 10.0.19041.546, časové razítko: 0xf25621f0
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.3155, časové razítko: 0xbf300201
Kód výjimky: 0xc06d007e
Posun chyby: 0x000000000002cf19
ID chybujícího procesu: 0x6ac
Čas spuštění chybující aplikace: 0x01d9c30676543828
Cesta k chybující aplikaci: C:\WINDOWS\system32\DllHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 75061bc3-0673-4ebf-8496-e3a9edde52ea
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/30/2023 06:54:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DllHost.exe, verze: 10.0.19041.546, časové razítko: 0xf25621f0
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.3155, časové razítko: 0xbf300201
Kód výjimky: 0xc06d007e
Posun chyby: 0x000000000002cf19
ID chybujícího procesu: 0x1264
Čas spuštění chybující aplikace: 0x01d9c30675e85c11
Cesta k chybující aplikaci: C:\WINDOWS\system32\DllHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: c24ab0f4-bcd4-4525-97a5-90918dc650f3
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (07/17/2023 02:48:24 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (21:44:01, 16.07.2023) bylo neočekávané.
Error: (06/23/2023 08:39:08 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-00MKO9B)
Description: Server Microsoft.XboxGamingOverlay_2.34.28001.0_x64__8wekyb3d8bbwe!App.AppXrfdt3p0f38tc4nxz7ajrd5as6ctb0dck.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (05/22/2023 09:44:47 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-00MKO9B)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.
Error: (05/22/2023 09:44:44 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-00MKO9B)
Description: Server {1A1F4206-0688-4E7F-BE03-D82EC69DF9A5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (05/05/2023 11:42:24 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-00MKO9B)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.
Error: (05/05/2023 11:42:24 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-00MKO9B)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.
Error: (04/28/2023 09:48:02 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-00MKO9B)
Description: Server Microsoft.XboxGamingOverlay_2.34.28001.0_x64__8wekyb3d8bbwe!App.AppXrfdt3p0f38tc4nxz7ajrd5as6ctb0dck.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (04/27/2023 10:08:41 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-00MKO9B)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
CodeIntegrity:
===============
Date: 2023-08-01 14:32:34
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: Award Software International, Inc. FI 11/01/2010
Motherboard: Gigabyte Technology Co., Ltd. P55-UD3L
Processor: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz
Percentage of memory in use: 50%
Total physical RAM: 8183.49 MB
Available physical RAM: 4013.16 MB
Total Virtual: 9463.49 MB
Available Virtual: 3422.99 MB
==================== Drives ================================
Drive c: (SSD) (Fixed) (Total:223.05 GB) (Free:47.69 GB) (Model: WDC WDS240G2G0A-00JH30 ATA Device) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (HDD) (Fixed) (Total:931.41 GB) (Free:313.96 GB) (Model: SAMSUNG HD103SJ ATA Device) NTFS
\\?\Volume{0201e900-0000-0000-0000-20c337000000}\ () (Fixed) (Total:0.53 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 0201E900)
Partition 1: (Active) - (Size=223 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=539 MB) - (Type=27)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 7F2C3E95)
Partition 1: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Přispějete na provoz fóra?