Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-10-2023
Ran by Azareth (administrator) on AZARETH-PC (LENOVO 20091) (27-10-2023 19:19:44)
Running from C:\Users\Azareth\Desktop\FRST64 (1).exe
Loaded Profiles: Azareth
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X64) Language: Angličtina (Spojené státy) -> Čeština (Česká republika)
Default browser: IE
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE ->) (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler.exe
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler64.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\egui.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(C:\Program Files\JetBrains\IntelliJ IDEA Community Edition 2021.2.2\bin\idea64.exe ->) (JetBrains s.r.o. -> JetBrains s.r.o.) C:\Program Files\JetBrains\IntelliJ IDEA Community Edition 2021.2.2\bin\fsnotifier.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(C:\Program Files\Oracle\VirtualBox\VBoxSVC.exe ->) (Oracle Corporation -> Oracle Corporation) C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe <3>
(C:\Users\Azareth\AppData\Roaming\uTorrent Web\utweb.exe ->) (Rainberry Inc -> BitTorrent Inc.) C:\Users\Azareth\AppData\Roaming\uTorrent Web\helper\helper.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(explorer.exe ->) (DT Soft Ltd -> DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\68.0.2.0\crashpad_handler.exe <5>
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <55>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(explorer.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(explorer.exe ->) (JetBrains s.r.o. -> JetBrains s.r.o.) C:\Program Files\JetBrains\IntelliJ IDEA Community Edition 2021.2.2\bin\idea64.exe
(explorer.exe ->) (Lenovo (Beijing) Limited -> Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(explorer.exe ->) (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\regedit.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(explorer.exe ->) (Rainberry Inc -> BitTorrent Inc.) C:\Users\Azareth\AppData\Roaming\uTorrent Web\utweb.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Oracle Corporation -> Oracle Corporation) C:\Program Files\Oracle\VirtualBox\VirtualBox.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(services.exe ->) (Oracle Corporation -> Oracle Corporation) C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Oracle Corporation -> Oracle Corporation) C:\Program Files\Oracle\VirtualBox\VBoxSVC.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2020-04-27] (Lenovo (Beijing) Limited -> Lenovo)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11786344 2011-03-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9753024 2020-04-27] (Lenovo (Beijing) Limited -> Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2020-04-27] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [194704 2022-12-19] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [270912 2015-06-17] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2023-01-11] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2023-01-11] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd -> DT Soft Ltd)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [42727840 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [49958368 2022-02-01] (Google LLC -> )
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91016568 2020-12-02] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Azareth\AppData\Local\Microsoft\Teams\Update.exe [2589872 2023-10-10] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2023-01-11] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4375912 2023-09-29] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [utweb] => C:\Users\Azareth\AppData\Roaming\uTorrent Web\utweb.exe [6418944 2023-08-06] (Rainberry Inc -> BitTorrent Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2023-01-11] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2020-04-28] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon MG3000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDG.DLL [30720 2016-06-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3000 series: C:\Windows\system32\CNMLMDG.DLL [485376 2016-06-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3000 series XPS: C:\Windows\system32\CNMXLMDG.DLL [487424 2016-05-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\109.0.19987.122\Installer\chrmstp.exe [2023-01-31] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\109.0.5414.120\Installer\chrmstp.exe [2023-01-28] (Google LLC -> Google LLC)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [182784 2018-03-25] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [159704 2018-03-25] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {923317A8-2671-4B9A-8081-65CBC53C8EB4} - System32\Tasks\{53B35AF0-6B3A-4A0A-BBB3-97A8DE7CFD65} => C:\Drivers\Camera driver(Bison,Chicony,Suyin,Liteon)\Setup.exe [33136 2010-09-02] (Compal Electronics, Inc. -> COMPAL)
Task: {3F64947B-0BFC-4249-8F30-4A4D2AE60BEF} - System32\Tasks\{90CD3027-AF77-49E0-9F3A-AD9891C3106C} => C:\Drivers\Camera driver(Bison,Chicony,Suyin,Liteon)\Setup.exe [33136 2010-09-02] (Compal Electronics, Inc. -> COMPAL)
Task: {18987115-B4F6-4055-80CE-47DBFF185A32} - System32\Tasks\{C966908C-75CA-4106-92A2-F79AA11CA6A1} => C:\Windows\system32\pcalua.exe [9728 2019-06-12] (Microsoft Windows -> Microsoft Corporation) -> -a "C:\Drivers\Camera driver(Bison,Chicony,Suyin,Liteon)\Setup.exe" -d "C:\Drivers\Camera driver(Bison,Chicony,Suyin,Liteon)"
Task: {42CCA8EE-2276-4ADC-8291-ADCD1FD8A02B} - System32\Tasks\{DA1F993B-7319-461F-9278-B9D8AB7812A7} => C:\Windows\system32\pcalua.exe [9728 2019-06-12] (Microsoft Windows -> Microsoft Corporation) -> -a "C:\Program Files\Microsoft Office\root\integration\OneDriveSetup.exe" -d F:\Office -c C:\Program Files\Microsoft Office\root\integration\OneDriveSetup.exe /silent /permachine /silent /childprocess /cusid:S-1-5-21-1201691987-3798675826-3542024472-1000
Task: {27E9919E-F8BB-41C1-9135-683FAE6AF2B0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {6649E94D-1A19-4322-9EAF-C72C6E83F7D9} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-08] (Adobe Inc. -> Adobe)
Task: {C4A2D2B9-1433-4075-A2A6-3A768876FD06} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
Task: {BEDFC920-770E-437F-8F70-86088733828F} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [275136 2022-07-18] (Bluestack Systems, Inc -> BlueStack Systems, Inc.)
Task: {687E0CF6-F8FC-4078-A71F-F1C2F9569251} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3277472 2023-01-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {2FDAEBD1-A20F-4E82-8071-6B36A9FBFAEB} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3277472 2023-01-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {AE0EEFD8-37C2-4324-A5D1-6B69707EBDC4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {E0947491-92A9-43AD-A3D0-647EE26906B9} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "e12937ae-5955-4604-a50e-a3518a5b1f27" --version "6.17.10746" --silent
Task: {6A4A364E-2141-4984-9051-CD3DB89974B7} - System32\Tasks\CCleanerSkipUAC - Azareth => C:\Program Files\CCleaner\CCleaner.exe [35664800 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {5527D957-AE4A-43E8-A770-2CA166124586} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {B0D29E00-7FE3-45C3-A026-DC0DB6C9D3F1} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {F0909D45-F39D-4EC9-8184-C4EF1B137CE3} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24614400 2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {FC5E0655-A474-4152-8FB8-C6C1BF377C68} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24614400 2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {949170DE-A988-4FA5-8517-D093D1D4E715} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [160728 2023-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {4AB78676-5E61-45FE-8D86-A668242536B0} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [160728 2023-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0F9C67D-BA7B-4137-AB30-AFA0F1A6B70B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6160864 2023-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {6243AE14-B145-4E7A-96AA-B78E5E77D444} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6160864 2023-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {93548985-FF8C-4C36-A395-088E1B30D8BC} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [815 2022-11-22] () [File not signed]
Task: {5D5501B6-99BD-46B6-9E9D-C9733642A16F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {E496C2CC-8100-438D-9FF4-305B94A79E58} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1542080 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B6570DB5-E2BE-4C5E-AA47-A2FD4CF1F8B0} - System32\Tasks\NVIDIA GeForceNow_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Users\Azareth\AppData\Local\NVIDIA Corporation\GeForceNOW\CEF\GeForceNOW.exe [3848744 2023-06-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {34366116-F5B1-4C10-BD07-58ADB2E7ADEF} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [960448 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2A174470-37C1-4EC3-915D-8E49BB9E88E8} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [655296 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {808F8A44-EC3C-4BD3-BC62-7546DC571CFF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [655296 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5CDE6BFF-F762-4AEE-B3A3-1925C8751B5A} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436160 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {041946D5-DA89-49A5-AD2F-EEF631429721} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728000 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {84A1BD23-864B-44DE-9E12-5D4DBEEA299A} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728000 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {80B9B50A-1D2B-44F2-9D05-C91080F59169} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [1174016 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{7AC04196-1B18-439A-9168-5D688B3C4E15}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{7AC04196-1B18-439A-9168-5D688B3C4E15}: [DhcpNameServer] 31.30.90.11 31.30.90.12
Edge:
=======
Edge Profile: C:\Users\Azareth\AppData\Local\Microsoft\Edge\User Data\Default [2023-07-07]
FireFox:
========
FF DefaultProfile: 9ckfsfhp.default
FF ProfilePath: C:\Users\Azareth\AppData\Roaming\Mozilla\Firefox\Profiles\9ckfsfhp.default [2023-10-21]
FF ProfilePath: C:\Users\Azareth\AppData\Roaming\Mozilla\Firefox\Profiles\gz5r0ri9.default-release [2023-10-22]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Azareth\AppData\Roaming\Mozilla\Firefox\Profiles\gz5r0ri9.default-release\Extensions\sp@avast.com.xpi [2020-04-27]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-07-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-07-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-04-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2019-07-02] (CANON INC.) [File not signed]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-04-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-10-09] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Azareth\AppData\Local\Google\Chrome\User Data\Default [2023-10-27]
CHR DefaultSearchURL: Default -> hxxps://search.seznam.cz/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> seznam.cz
CHR DefaultSuggestURL: Default -> hxxps://suggest.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Extension: (Dokumenty Google offline) - C:\Users\Azareth\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-30]
CHR Extension: (FormApps Extension) - C:\Users\Azareth\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2022-10-20]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\Azareth\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-01-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Azareth\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-03]
CHR HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
Opera:
=======
OPR Profile: C:\Users\Azareth\AppData\Roaming\Opera Software\Opera Stable [2023-10-21]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 ActiveSMART Service; C:\Program Files (x86)\ActiveSMART 2.12.0\ASmartService.exe [2551544 2020-08-02] (Ariolic Software Ltd -> Ariolic Software, Ltd. (hxxp://www.ariolic.com))
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\109.0.19987.122\elevation_service.exe [1802832 2023-01-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11139576 2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
R2 dlpsrv; C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe [707864 2022-08-24] (ESET, spol. s r.o. -> ESET)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2020-08-10] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3549872 2022-12-19] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3549872 2022-12-19] (ESET, spol. s r.o. -> ESET)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [445432 2021-04-19] (Canon Inc. -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12835096 2021-01-28] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746504 2020-09-04] (Oracle Corporation -> Oracle Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [321792 2022-07-18] (Bluestack Systems, Inc -> Bluestack System Inc.)
R0 DLMFENC; C:\Windows\System32\DRIVERS\DLMFENC.sys [242168 2022-09-21] (ESET, spol. s r.o. -> ESET, spol. s r.o.)
R0 DLPCRYPT; C:\Windows\System32\DRIVERS\dlpcrypt.sys [121728 2022-08-24] (DESlock Limited -> DESlock Ltd.)
R0 dlpvdisk; C:\Windows\System32\DRIVERS\dlpvdisk.sys [98296 2022-08-24] (DESlock Limited -> DESlock Ltd.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2020-04-28] (DT Soft Ltd -> DT Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [198416 2022-12-19] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [119904 2022-12-19] (ESET, spol. s r.o. -> ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [237208 2022-12-19] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [55392 2022-12-19] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [81696 2022-12-19] (ESET, spol. s r.o. -> ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [66768 2022-12-19] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [122504 2022-12-19] (ESET, spol. s r.o. -> ESET)
R1 googledrivefs3758; C:\Windows\System32\DRIVERS\googledrivefs3758.sys [386632 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R1 npcap; C:\Windows\System32\DRIVERS\npcap.sys [67536 2023-07-19] (Insecure.Com LLC -> Insecure.Com LLC.)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [513080 2020-04-28] () [File not signed] [File is in use]
R3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [238352 2020-09-04] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [247744 2020-09-04] (Oracle Corporation -> Oracle Corporation)
R0 VDLPToken2; C:\Windows\System32\DRIVERS\vdlptkn2.sys [135672 2022-08-24] (DESlock Limited -> DESlock Ltd.)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [74048 2020-08-04] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
U3 a59624zp; C:\Windows\System32\Drivers\a59624zp.sys [0 0000-00-00] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
S3 cpuz157; \??\C:\Windows\temp\cpuz157\cpuz157_x64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-10-27 19:19 - 2023-10-27 19:21 - 000029410 _____ C:\Users\Azareth\Desktop\FRST.txt
2023-10-27 18:56 - 2023-10-27 18:56 - 000000000 ____D C:\Users\Azareth\VirtualBox VMs
2023-10-27 18:55 - 2023-10-27 18:55 - 000000000 ____D C:\ProgramData\VirtualBox
2023-10-27 18:54 - 2023-10-27 18:54 - 000001076 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2023-10-27 18:54 - 2023-10-27 18:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2023-10-27 18:54 - 2023-10-27 18:54 - 000000000 ____D C:\Program Files\Oracle
2023-10-27 18:54 - 2020-09-04 03:38 - 001033680 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2023-10-27 18:54 - 2020-09-04 03:38 - 000187456 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2023-10-27 18:51 - 2023-10-27 19:02 - 4194304000 _____ C:\Users\Azareth\Downloads\kali-linux-2023.3-installer-amd64.iso
2023-10-27 18:50 - 2023-10-27 18:50 - 110896736 _____ (Oracle and/or its affiliates) C:\Users\Azareth\Downloads\VirtualBox-7.0.12-159484-Win.exe
2023-10-24 13:40 - 2023-10-24 13:40 - 000000000 ____D C:\Users\Azareth\AppData\Local\DESlock+
2023-10-23 14:48 - 2023-10-23 14:48 - 000000000 ____D C:\Users\Azareth\AppData\Local\ESET
2023-10-23 14:15 - 2023-10-23 14:15 - 000001943 _____ C:\Users\Public\Desktop\ESET Ochrana bankovnictví a online plateb.lnk
2023-10-23 14:11 - 2023-10-24 13:40 - 000000000 ____D C:\Program Files\ESET
2023-10-23 14:11 - 2023-10-23 14:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2023-10-23 14:11 - 2023-10-23 14:11 - 000000000 ____D C:\ProgramData\ESET
2023-10-23 14:04 - 2023-10-23 14:04 - 008971384 _____ (ESET) C:\Users\Azareth\Downloads\eset_nod32_antivirus_live_installer.exe
2023-10-22 19:55 - 2023-10-22 19:55 - 000000000 ____D C:\Users\Azareth\FB-VwSFT
2023-10-21 20:39 - 2023-10-21 20:42 - 000008562 _____ C:\Users\Azareth\Desktop\Fixlog.txt
2023-10-21 20:32 - 2023-10-21 20:32 - 000003018 _____ C:\Users\Azareth\Desktop\fixlist.txt
2023-10-21 18:20 - 2023-10-21 18:21 - 002383360 _____ (Farbar) C:\Users\Azareth\Desktop\FRST64 (1).exe
2023-10-20 20:58 - 2023-10-20 21:02 - 000000000 ____D C:\AdwCleaner
2023-10-20 20:58 - 2023-10-20 20:58 - 008791352 _____ (Malwarebytes) C:\Users\Azareth\Downloads\adwcleaner.exe
2023-10-20 13:32 - 2023-10-21 18:27 - 000068057 _____ C:\Users\Azareth\Downloads\Addition.txt
2023-10-20 13:31 - 2023-10-21 18:27 - 000045917 _____ C:\Users\Azareth\Downloads\FRST.txt
2023-10-17 14:47 - 2023-10-27 19:20 - 000000000 ____D C:\FRST
2023-10-17 14:47 - 2023-10-17 14:47 - 002383360 _____ (Farbar) C:\Users\Azareth\Downloads\FRST64.exe
2023-10-15 20:21 - 2023-10-15 20:30 - 3184589596 _____ C:\Users\Azareth\Downloads\Nepotvrzeno 19152.crdownload
2023-10-14 09:08 - 2023-10-14 09:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2023-10-14 09:05 - 2023-10-14 09:06 - 044112056 _____ (The Git Development Community ) C:\Users\Azareth\Downloads\Git-2.19.2-64-bit.exe
2023-10-12 16:17 - 2023-10-12 16:32 - 012187975 _____ C:\Users\Azareth\Downloads\aircrack-ng-1.7-win.zip
2023-10-12 12:40 - 2023-10-12 12:41 - 001498192 _____ C:\Users\Azareth\Downloads\Osobni dotaznik NAKIT (1).pdf
2023-10-10 12:46 - 2023-10-10 12:46 - 000002263 _____ C:\Users\Azareth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams classic.lnk
2023-10-10 12:46 - 2023-10-10 12:46 - 000002255 _____ C:\Users\Azareth\Desktop\Microsoft Teams classic.lnk
2023-10-10 12:36 - 2023-10-10 13:58 - 001497536 _____ C:\Users\Azareth\Downloads\Osobni dotaznik NAKIT.pdf
2023-10-10 12:15 - 2023-10-10 12:15 - 009010962 _____ C:\Users\Azareth\Downloads\Predpisy NAKIT.zip
2023-10-06 14:53 - 2023-10-06 14:53 - 009841291 _____ C:\Users\Azareth\Downloads\Smlouva CAIS_A.pdf
2023-10-05 23:08 - 2023-10-05 23:08 - 000000000 ____D C:\Users\Azareth\AppData\Local\WinSparkle
2023-10-05 12:22 - 2023-10-05 12:22 - 000195320 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000014042641903.pdf
2023-10-05 12:22 - 2023-10-05 12:22 - 000195311 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000013719355344.pdf
2023-10-05 12:22 - 2023-10-05 12:22 - 000194985 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000013390863630.pdf
2023-10-05 11:32 - 2023-10-05 11:32 - 000497973 _____ C:\Users\Azareth\Downloads\Predpis_zaloh_1_1_2023 (2).pdf
2023-10-04 17:44 - 2023-10-04 17:44 - 000522792 _____ C:\Windows\Minidump\100423-12901-01.dmp
2023-10-02 14:14 - 2023-10-02 14:14 - 000211175 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000013615339957.pdf
2023-10-02 14:14 - 2023-10-02 14:14 - 000211022 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000013941301191.pdf
2023-10-02 14:14 - 2023-10-02 14:14 - 000000162 ____H C:\Users\Azareth\Downloads\~$5108000000002188222113_2000013615339957.pdf
2023-10-02 14:13 - 2023-10-02 14:13 - 000210973 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000013298338381.pdf
2023-09-29 17:25 - 2023-10-15 21:38 - 000003416 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1201691987-3798675826-3542024472-1000
2023-09-29 17:25 - 2023-10-15 21:38 - 000003182 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1201691987-3798675826-3542024472-1000
2023-09-29 17:25 - 2023-09-29 17:25 - 000000000 ____D C:\Users\Azareth\AppData\Local\OneDrive
2023-09-27 20:19 - 2023-09-27 20:19 - 000107770 _____ C:\Users\Azareth\Downloads\DevOps Engineer (5).pdf
2023-09-27 15:13 - 2023-09-27 15:13 - 000107770 _____ C:\Users\Azareth\Downloads\DevOps Engineer (4).pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-10-27 19:06 - 2009-07-14 06:45 - 000024416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2023-10-27 19:06 - 2009-07-14 06:45 - 000024416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2023-10-27 19:04 - 2020-04-27 15:33 - 000000000 ____D C:\Program Files (x86)\Google
2023-10-27 19:03 - 2020-10-06 21:17 - 000000000 ____D C:\Users\Azareth\.VirtualBox
2023-10-27 18:56 - 2020-04-27 15:25 - 000000000 ____D C:\Users\Azareth
2023-10-27 18:55 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2023-10-27 18:09 - 2020-09-23 12:22 - 000000000 ____D C:\Users\Azareth\AppData\Roaming\Microsoft\Teams
2023-10-27 17:56 - 2021-06-20 20:41 - 000003538 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-10-27 17:56 - 2021-06-20 20:41 - 000003410 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-10-27 17:56 - 2020-04-27 16:09 - 000668850 _____ C:\Windows\system32\perfh005.dat
2023-10-27 17:56 - 2020-04-27 16:09 - 000141464 _____ C:\Windows\system32\perfc005.dat
2023-10-27 17:56 - 2009-07-14 07:13 - 001583374 _____ C:\Windows\system32\PerfStringBackup.INI
2023-10-27 17:55 - 2023-06-30 13:11 - 000000000 ____D C:\Program Files (x86)\Steam
2023-10-27 17:55 - 2020-04-27 19:17 - 000000000 ____D C:\Users\Azareth\AppData\Local\CrashDumps
2023-10-27 17:54 - 2023-09-02 10:45 - 000000000 ____D C:\Users\Azareth\AppData\Roaming\uTorrent Web
2023-10-27 17:54 - 2021-08-19 17:11 - 000000000 ____D C:\Users\Azareth\AppData\Local\BitTorrentHelper
2023-10-27 17:54 - 2020-04-28 17:53 - 000000000 ____D C:\Program Files\CCleaner
2023-10-27 17:54 - 2020-04-27 15:26 - 001454075 _____ C:\Windows\system32\fastboot.set
2023-10-27 17:50 - 2020-10-05 20:56 - 000000000 ___HD C:\ProgramData\ActiveSMART
2023-10-27 17:50 - 2020-04-27 21:13 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2023-10-27 17:50 - 2020-04-27 15:34 - 000000000 ____D C:\ProgramData\NVIDIA
2023-10-27 17:50 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-10-23 17:40 - 2022-10-20 17:40 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-10-23 14:19 - 2021-05-23 11:45 - 000000000 ____D C:\Users\Azareth\AppData\Local\Avast Software
2023-10-23 14:19 - 2020-04-27 16:21 - 000000000 ____D C:\ProgramData\Avast Software
2023-10-22 12:10 - 2020-04-27 15:25 - 000000000 ___SD C:\Users\Azareth\AppData\Roaming\Microsoft\Protect
2023-10-21 20:41 - 2021-09-16 08:09 - 000000000 ____D C:\Users\Azareth\AppData\LocalLow\Temp
2023-10-21 20:41 - 2020-04-27 19:05 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2023-10-21 20:41 - 2009-07-14 05:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2023-10-21 20:41 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2023-10-21 20:33 - 2020-10-26 19:34 - 000000000 ____D C:\Users\Azareth\AppData\Roaming\Code
2023-10-20 21:02 - 2020-10-28 15:09 - 000000000 ____D C:\Users\Azareth\AppData\Roaming\Lavasoft
2023-10-20 21:02 - 2020-10-28 15:09 - 000000000 ____D C:\Users\Azareth\AppData\Local\Lavasoft
2023-10-20 21:02 - 2020-10-28 15:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2023-10-20 21:02 - 2020-10-28 15:09 - 000000000 ____D C:\ProgramData\Lavasoft
2023-10-20 21:02 - 2020-10-28 15:09 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2023-10-20 20:30 - 2020-08-14 16:46 - 000000000 ____D C:\Users\Public\BBCPie - Chloe Temple - Creamed Skater Girl
2023-10-19 12:17 - 2022-11-02 13:36 - 000003360 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-10-19 12:17 - 2020-04-28 17:53 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-10-17 19:59 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2023-10-17 13:37 - 2020-04-30 17:09 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2023-10-17 13:36 - 2022-10-31 14:49 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2023-10-15 21:38 - 2023-09-23 19:52 - 000003100 _____ C:\Windows\system32\Tasks\npcapwatchdog
2023-10-15 21:38 - 2023-07-01 16:44 - 000003694 _____ C:\Windows\system32\Tasks\NVIDIA GeForceNow_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-10-15 21:38 - 2022-07-23 11:04 - 000003856 _____ C:\Windows\system32\Tasks\BlueStacksHelper_nxt
2023-10-15 21:38 - 2021-08-19 17:06 - 000002816 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Azareth
2023-10-15 21:38 - 2020-04-28 17:54 - 000003726 _____ C:\Windows\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2023-10-15 21:38 - 2020-04-28 17:53 - 000003438 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineUA
2023-10-15 21:38 - 2020-04-28 17:53 - 000003310 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineCore
2023-10-14 09:08 - 2020-10-06 21:37 - 000000000 ____D C:\Program Files\Git
2023-10-14 09:08 - 2020-10-06 21:14 - 000000000 ____D C:\ProgramData\Git
2023-10-12 02:57 - 2020-04-30 08:00 - 000000000 ____D C:\Windows\system32\MRT
2023-10-12 02:52 - 2020-04-30 08:00 - 181553176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-10-10 13:53 - 2020-04-28 11:51 - 000000000 ____D C:\Users\Azareth\AppData\Roaming\Microsoft\Word
2023-10-04 17:44 - 2023-07-07 22:55 - 723126580 _____ C:\Windows\MEMORY.DMP
2023-10-04 17:44 - 2020-07-05 09:28 - 000000000 ____D C:\Windows\Minidump
2023-10-02 23:08 - 2023-09-23 19:53 - 000000000 ____D C:\Users\Azareth\AppData\Roaming\Wireshark
2023-10-02 14:16 - 2020-05-07 08:28 - 000000000 ____D C:\ProgramData\CanonIJPLM
2023-09-29 17:25 - 2020-04-28 09:45 - 000002126 _____ C:\Users\Azareth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
==================== Files in the root of some directories ========
2020-07-26 16:04 - 2020-07-26 18:45 - 000000128 _____ () C:\Users\Azareth\AppData\Roaming\winscp.rnd
2020-04-28 08:07 - 2020-04-28 08:07 - 000001500 _____ () C:\Users\Azareth\AppData\Local\PDLSetup.20200428.080709.txt
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2023-10-20 00:00
==================== End of FRST.txt ========================
A další je zde
________________
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2023
Ran by Azareth (27-10-2023 19:23:13)
Running from C:\Users\Azareth\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X64) (2020-04-27 13:25:53)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1201691987-3798675826-3542024472-500 - Administrator - Disabled)
Azareth (S-1-5-21-1201691987-3798675826-3542024472-1000 - Administrator - Enabled) => C:\Users\Azareth
Guest (S-1-5-21-1201691987-3798675826-3542024472-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Security (Enabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516}
AS: ESET Security (Enabled - Up to date) {64EA0B2F-B2F3-2E04-491D-9CF1192F8FAB}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {E7B06BEE-DEA6-20D2-58F2-0EB69C7B826D}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
µTorrent (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\uTorrent) (Version: 3.5.5.45798 - BitTorrent Inc.)
ActiveSMART (HKLM-x32\...\ActiveSMART) (Version: 2.12.0 - Ariolic Software, Ltd.)
Adobe Acrobat Reader - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 23.006.20360 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AdoptOpenJDK JDK with Hotspot 15.0.0.36 (x64) (HKLM\...\{6FD8794F-74A7-4D10-95C0-0908CFDD571B}) (Version: 15.0.0.36 - AdoptOpenJDK)
Apache NetBeans IDE 12.1 (HKLM\...\nbi-nb-all-12.1.0.0.200825) (Version: 12.1 - Apache NetBeans)
Backup and Sync from Google (HKLM\...\{696895F7-52C7-4C9E-998B-C7E0CC907092}) (Version: 3.57.4256.0809 - Google, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BitTorrent Web (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\btweb) (Version: 1.3.0 - Rainberry, Inc.)
BlueStacks 5 (HKLM\...\BlueStacks_nxt) (Version: 5.9.0.1062 - BlueStack Systems, Inc.)
BlueStacks X (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\BlueStacks X) (Version: 0.17.1.1 - BlueStack Systems, Inc.)
Broadcom Gigabit Integrated Controller (HKLM\...\{F2205345-FA8D-474F-A2D9-FB31DB9663DF}) (Version: 12.32.01 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.5.1 - Broadcom Corporation)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.0.19 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.3.1.4 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.4.0 - Canon Inc.)
Canon MG3000 series Elektronická příručka (HKLM-x32\...\Canon MG3000 series Elektronická příručka) (Version: 1.3.0 - Canon Inc.)
Canon MG3000 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3000_series) (Version: 1.03 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.4 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.17 - Piriform)
CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 109.0.19987.122 - Autoři prohlížeče CCleaner Browser)
CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1067.0 - Piriform Software) Hidden
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1583.3 - Piriform Software) Hidden
CPUID CPU-Z 2.05 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.05 - CPUID, Inc.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.40.2.0131 - DT Soft Ltd)
DivX Total Pack (HKLM-x32\...\DivX Total Pack) (Version: - )
Docker Toolbox version 19.03.1 (HKLM\...\{FC4417F0-D7F3-48DB-BCE1-F5ED5BAFFD91}_is1) (Version: 19.03.1 - Docker)
Energy Management (HKLM-x32\...\{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.0 - Lenovo) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.0 - Lenovo)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESET Premium Line Encryption (HKLM\...\{764DBB66-954B-498B-A8F0-5674FF309BAC}) (Version: 2.0.0.29 - ESET) Hidden
ESET Security (HKLM\...\{CE7B3B12-4E4F-4ADF-B267-2703AD3AF581}) (Version: 16.0.26.0 - ESET, spol. s r.o.)
FormApps Signing Extension (HKLM-x32\...\{2ADAFEB7-56C5-497F-8960-67DA46A81838}) (Version: 2.27.0.46 - Software602 a.s.)
Git version 2.19.2 (HKLM\...\Git_is1) (Version: 2.19.2 - The Git Development Community)
GitHub Desktop (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\GitHubDesktop) (Version: 2.7.1 - GitHub, Inc.)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 68.0.2.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 109.0.5414.120 - Google LLC)
ChatGPT (HKLM\...\{DB96D069-D23D-4B36-BC7C-949F4D9B06E7}) (Version: 1.1.0 - lencx)
inSSIDer (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\inSSIDer) (Version: 5.5.0 - MetaGeek, LLC)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
IntelliJ IDEA Community Edition 2021.2.2 (HKLM-x32\...\IntelliJ IDEA Community Edition 2021.2.2) (Version: 212.5284.40 - JetBrains s.r.o.)
Java 8 Update 251 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180251F0}) (Version: 8.0.2510.8 - Oracle Corporation)
Kubernetes - Minikube - A Local Kubernetes Development Environment (HKLM-x32\...\Kubernetes Minikube) (Version: 1.31.2 - Kubernetes)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0333}) (Version: 1.10.1209.1 - Lenovo EasyCamera)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.7 - Lenovo)
Microsoft .NET Framework 4.8 (CSY) (HKLM\...\{39DC4515-B8C1-3AD9-AA88-D7C8A333612F}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{16735AF7-1D8D-3681-94A5-C578A61EC832}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.50 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 109.0.1518.140 - Microsoft Corporation)
Microsoft Office Standard 2016 - cs-cz (HKLM\...\StandardRetail - cs-cz) (Version: 16.0.12527.22286 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Microsoft Power BI Desktop (x64) (HKLM\...\{c60894d7-4f03-4ab0-9087-8f08eaa7e605}) (Version: 2.86.902.0 - Microsoft Corporation) Hidden
Microsoft PowerBI Desktop (x64) (HKLM-x32\...\{faca4f6e-ba68-429d-80e5-6699b9fa8601}) (Version: 2.86.902.0 - Microsoft Corporation)
Microsoft Teams classic (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Teams) (Version: 1.6.00.27573 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.22.27821 (HKLM\...\{6E2C7A8E-B17A-4637-9CE9-F0B1157CF378}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.22.27821 (HKLM\...\{0093C20C-273D-4397-B623-515CB8616CB9}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.22.27821 (HKLM-x32\...\{3BDE80F7-7EC9-448E-8160-4ADA0CDA8879}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.22.27821 (HKLM-x32\...\{1E6FC929-567E-4D22-9206-C5B83F0A21B9}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.70.3 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Npcap (HKLM-x32\...\NpcapInst) (Version: 1.76 - Nmap Project)
NVIDIA 3D Vision Controller Driver (HKLM-x32\...\NVIDIA StereoUSB Driver) (Version: 266.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation)
NVIDIA GeForce NOW 2.0.53.154 (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GeForceNOW) (Version: 2.0.53.154 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12527.22270 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12527.22270 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.12527.22270 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 6.1.14 (HKLM\...\{1B1CFE9F-D421-4193-ACB8-FDE4D565C715}) (Version: 6.1.14 - Oracle Corporation)
Pilulka (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\7956b9e08e731279722fe8fef4672f96) (Version: 1.0 - Google\Chrome)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 5.0.3.377 - Jan Fiala)
Python 3.8.6 (64-bit) (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\{fef707d7-d438-4dd9-bb0f-5788ee658f4f}) (Version: 3.8.6150.0 - Python Software Foundation)
Python 3.8.6 Add to Path (64-bit) (HKLM\...\{0CD35A78-6567-46C1-BC82-E258D6C3D66C}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python 3.8.6 Core Interpreter (64-bit) (HKLM\...\{DE282FFC-F4AD-416A-8479-F3C72F94C967}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python 3.8.6 Development Libraries (64-bit) (HKLM\...\{59704C10-77A1-4D72-A97B-8FB2A933985B}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python 3.8.6 Documentation (64-bit) (HKLM\...\{558E2EFE-87D5-4E3F-B050-D4DEC548EA02}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python 3.8.6 Executables (64-bit) (HKLM\...\{7F55BD37-4437-47EE-8C82-3103E19DB114}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python 3.8.6 pip Bootstrap (64-bit) (HKLM\...\{28B1EC39-1C9F-482C-BFF7-4D347CE5ADED}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python 3.8.6 Standard Library (64-bit) (HKLM\...\{04BA74DE-13BE-477C-8FE5-19F247C0D555}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python 3.8.6 Tcl/Tk Support (64-bit) (HKLM\...\{79C40B8F-BC99-4FFF-8E1E-F05D246E772C}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python 3.8.6 Test Suite (64-bit) (HKLM\...\{3968C4C7-904D-4571-BC22-1CD8B87549D7}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python 3.8.6 Utility Scripts (64-bit) (HKLM\...\{0A041F8F-4124-46CC-B021-AB8E70A873EC}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{3B82A91D-DB48-4160-94D2-0B8C6D2B1710}) (Version: 3.8.7205.0 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6339 - Realtek Semiconductor Corp.)
REDlauncher (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - GOG.com)
Registrace uživatele zařízení Canon MG3000 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG3000 series) (Version: - Canon Inc.)
Skype verze 8.67 (HKLM-x32\...\Skype_is1) (Version: 8.67 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
StarLeaf (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\StarLeaf) (Version: - StarLeaf)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.3 - TeamSpeak Systems GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.14.5 - TeamViewer)
uTorrent Web (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\utweb) (Version: 1.3.0 - Rainberry, Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Windows Driver Package - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo)
WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)
WinSCP 5.17.7 (HKLM-x32\...\winscp3_is1) (Version: 5.17.7 - Martin Prikryl)
Wondershare Filmora 12(Build 12.3.7.2586) (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Wondershare Filmora 12_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
XAMPP (HKLM\...\xampp) (Version: 7.4.11-0 - Bitnami)
Zoom (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\ZoomUMX) (Version: 5.10.4 (5035) - Zoom Video Communications, Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1201691987-3798675826-3542024472-1000_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Azareth\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.23241.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1201691987-3798675826-3542024472-1000_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2023-01-11] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2023-01-11] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2023-01-11] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2023-01-11] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ESD Shell Icon Overlay Identifier] -> {AF106685-9C86-48AF-8524-8F485C459E17} => C:\Program Files\ESET\ESET Secure Data\esdovrly.dll [2022-08-24] (DESlock Limited -> DESlock Limited)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2023-01-11] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-12-19] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-12-19] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2023-01-11] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2023-01-11] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-06-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-12-19] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-1201691987-3798675826-3542024472-1000: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\SysWOW64\DivXa32.acm [291408 2000-04-01] (Hacked With Joy !) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Azareth\Desktop\Jitsi Meet.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=jlaadppkhiohgnkipndimgjkoeifjhfm
ShortcutWithArgument: C:\Users\Azareth\Desktop\Pilulka.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hpdppkdegfmnmgbgceebhigdehgbingn
ShortcutWithArgument: C:\Users\Azareth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Jitsi Meet.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=jlaadppkhiohgnkipndimgjkoeifjhfm
ShortcutWithArgument: C:\Users\Azareth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Pilulka.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hpdppkdegfmnmgbgceebhigdehgbingn
==================== Loaded Modules (Whitelisted) =============
2023-08-17 15:17 - 2016-07-21 10:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2023-08-17 15:17 - 2017-09-12 10:34 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2020-07-26 17:15 - 2014-11-02 18:45 - 000029184 _____ () [File not signed] C:\Program Files (x86)\PSPad editor\pspshellx64.dll
2023-10-27 17:54 - 2023-10-27 17:54 - 000114176 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\_ctypes.pyd
2023-10-27 17:54 - 2023-10-27 17:54 - 000172544 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\_elementtree.pyd
2023-10-27 17:54 - 2023-10-27 17:54 - 002255872 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\_hashlib.pyd
2023-10-27 17:54 - 2023-10-27 17:54 - 000032256 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\_multiprocessing.pyd
2023-10-27 17:54 - 2023-10-27 17:54 - 000046080 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\_psutil_windows.pyd
2023-10-27 17:54 - 2023-10-27 17:54 - 000047616 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\_socket.pyd
2023-10-27 17:54 - 2023-10-27 17:54 - 002825216 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\_ssl.pyd
2023-10-27 17:54 - 2023-10-27 17:54 - 000026112 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\_yappi.pyd
2023-10-27 17:54 - 2023-10-27 17:54 - 000080896 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\bz2.pyd
2023-10-27 17:54 - 2023-10-27 17:54 - 000015872 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\common.time34.pyd
2023-10-27 17:54 - 2023-10-27 17:54 - 000007680 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\hashobjs_ext.pyd
2023-10-27 17:54 - 2023-10-27 17:54 - 000301568 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\PIL._imaging.pyd
2023-10-27 17:54 - 2023-10-27 17:54 - 000168448 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\pyexpat.pyd
2023-10-27 17:54 - 2023-10-27 17:54 - 001084416 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\pysqlite2._sqlite.pyd
2023-10-27 17:54 - 2023-10-27 17:54 - 000548864 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\pythoncom27.dll
2023-10-27 17:54 - 2023-10-27 17:54 - 000137728 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\pywintypes27.dll
2023-10-27 17:54 - 2023-10-27 17:54 - 000010752 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\select.pyd
2023-10-27 17:54 - 2023-10-27 17:54 - 000020992 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\thumbnails_ext.pyd
2023-10-27 17:54 - 2023-10-27 17:54 - 000689664 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\unicodedata.pyd
2023-10-27 17:54 - 2023-10-27 17:54 - 000119808 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\usb_ext.pyd
2023-10-27 17:54 - 2023-10-27 17:54 - 000128512 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\win32api.pyd
2023-10-27 17:54 - 2023-10-27 17:54 - 000438784 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\win32com.shell.shell.pyd
2023-10-27 17:54 - 2023-10-27 17:54 - 000011776 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\win32crypt.pyd
2023-10-27 17:54 - 2023-10-27 17:54 - 000023040 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\win32event.pyd
2023-10-27 17:54 - 2023-10-27 17:54 - 000149504 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\win32file.pyd
2023-10-27 17:54 - 2023-10-27 17:54 - 000223232 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\win32gui.pyd
2023-10-27 17:54 - 2023-10-27 17:54 - 000048128 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\win32inet.pyd
2023-10-27 17:54 - 2023-10-27 17:54 - 000029696 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\win32pdh.pyd
2023-10-27 17:54 - 2023-10-27 17:54 - 000027648 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\win32pipe.pyd
2023-10-27 17:54 - 2023-10-27 17:54 - 000044032 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\win32process.pyd
2023-10-27 17:54 - 2023-10-27 17:54 - 000020480 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\win32profile.pyd
2023-10-27 17:54 - 2023-10-27 17:54 - 000136192 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\win32security.pyd
2023-10-27 17:54 - 2023-10-27 17:54 - 000026624 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\win32ts.pyd
2023-10-27 17:54 - 2023-10-27 17:54 - 000034304 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\windows.conditional.pyd
2023-10-27 17:54 - 2023-10-27 17:54 - 000037888 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\windows.connectivity.pyd
2023-10-27 17:54 - 2023-10-27 17:54 - 000071680 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\windows.device_monitor.pyd
2023-10-27 17:54 - 2023-10-27 17:54 - 000103936 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\windows.volumes.pyd
2023-10-27 17:54 - 2023-10-27 17:54 - 000019968 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\windows.winwrap.pyd
2023-10-27 17:54 - 2023-10-27 17:54 - 001325056 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\wx._controls_.pyd
2023-10-27 17:54 - 2023-10-27 17:54 - 001489408 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\wx._core_.pyd
2023-10-27 17:54 - 2023-10-27 17:54 - 001007104 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\wx._gdi_.pyd
2023-10-27 17:54 - 2023-10-27 17:54 - 000103424 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\wx._html2.pyd
2023-10-27 17:54 - 2023-10-27 17:54 - 000916992 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\wx._misc_.pyd
2023-10-27 17:54 - 2023-10-27 17:54 - 001039872 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\wx._windows_.pyd
2023-08-06 23:51 - 2023-08-06 23:51 - 001490944 _____ () [File not signed] C:\Users\Azareth\AppData\Roaming\uTorrent Web\avcodec-58.dll
2023-08-06 23:51 - 2023-08-06 23:51 - 000949248 _____ () [File not signed] C:\Users\Azareth\AppData\Roaming\uTorrent Web\avformat-58.dll
2023-08-06 23:51 - 2023-08-06 23:51 - 000635392 _____ () [File not signed] C:\Users\Azareth\AppData\Roaming\uTorrent Web\avutil-56.dll
2023-08-06 23:51 - 2023-08-06 23:51 - 000153088 _____ () [File not signed] C:\Users\Azareth\AppData\Roaming\uTorrent Web\swresample-3.dll
2020-05-07 08:33 - 2017-07-05 13:49 - 000593920 _____ (CANON INC.) [File not signed] [File is in use] C:\Program Files (x86)\Canon\Quick Menu\CNQMMWRP.dll
2022-01-27 12:15 - 2015-06-17 17:01 - 000008192 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_CSY.DLL
2022-01-27 12:15 - 2015-06-17 17:00 - 000104960 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_IMG.dll
2020-05-07 08:33 - 2017-07-05 13:43 - 000561152 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\Quick Menu\CCL.dll
2023-10-27 18:14 - 2023-10-27 18:14 - 000254464 ____N (Java(TM) Native Access (JNA)) [File not signed] C:\Users\Azareth\AppData\Local\JetBrains\IdeaIC2021.2\tmp\jna4264289066889282508.dll
2023-10-27 17:54 - 2023-10-27 17:54 - 003043328 _____ (Python Software Foundation) [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\python27.dll
2023-08-06 23:51 - 2023-08-06 23:51 - 002554880 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Users\Azareth\AppData\Roaming\uTorrent Web\libcrypto-1_1.dll
2023-08-06 23:51 - 2023-08-06 23:51 - 000537600 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Users\Azareth\AppData\Roaming\uTorrent Web\libssl-1_1.dll
2023-08-17 15:17 - 2017-09-12 10:36 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll
2023-10-27 17:54 - 2023-10-27 17:54 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\wxbase30u_net_vc90_x64.dll
2023-10-27 17:54 - 2023-10-27 17:54 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\wxbase30u_vc90_x64.dll
2023-10-27 17:54 - 2023-10-27 17:54 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\wxmsw30u_adv_vc90_x64.dll
2023-10-27 17:54 - 2023-10-27 17:54 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\wxmsw30u_core_vc90_x64.dll
2023-10-27 17:54 - 2023-10-27 17:54 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\wxmsw30u_html_vc90_x64.dll
2023-10-27 17:54 - 2023-10-27 17:54 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI45642\wxmsw30u_webview_vc90_x64.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Version 11) (Whitelisted) ==========
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_251\bin\ssv.dll [2020-07-08] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2021-07-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-07-08] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-04-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2021-07-19] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-20] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\localhost -> localhost
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\AdoptOpenJDK\jdk-15.0.0.36-hotspot\bin;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Git\cmd
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Azareth\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 1.1.1.1 - 1.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: ) (ConsentPromptBehaviorUser: ) (EnableLUA: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{C3D0169D-E423-43B2-A9F1-82D90F808499}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{268EA943-A9F5-4B03-BC00-58EE35917216}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4463F500-2E0E-4F6F-8317-41CF5057EB01}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EEB87C4F-A862-4427-BD38-98C097439763}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{40B8E80C-C3FE-43BA-8A78-E56D8390219D}C:\users\azareth\desktop\utorrent\utorrent.exe] => (Allow) C:\users\azareth\desktop\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{64E36E68-B8EE-40AA-9C6C-123EADC1BBC5}C:\users\azareth\desktop\utorrent\utorrent.exe] => (Allow) C:\users\azareth\desktop\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{DEA8167A-1DD6-4FC4-B907-31D1B99F3F0B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{29FE9DDE-2341-4A34-8D18-1770CD73DC70}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E69DB11A-1521-488C-A187-1B3F8E6B3C25}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{66EC055D-F17B-4856-8DA8-AD5C3D757A12}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1BE4A71F-AD12-4F0C-BD72-74758AD786D2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B9BF44AF-E01A-42B5-92FA-EFC16537B726}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B069DFCE-538A-4B1E-A017-4A553267608F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{5E3F6726-D520-408B-9250-22675EAB349A}C:\users\azareth\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\azareth\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{E60BE4A2-1AAE-46FC-81A2-E36E43A8835E}C:\users\azareth\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\azareth\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{F2D8D5DB-01E4-40D3-B147-87AC027934FC}C:\users\azareth\desktop\teamspeak3-server_win64\ts3server.exe] => (Allow) C:\users\azareth\desktop\teamspeak3-server_win64\ts3server.exe (TeamSpeak Systems GmbH -> TeamSpeak Systems GmbH)
FirewallRules: [UDP Query User{8BCC844E-D4D4-4748-AEE0-7DBFB89AC5F9}C:\users\azareth\desktop\teamspeak3-server_win64\ts3server.exe] => (Allow) C:\users\azareth\desktop\teamspeak3-server_win64\ts3server.exe (TeamSpeak Systems GmbH -> TeamSpeak Systems GmbH)
FirewallRules: [TCP Query User{E84DCF75-7CEC-455D-88A4-83108691E79F}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [UDP Query User{047E92EF-36A3-4441-B0F9-1A06FD0C5A9C}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [{06C84385-989D-4978-B3E2-D70937FF0E5D}] => (Allow) LPort=80
FirewallRules: [{7253B2E0-BDED-4CBF-AC8B-26085B50EFC4}] => (Allow) C:\xampp\xampp_start.exe (Apache Friends) [File not signed]
FirewallRules: [{686E685E-6D13-4B46-A210-CE0F2303876F}] => (Allow) C:\xampp\xampp_start.exe (Apache Friends) [File not signed]
FirewallRules: [{5315001D-1954-4B22-9BA6-285801726CCE}] => (Allow) C:\Users\Azareth\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{E323FD69-B750-4D16-BA26-5B79559194C2}] => (Allow) C:\Program Files\Microsoft Power BI Desktop\bin\msmdsrv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{55B5EFDC-96FC-46E2-B2A0-183A8BA12BFE}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9AB48081-31EB-4932-9AF1-CB654AA10E54}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C2D306FA-F535-49A2-B4FE-01D77D0764CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{F2F0CAFB-F961-423C-B600-B30790B57C30}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{8F4A44DA-32E8-4D56-B293-618094546E94}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0EFD3AC2-E653-4DD7-A984-97C670C66D98}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7F7706E0-7590-47DC-9E6E-0A825F6EA77E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{12850751-BA5C-42A2-9788-4AAA6ED97C8A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F0513F4D-4AFA-437E-9637-0559A706D8C9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{8CD2F793-F1DA-4C7C-8FB9-C707F2DD68A5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A504E568-F569-40C2-B523-9E1C09520060}] => (Allow) C:\Users\Azareth\AppData\Local\StarLeaf\StarLeaf\1\StarLeafc.exe (StarLeaf Ltd -> StarLeaf Ltd.)
FirewallRules: [{77C1F7EF-8F66-4AA3-8DD9-CE80E5649313}] => (Allow) C:\Users\Azareth\AppData\Local\StarLeaf\StarLeaf\2\StarLeafc.exe (StarLeaf Ltd -> StarLeaf Ltd.)
FirewallRules: [{233F3575-972F-4593-95FC-1E8D110CA082}] => (Allow) C:\Users\Azareth\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{F7F01701-40F2-44E4-91FF-77F2E2B82866}] => (Allow) C:\Users\Azareth\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{A4214290-C2BE-4605-84F6-1F0E7C06FC14}] => (Allow) C:\Users\Azareth\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{C573431D-6297-4F10-B463-D4F0B5C2DE2C}C:\users\azareth\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\azareth\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{7FF8DEC8-397B-43C5-8DD7-63C5D0E7EFC6}C:\users\azareth\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\azareth\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{07EAE3FA-5D2B-4831-B0F1-5C5B9F8D240E}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.)
FirewallRules: [{1BC5E4DC-689F-40EC-9C25-A32A7689C132}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.)
FirewallRules: [{489A8295-0D52-4BF4-A054-A50E523A7C48}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe (Bluestack Systems, Inc -> BlueStack Systems)
FirewallRules: [{3355ECED-70C8-42EE-8215-BF7719056904}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{687AE984-3D1B-4D23-BE0D-344FD74BF811}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FirewallRules: [TCP Query User{0D1B9709-71ED-4A82-AFF0-EBC6AF4D8B1A}C:\users\azareth\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\azareth\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{B8821249-2A57-4F8B-8881-0CF245F0AE01}C:\users\azareth\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\azareth\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EF5D316F-A085-4A2B-AAAA-0A9E42486166}] => (Allow) C:\Users\Azareth\AppData\Roaming\uTorrent Web\utweb.exe (Rainberry Inc -> BitTorrent Inc.)
FirewallRules: [{FBE1976B-05A5-4F39-95EE-D6F99F386EE1}] => (Allow) C:\Users\Azareth\AppData\Roaming\uTorrent Web\utweb.exe (Rainberry Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{9456E5CE-8F7F-42B8-8A26-6793EB108529}C:\program files\jetbrains\intellij idea community edition 2021.2.2\jbr\bin\java.exe] => (Allow) C:\program files\jetbrains\intellij idea community edition 2021.2.2\jbr\bin\java.exe
FirewallRules: [UDP Query User{28270238-FA7E-484E-9110-3083CC87C683}C:\program files\jetbrains\intellij idea community edition 2021.2.2\jbr\bin\java.exe] => (Allow) C:\program files\jetbrains\intellij idea community edition 2021.2.2\jbr\bin\java.exe
FirewallRules: [{A7723DCC-7340-40D3-BA86-A2CB3710DD42}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.140\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
27-10-2023 17:54:54 Windows Update
27-10-2023 18:53:19 Installed Oracle VM VirtualBox 6.1.14
==================== Faulty Device Manager Devices ============
Name: VirtualBox Bridged Networking Driver Miniport #7
Description: VirtualBox Bridged Networking Driver Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetFlt
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (10/27/2023 06:52:15 PM) (Source: MsiInstaller) (EventID: 10005) (User: Azareth-PC)
Description: Product: Oracle VM VirtualBox 7.0.12 -- Oracle VM VirtualBox 7.0.12 needs the Microsoft Visual C++ 2019 Redistributable Package being installed first. Please install and restart the installation of Oracle VM VirtualBox 7.0.12.
Error: (10/27/2023 05:55:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: CNQMUPDT.EXE, verze: 2.8.5.0, časové razítko: 0x595c7036
Název chybujícího modulu: CNMDWLD.DLL, verze: 1.0.0.0, časové razítko: 0x4f5eedc8
Kód výjimky: 0xc0000005
Posun chyby: 0x000023c6
ID chybujícího procesu: 0x1f30
Čas spuštění chybující aplikace: 0x01da08edf07693ce
Cesta k chybující aplikaci: C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
Cesta k chybujícímu modulu: C:\Program Files (x86)\Canon\Quick Menu\CNMDWLD.DLL
ID zprávy: 3598784c-74e1-11ee-a58e-60d819eb4346
Error: (10/27/2023 05:54:28 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Lenovo\Boot Optimizer\MFC80UD.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (10/25/2023 02:54:05 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Lenovo\Boot Optimizer\MFC80UD.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (10/25/2023 11:45:02 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Lenovo\Boot Optimizer\MFC80UD.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (10/24/2023 06:48:03 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Lenovo\Boot Optimizer\MFC80UD.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (10/24/2023 12:31:31 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Lenovo\Boot Optimizer\MFC80UD.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (10/24/2023 07:30:28 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Lenovo\Boot Optimizer\MFC80UD.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
System errors:
=============
Error: (10/27/2023 07:26:28 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} se v daném časovém limitu neregistroval u služby DCOM.
Error: (10/27/2023 06:55:07 PM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: Ovladač zjistil interní chybu ovladače na \Device\VBoxNetLwf.
Error: (10/27/2023 05:54:37 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 80.
Error: (10/27/2023 05:54:36 PM) (Source: sptd) (EventID: 4) (User: )
Description: Ovladač zjistil interní chybu ve vlastní struktuře dat u .
Error: (10/27/2023 05:54:36 PM) (Source: sptd) (EventID: 4) (User: )
Description: Ovladač zjistil interní chybu ve vlastní struktuře dat u .
Error: (10/27/2023 05:51:16 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Launch pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (Using LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/25/2023 02:54:58 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Launch pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (Using LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/25/2023 02:54:22 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 80.
==================== Memory info ===========================
BIOS: LENOVO 47CN30WW(V2.08) 08/01/2011
Motherboard: LENOVO Base Board Product Name
Processor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Percentage of memory in use: 82%
Total physical RAM: 8135.86 MB
Available physical RAM: 1393.71 MB
Total Virtual: 16494.61 MB
Available Virtual: 2258.59 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:223.47 GB) (Free:38.89 GB) (Model: KINGSTON SA400S37240G ATA Device) NTFS
Drive d: () (Fixed) (Total:29.82 GB) (Free:3.06 GB) (Model: SAMSUNG MMCRE32GEDXP-MVBL1 ATA Device) NTFS
\\?\Volume{0c0fbdce-888a-11ea-afec-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: E1E2FABC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (Size: 29.8 GB) (Disk ID: 6A205247)
No partition Table on disk 1.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu.
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu.
Zdravím!
Mohu vědět, proč sem dáváte jeden příspěvek 2x? Otevřte poznámkový blok a zkopírujte do něj:
Mohu vědět, proč sem dáváte jeden příspěvek 2x? Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
U3 a59624zp; C:\Windows\System32\Drivers\a59624zp.sys [0 0000-00-00] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
C:\Users\Azareth\AppData\Local\Temp
FirewallRules: [{C2D306FA-F535-49A2-B4FE-01D77D0764CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{F2F0CAFB-F961-423C-B600-B30790B57C30}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu.
Nastavení oprávnění application-specific neuděluje oprávnění Local Launch pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (Using LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (Using LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Re: Prosím o kontrolu logu.
Jde mi spíše o toto. Lzenějak registry vrátit do původních hodnot i s oprávněními? masivně?
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu.
OK. Nevím, o co se jedná . Pokud zadáte vlákno, v kterém nechcete vyčistit komp, musíte to předem říci. Máte tam jasně napsáno:
. Log jsem vám zkontroloval a to, že chcete od nás něco jiného, bohužel nemohu tušit. Také jste mi neodpověděl na otázku, proč dáváte stejnou žádost 2x.Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?