PUP.CrossRider

[Giraffe]

Ahoj,
potřeboval bych pomoct zbavit se tohodle šmejda. AdwCleaner ho sice smaže, ale než řeknu "borůvkový koláč" tak je zpátky, šmejd jeden.

Snímek obrazovky 2.png (41.99 KiB) Zobrazeno 4204 x

[JaRon]

Ahoj,
vloz oba logy frst

[Giraffe]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-03-2025
Ran by FantoGir (administrator) on DESKTOP-51AH7CS (04-03-2025 18:40:18)
Running from C:\Users\FantoGir\Desktop\FRST64.exe
Loaded Profiles: FantoGir
Platform: Microsoft Windows 11 Pro Version 24H2 26100.3194 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\AVG\Antivirus\AVGSvc.exe ->) (AVG Technologies USA, LLC -> Gen Digital Inc.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe
(C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_525.1301.30.0_x64__cw5n1h2txyewy\WidgetBoard.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\133.0.3065.92\msedgewebview2.exe <7>
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft FZE LLC) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <36>
(explorer.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Users\FantoGir\Desktop\adwcleaner_8.4.2.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE
(Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\CCleaner\CCleaner64.exe
(Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAM.exe
(Riot Games, Inc. -> Riot Games, Inc.) C:\Users\FantoGir\Desktop\Games\Riot Games\Riot Client\RiotClientServices.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft FZE LLC) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe
(services.exe ->) (AVG Technologies USA, LLC -> Gen Digital Inc.) C:\Program Files\AVG\Antivirus\afwServ.exe
(services.exe ->) (AVG Technologies USA, LLC -> Gen Digital Inc.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> Gen Digital Inc.) C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
(services.exe ->) (Industrial Contracting, LLC -> EternalCast) C:\Program Files (x86)\EternalCast\EternalCast.exe <2>
(services.exe ->) (LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_0afec3f2050014a0\Display.NvContainer\NVDisplay.Container.exe <2>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.235.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_525.1301.30.0_x64__cw5n1h2txyewy\WidgetBoard.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Microsoft.AAD.BrokerPlugin.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [4133064 2025-02-28] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [464712 2025-02-12] (AVG Technologies USA, LLC -> Gen Digital Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [7811960 2024-03-25] (LogMeIn, Inc. -> LogMeIn Inc.)
HKLM-x32\...\RunOnce: [ccleaner_update_helper] => C:\Program Files\CCleaner\ccleaner_update_helper.exe [822984 2025-03-03] (PIRIFORM SOFTWARE LIMITED -> Piriform)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1493484511-2504686390-3813843252-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [5007376 2025-03-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1493484511-2504686390-3813843252-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\FantoGir\AppData\Local\Microsoft\Teams\Update.exe [2588640 2023-11-24] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1493484511-2504686390-3813843252-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1848064 2025-02-17] (Overwolf Ltd -> Overwolf Ltd.)
HKU\S-1-5-21-1493484511-2504686390-3813843252-1001\...\Run: [RiotClient] => C:\Users\FantoGir\Desktop\Games\Riot Games\Riot Client\RiotClientServices.exe [74678168 2025-03-03] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-1493484511-2504686390-3813843252-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [482640 2023-11-24] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
HKU\S-1-5-21-1493484511-2504686390-3813843252-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4406632 2024-09-11] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1493484511-2504686390-3813843252-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45452080 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.)
HKU\S-1-5-21-1493484511-2504686390-3813843252-1001\...\MountPoints2: {a6e75939-8a3c-11ee-ac14-833ebfd4365b} - "E:\autorun.exe"
HKU\S-1-5-21-1493484511-2504686390-3813843252-1001\...\MountPoints2: {bc6ab1be-8c4f-11ee-ac14-833ebfd4365b} - "F:\autorun.exe"
HKLM\...\Print\Monitors\PDF-XChange Standard Port Monitor: C:\Windows\system32\pxcpm.dll [2147584 2020-01-06] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\133.0.6943.142\Installer\chrmstp.exe [2025-02-27] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {4CF41FE0-5123-4358-BCF6-1DB7A82FE277} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2024-12-18] (Adobe Inc. -> Adobe Inc.)
Task: {8450D0AD-AB63-4AD4-9BF4-62477238FA04} - System32\Tasks\AVG\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [5251400 2025-02-12] (AVG Technologies USA, LLC -> Gen Digital Inc.)
Task: {E206EF2E-2CE2-4075-8755-AA20B61D324D} - System32\Tasks\AVG\AVG Antivirus Patcher => C:\Program Files\Common Files\AVG\Icarus\avg-av\icarus.exe [8425288 2024-12-16] (AVG Technologies USA, LLC -> Gen Digital Inc.)
Task: {D20EC4DD-90F8-4F7E-BF2B-3AD8C9893059} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2385856 2024-09-07] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {D279D96E-D84F-49D6-BAB9-4E2AC815CB99} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [3480504 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {23F7413A-4F4C-4721-9100-92DD4EE6B6C0} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [6139696 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "e896ffba-04f0-4a56-96ac-2ab85917ced8" --version "6.33.0.11465" --silent
Task: {5C1BFEE7-E787-4BD6-95FB-F5DAFD091DA6} - System32\Tasks\CCleanerSkipUAC - FantoGir => C:\Program Files\CCleaner\CCleaner.exe [39224624 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {AE27965A-085C-4115-9FF5-5095340C2CE5} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem135.0.7023.0{18E5B805-082F-400E-B192-8F5621632C75} => C:\Program Files (x86)\Google\GoogleUpdater\135.0.7023.0\updater.exe [5745760 2025-02-19] (Google LLC -> Google LLC)
Task: {8A60857F-155A-41EF-AD81-962C9971440F} - System32\Tasks\Microsoft\Office\Office Apps Prewarm => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312440 2025-02-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {A9A42398-A1AD-4821-978C-F7E4B2F63C7E} - System32\Tasks\Microsoft\Office\Office Apps Prewarm Recurring => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312440 2025-02-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {9056B4E2-1E5F-442E-A3B8-43263BE18E69} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28752616 2025-02-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {8BBA978F-6930-4489-82E2-1F81D9320A9F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28752616 2025-02-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {3B5AF651-995F-4D23-98E8-D32A77DD01C6} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312440 2025-02-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {53FEF17F-94D7-4909-8EE2-E8AABA75D8FB} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312440 2025-02-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {D8800771-B39B-4AD4-9F07-F936EB5DD947} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [194672 2025-02-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {27CE9D59-9D48-4D29-99BC-64657AEBA494} - System32\Tasks\Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask => {8702A841-D5CA-47C3-812D-9CEDC304C200}
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {888EEFBE-986B-4881-A264-AAD8D912ADEF} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [674720 2025-02-15] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {C52BBA8D-8163-402A-8B51-45EA44B99C62} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [35232 2025-02-15] (Mozilla Corporation -> Mozilla Foundation)
Task: {8F3CD9B5-73E5-4951-A269-F288B3128B26} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222504 2025-03-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {F0053171-ABC8-45C0-9464-D9812FF7601E} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1493484511-2504686390-3813843252-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222504 2025-03-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {C11B74A9-4C58-4221-8F02-1CB4224789C3} - System32\Tasks\OneDrive Startup Task-S-1-5-21-1493484511-2504686390-3813843252-1001 => C:\Program Files\Microsoft OneDrive\25.020.0202.0001\OneDriveLauncher.exe [669200 2025-03-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {31F69A03-095F-4A0C-B895-7DBF8DAA9EF0} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2397440 2025-02-17] (Overwolf Ltd -> Overwolf LTD) -> C:\Program Files (x86)\Overwolf\/RunningFrom Schedule

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6da51b46-867d-4818-9b69-012fdcfac055}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\FantoGir\AppData\Local\Microsoft\Edge\User Data\Default [2025-03-03]
Edge Session Restore: Default -> is enabled.
Edge Extension: (Dokumenty Google offline) - C:\Users\FantoGir\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-31]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Edge relevant text changes) - C:\Users\FantoGir\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (League of Legends Thresh Wallpaper HomePage) - C:\Users\FantoGir\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nefjihifpdnbmodhhndgjcknjhnjpbgh [2024-06-10]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]

FireFox:
========
FF DefaultProfile: 1kkwdjge.default
FF ProfilePath: C:\Users\FantoGir\AppData\Roaming\Mozilla\Firefox\Profiles\1kkwdjge.default [2024-09-07]
FF ProfilePath: C:\Users\FantoGir\AppData\Roaming\Mozilla\Firefox\Profiles\5mu6o2tq.default-release [2025-03-04]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-12-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-01-06] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-01-06] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-01-06] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-02-21] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-12-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2020-01-06] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2020-01-06] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2020-01-06] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-01-06] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-01-06] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-01-06] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1493484511-2504686390-3813843252-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-01-06] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1493484511-2504686390-3813843252-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-01-06] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1493484511-2504686390-3813843252-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-01-06] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\FantoGir\AppData\Local\Google\Chrome\User Data\Default [2024-10-08]
CHR DefaultSearchURL: Default -> hxxps://search.seznam.cz/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> seznam.cz
CHR DefaultNewTabURL: Default -> hxxps://search.seznam.cz/newtab
CHR DefaultSuggestURL: Default -> hxxps://suggest.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\FantoGir\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-11-24]hxxps://clients2.google.com/service/update2/crx
CHR Profile: C:\Users\FantoGir\AppData\Local\Google\Chrome\User Data\Profile 1 [2025-03-04]
CHR HomePage: Profile 1 -> hxxp://www.seznam.cz/
CHR StartupUrls: Profile 1 -> "hxxp://empire.goodgamestudios.com/?country=CZ","hxxp://s18.sfgame.cz/?cid=sfczCSgoaw00001","hxxp://s26.sfgame.cz/","hxxp://tv.seznam.cz/radkovy-program","hxxp://grooveshark.com/#!/raoon/broadcast","hxxp://www.ulozto.cz/xJJYHrxC/deep-dance-95-5- ... oogle.com/"
CHR DefaultSearchURL: Profile 1 -> hxxps://search.seznam.cz/?q={searchTerms}
CHR DefaultSearchKeyword: Profile 1 -> seznam.cz
CHR DefaultNewTabURL: Profile 1 -> hxxps://search.seznam.cz/?sourceid=chromechoice
CHR DefaultSuggestURL: Profile 1 -> hxxps://suggest.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Session Restore: Profile 1 -> is enabled.
CHR Extension: (League Of Legends Theme HD) - C:\Users\FantoGir\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cpcopjjgbjjimlikahlijmbanemhilkf [2023-11-24]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Gladiatus Crazy Add On) - C:\Users\FantoGir\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dfbmiedjenagoegiiabjfjpkhfocifkp [2024-09-18]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\FantoGir\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-03-04]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (McAfee® WebAdvisor) - C:\Users\FantoGir\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2025-02-27]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Dokumenty Google offline) - C:\Users\FantoGir\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-02-21]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\FantoGir\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2025-02-18]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\FantoGir\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-11-24]hxxps://clients2.google.com/service/update2/crx
CHR Profile: C:\Users\FantoGir\AppData\Local\Google\Chrome\User Data\System Profile [2023-11-25]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKU\S-1-5-21-1493484511-2504686390-3813843252-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2024-12-18] (Adobe Inc. -> Adobe Inc.)
S3 aspnet_state; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [32768 2003-02-20] (Microsoft Corporation) [File not signed]
S2 AsusUpdateCheck; C:\WINDOWS\System32\AsusUpdateCheck.exe [524568 2025-02-28] (ASUSTeK Computer Inc. -> )
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [815432 2025-02-12] (AVG Technologies USA, LLC -> Gen Digital Inc.)
R2 AVG Firewall; C:\Program Files\AVG\Antivirus\afwServ.exe [2446152 2025-02-12] (AVG Technologies USA, LLC -> Gen Digital Inc.)
R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [1266504 2025-02-12] (AVG Technologies USA, LLC -> Gen Digital Inc.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [7405896 2025-02-12] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVGWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [109480 2024-09-07] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1088816 2025-02-18] (Gen Digital Inc. -> Gen Digital Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13617384 2025-02-08] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4974416 2023-11-24] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
R2 EternalCast; C:\Program Files (x86)\EternalCast\EternalCast.exe [5899088 2025-02-27] (Industrial Contracting, LLC -> EternalCast)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\25.020.0202.0001\FileSyncHelper.exe [3532816 2025-03-03] (Microsoft Corporation -> Microsoft Corporation)
S2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [4920184 2024-03-25] (LogMeIn, Inc. -> LogMeIn Inc.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9483456 2025-02-15] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-02-15] (Malwarebytes Inc. -> Malwarebytes)
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpDefenderCoreService.exe [1427024 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_0afec3f2050014a0\Display.NvContainer\NVDisplay.Container.exe [1275000 2024-09-15] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\25.020.0202.0001\OneDriveUpdaterService.exe [3879952 2025-03-03] (Microsoft Corporation -> Microsoft Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Common Files\Overwolf\OverwolfUpdater.exe [2397440 2025-02-17] (Overwolf Ltd -> Overwolf LTD)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559304 2025-02-27] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [43241544 2025-02-28] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\NisSrv.exe [3199648 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MsMpEng.exe [133704 2024-08-08] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2018-07-20] (ASUSTeK Computer Inc. -> )
R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [20560 2025-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [235088 2025-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [383056 2025-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [296016 2025-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [84560 2025-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [28280 2024-11-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [28728 2025-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [275024 2025-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [550992 2025-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [98360 2025-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [69712 2025-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [955960 2025-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [1424952 2025-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [204344 2025-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [381488 2025-02-12] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2023-11-24] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [63696 2023-11-24] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2024-03-25] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [234072 2025-02-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2025-02-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2025-02-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_feec7a9662e785f0\rtcx21x64.sys [539648 2024-03-28] (Microsoft Windows -> Realtek)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [29425264 2025-02-28] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [22080 2024-08-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [602504 2024-08-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2024-08-08] (Microsoft Windows -> Microsoft Corporation)
R0 WinSetupMon; C:\WINDOWS\System32\DRIVERS\WinSetupMon.sys [169408 2025-02-07] (Microsoft Windows -> Microsoft Corporation)
U3 AVG Business Console Client Antivirus Service; no ImagePath
U3 avgBcc; no ImagePath
U3 avgbdisk; no ImagePath
S4 GSDriver; \SystemRoot\System32\drivers\GSDriver64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-03-04 18:03 - 2025-03-04 18:03 - 001790024 _____ (Malwarebytes) C:\Users\FantoGir\Desktop\JRT.exe
2025-03-04 17:52 - 2025-03-04 17:59 - 000000000 ____D C:\ProgramData\HitmanPro
2025-03-04 17:31 - 2025-03-04 17:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Anti-Malware
2025-03-04 17:31 - 2025-03-04 17:31 - 000000000 ____D C:\ProgramData\GridinSoft
2025-03-04 17:30 - 2025-03-04 17:45 - 000000000 ____D C:\Program Files\GridinSoft Anti-Malware
2025-03-04 17:30 - 2025-03-04 17:30 - 002335464 _____ (Gridinsoft LLC) C:\Users\FantoGir\Desktop\setup-gridinsoft-fix.exe
2025-03-03 17:53 - 2025-03-03 17:54 - 000000000 ____D C:\AdwCleaner
2025-03-03 17:53 - 2025-03-03 17:53 - 008790880 _____ (Malwarebytes) C:\Users\FantoGir\Desktop\adwcleaner_8.4.2.exe
2025-03-03 17:42 - 2025-03-04 15:09 - 000000000 ____D C:\Program Files\CCleaner
2025-03-03 17:42 - 2025-03-04 15:08 - 000003386 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2025-03-03 17:42 - 2025-03-04 15:08 - 000000670 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2025-03-03 17:42 - 2025-03-04 15:07 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2025-03-03 17:42 - 2025-03-03 17:42 - 000002916 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - FantoGir
2025-03-03 17:42 - 2025-03-03 17:42 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2025-03-03 17:42 - 2025-03-03 17:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2025-03-03 17:11 - 2025-03-04 18:40 - 000032118 _____ C:\Users\FantoGir\Desktop\FRST.txt
2025-03-03 17:10 - 2025-03-04 18:40 - 000000000 ____D C:\FRST
2025-03-03 17:10 - 2025-03-03 17:10 - 002404352 _____ (Farbar) C:\Users\FantoGir\Desktop\FRST64.exe
2025-02-28 22:48 - 2025-02-28 22:48 - 000740644 _____ C:\WINDOWS\system32\perfh005.dat
2025-02-28 22:48 - 2025-02-28 22:48 - 000168270 _____ C:\WINDOWS\system32\perfc005.dat
2025-02-27 13:48 - 2025-02-27 13:48 - 000000731 _____ C:\Users\Public\Desktop\Play Warlords Battlecry III.lnk
2025-02-27 13:47 - 2025-02-27 13:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enlight
2025-02-27 13:45 - 2025-02-27 13:50 - 756918762 _____ C:\Users\FantoGir\Desktop\Warlords Battlecry II (USA).zip
2025-02-27 13:42 - 2025-02-27 13:45 - 708827136 _____ C:\Users\FantoGir\Desktop\Warlords Battecry III.iso
2025-02-27 13:40 - 2025-03-04 17:45 - 000000000 ____D C:\ProgramData\EternalCast
2025-02-27 13:40 - 2025-02-27 13:40 - 000000000 ____D C:\Users\FantoGir\AppData\Roaming\EternalCast
2025-02-27 13:39 - 2025-02-27 13:39 - 000000000 ____D C:\Program Files (x86)\EternalCast
2025-02-27 08:38 - 2025-02-27 08:38 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2025-02-27 08:35 - 2025-03-04 15:13 - 000004218 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{33E41CC3-985A-4477-9F29-4A87FB0A7CAB}
2025-02-27 08:35 - 2025-03-03 19:26 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1493484511-2504686390-3813843252-1001
2025-02-27 08:35 - 2025-03-03 19:26 - 000003552 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-1493484511-2504686390-3813843252-1001
2025-02-27 08:35 - 2025-03-03 19:26 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2025-02-27 08:35 - 2025-02-28 22:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-02-27 08:35 - 2025-02-28 22:38 - 000003568 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-02-27 08:35 - 2025-02-28 22:38 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2025-02-27 08:35 - 2025-02-28 22:38 - 000003344 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-02-27 08:35 - 2025-02-28 22:38 - 000003270 _____ C:\WINDOWS\system32\Tasks\Overwolf Updater Task
2025-02-27 08:35 - 2025-02-28 22:34 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2025-02-27 08:35 - 2025-02-27 08:35 - 000000020 ___SH C:\Users\FantoGir\ntuser.ini
2025-02-27 08:35 - 2025-02-27 08:35 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2025-02-27 08:35 - 2025-02-27 08:35 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem
2025-02-27 08:35 - 2025-02-27 08:35 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG
2025-02-27 08:33 - 2025-02-27 08:33 - 000000000 ____D C:\Users\FantoGir\AppData\Roaming\Microsoft\SystemCertificates
2025-02-27 08:33 - 2025-02-27 08:33 - 000000000 ____D C:\Users\FantoGir\AppData\Roaming\Microsoft\Network
2025-02-27 08:33 - 2025-02-27 08:33 - 000000000 ____D C:\Users\FantoGir\AppData\Roaming\Microsoft\Crypto
2025-02-27 08:33 - 2025-02-27 08:33 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Network
2025-02-27 08:32 - 2025-02-28 22:41 - 000000438 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-02-27 08:30 - 2025-03-03 17:19 - 000000000 ____D C:\Users\FantoGir\AppData\Roaming\Microsoft\Spelling
2025-02-27 08:30 - 2025-02-28 22:41 - 000000000 ____D C:\Users\FantoGir
2025-02-27 08:30 - 2025-02-27 08:36 - 000000000 ____D C:\Users\FantoGir\AppData\Roaming\Microsoft\Windows
2025-02-27 08:30 - 2025-02-27 08:30 - 000000000 _SHDL C:\Users\FantoGir\Šablony
2025-02-27 08:30 - 2025-02-27 08:30 - 000000000 _SHDL C:\Users\FantoGir\Soubory cookie
2025-02-27 08:30 - 2025-02-27 08:30 - 000000000 _SHDL C:\Users\FantoGir\Poslední
2025-02-27 08:30 - 2025-02-27 08:30 - 000000000 _SHDL C:\Users\FantoGir\Okolní tiskárny
2025-02-27 08:30 - 2025-02-27 08:30 - 000000000 _SHDL C:\Users\FantoGir\Okolní síť
2025-02-27 08:30 - 2025-02-27 08:30 - 000000000 _SHDL C:\Users\FantoGir\Nabídka Start
2025-02-27 08:30 - 2025-02-27 08:30 - 000000000 _SHDL C:\Users\FantoGir\Dokumenty
2025-02-27 08:30 - 2025-02-27 08:30 - 000000000 _SHDL C:\Users\FantoGir\Documents\Obrázky
2025-02-27 08:30 - 2025-02-27 08:30 - 000000000 _SHDL C:\Users\FantoGir\Documents\Hudba
2025-02-27 08:30 - 2025-02-27 08:30 - 000000000 _SHDL C:\Users\FantoGir\Documents\Filmy
2025-02-27 08:30 - 2025-02-27 08:30 - 000000000 _SHDL C:\Users\FantoGir\Data aplikací
2025-02-27 08:30 - 2025-02-27 08:30 - 000000000 _SHDL C:\Users\FantoGir\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2025-02-27 08:30 - 2025-02-27 08:30 - 000000000 _SHDL C:\Users\FantoGir\AppData\Local\Data aplikací
2025-02-27 08:30 - 2025-02-27 08:30 - 000000000 ____D C:\Users\FantoGir\AppData\Roaming\Microsoft\CLR Security Config
2025-02-27 08:29 - 2025-02-28 22:48 - 001794638 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-02-27 08:28 - 2025-03-04 17:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-02-27 08:28 - 2025-02-27 08:35 - 000000000 ____D C:\Windows.old
2025-02-27 08:28 - 2025-02-27 08:28 - 000324744 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-02-27 08:26 - 2025-02-27 08:28 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2025-02-27 08:24 - 2025-02-27 08:26 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2025-02-27 08:24 - 2025-02-27 08:24 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2025-02-27 08:21 - 2025-02-27 08:21 - 000027617 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-02-27 08:21 - 2025-02-27 08:21 - 000005264 _____ C:\WINDOWS\system32\ecoscore_config.json
2025-02-27 08:21 - 2025-02-27 08:21 - 000000998 _____ C:\WINDOWS\system32\DeviceFeatureDDF.json
2025-02-27 08:20 - 2025-02-27 08:20 - 000027617 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-02-27 08:17 - 2025-02-27 08:17 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2025-02-27 08:17 - 2025-02-27 08:17 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2025-02-27 08:17 - 2025-02-27 08:17 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2025-02-27 08:17 - 2025-02-27 08:17 - 000000000 ____D C:\WINDOWS\addins
2025-02-27 08:17 - 2025-02-27 08:17 - 000000000 ____D C:\Program Files\Reference Assemblies
2025-02-27 08:17 - 2025-02-27 08:17 - 000000000 ____D C:\Program Files\MSBuild
2025-02-27 08:17 - 2025-02-27 08:17 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2025-02-27 08:17 - 2025-02-27 08:17 - 000000000 ____D C:\Program Files (x86)\MSBuild
2025-02-26 14:53 - 2025-02-26 14:53 - 000000724 _____ C:\Users\Public\Desktop\PrusaSlicer 2.9.0.lnk
2025-02-26 14:53 - 2025-02-26 14:53 - 000000724 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrusaSlicer 2.9.0.lnk
2025-02-26 14:51 - 2025-02-26 14:51 - 077789928 _____ (Prusa Research s.r.o. ) C:\Users\FantoGir\Desktop\prusa3d_win_2_9_0.exe
2025-02-26 14:33 - 2025-02-27 13:48 - 000000000 ____D C:\Users\FantoGir\Documents\Warlords Battlecry III
2025-02-21 17:33 - 2025-03-03 17:50 - 000000000 ___DC C:\WINDOWS\Panther
2025-02-19 15:24 - 2025-02-19 15:24 - 000133923 _____ C:\Users\FantoGir\Desktop\Skolni_vylet 2025 PRAHA.pdf
2025-02-16 21:54 - 2025-02-16 21:54 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2025-02-15 19:23 - 2025-03-03 23:46 - 000000000 ____D C:\Users\FantoGir\AppData\LocalLow\IGDump
2025-02-15 19:19 - 2025-03-04 18:34 - 000000000 ____D C:\Users\FantoGir\AppData\Local\Malwarebytes
2025-02-15 19:19 - 2025-02-15 19:19 - 000002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2025-02-15 19:19 - 2025-02-15 19:19 - 000002081 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2025-02-15 19:18 - 2025-02-15 19:18 - 000000000 ____D C:\ProgramData\Malwarebytes
2025-02-15 19:18 - 2025-02-15 19:18 - 000000000 ____D C:\Program Files\Malwarebytes
2025-02-15 19:17 - 2025-02-15 19:18 - 002832624 _____ (Malwarebytes) C:\Users\FantoGir\Desktop\MBSetup.exe
2025-02-13 00:21 - 2025-02-27 08:33 - 000002025 _____ C:\Users\Public\Desktop\AVG AntiVirus Free.lnk
2025-02-13 00:04 - 2025-02-13 00:04 - 001634304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartWorkflows.dll
2025-02-13 00:04 - 2025-02-13 00:04 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2025-02-13 00:04 - 2025-02-13 00:04 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2025-02-13 00:04 - 2025-02-13 00:04 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wslg.exe
2025-02-13 00:04 - 2025-02-13 00:04 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VirtualMonitorManager.dll
2025-02-13 00:03 - 2025-02-13 00:03 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\authentication.dll
2025-02-13 00:03 - 2025-02-13 00:03 - 000069632 _____ C:\WINDOWS\system32\pospaymentsworker.exe
2025-02-13 00:02 - 2025-02-13 00:02 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\PwdlessAggregator.dll
2025-02-13 00:02 - 2025-02-13 00:02 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\IntelligentPwdlessTask.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-03-04 18:40 - 2023-11-24 17:42 - 000000000 ____D C:\Users\FantoGir\AppData\Roaming\Microsoft\Excel
2025-03-04 18:40 - 2023-11-24 17:23 - 000000000 ____D C:\Users\FantoGir\AppData\Roaming\Microsoft\Word
2025-03-04 18:36 - 2023-11-23 20:06 - 000000000 ____D C:\Users\FantoGir\AppData\Local\ConnectedDevicesPlatform
2025-03-04 18:20 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-03-04 18:04 - 2024-10-14 18:11 - 000000000 ____D C:\ProgramData\NVIDIA
2025-03-04 17:53 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-03-04 17:45 - 2024-04-01 08:24 - 000000000 ____D C:\WINDOWS\INF
2025-03-04 15:07 - 2024-04-01 08:21 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-03-03 21:57 - 2024-05-01 20:49 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2025-03-03 21:57 - 2023-11-24 17:29 - 000000000 ____D C:\ProgramData\Riot Games
2025-03-03 21:51 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-03-03 19:26 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-03-03 19:26 - 2023-11-24 16:36 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2025-03-03 19:26 - 2023-11-23 20:50 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-03-03 18:06 - 2023-11-23 20:06 - 000000000 ____D C:\Users\FantoGir\AppData\Local\D3DSCache
2025-03-03 17:50 - 2024-09-13 18:29 - 000000000 ____D C:\Users\FantoGir\AppData\Local\LogMeIn Hamachi
2025-03-03 17:50 - 2024-09-13 17:18 - 000000000 ____D C:\Program Files (x86)\Steam
2025-03-03 17:50 - 2023-11-27 08:36 - 000000000 ____D C:\Users\FantoGir\AppData\Roaming\XnView
2025-03-03 17:50 - 2023-11-24 20:20 - 000000000 ____D C:\Users\FantoGir\AppData\Local\CrashDumps
2025-03-03 17:50 - 2023-11-24 17:26 - 000000000 ____D C:\Users\FantoGir\AppData\Roaming\TS3Client
2025-03-03 17:48 - 2023-11-23 20:53 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-03-03 17:43 - 2023-11-26 13:17 - 000000000 ____D C:\ProgramData\Piriform
2025-03-02 08:43 - 2021-06-05 12:16 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-03-01 12:22 - 2024-05-01 20:46 - 000000000 ____D C:\Program Files\Riot Vanguard
2025-03-01 12:21 - 2024-03-06 21:36 - 000000000 ____D C:\Users\FantoGir\AppData\Roaming\riot-client-ux
2025-02-28 22:44 - 2023-11-24 17:27 - 000002327 _____ C:\Users\FantoGir\Desktop\TeamSpeak Overlay.lnk
2025-02-28 22:44 - 2023-11-24 17:26 - 000000000 ____D C:\Users\FantoGir\AppData\Local\Overwolf
2025-02-28 22:44 - 2023-11-23 20:42 - 000002327 _____ C:\Users\FantoGir\Desktop\Facecheck.lnk
2025-02-28 22:43 - 2023-11-23 20:08 - 000000000 ___RD C:\Users\FantoGir\OneDrive
2025-02-28 22:41 - 2024-09-30 20:35 - 000000000 __SHD C:\Users\FantoGir\IntelGraphicsProfiles
2025-02-28 22:41 - 2024-09-30 14:50 - 000000000 ____D C:\Intel
2025-02-28 22:41 - 2024-05-07 20:49 - 000000000 ____D C:\Program Files (x86)\ASUS
2025-02-28 22:41 - 2021-06-05 12:16 - 000561256 _____ C:\WINDOWS\system32\wpbbin.exe
2025-02-28 22:41 - 2021-06-05 12:16 - 000524568 _____ C:\WINDOWS\system32\AsusUpdateCheck.exe
2025-02-28 22:41 - 2021-06-05 12:16 - 000012288 ___SH C:\DumpStack.log.tmp
2025-02-28 21:58 - 2024-09-07 18:20 - 000000000 ____D C:\ProgramData\AVG
2025-02-28 20:04 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-02-28 20:04 - 2024-04-01 08:21 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2025-02-28 12:20 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\appcompat
2025-02-27 22:28 - 2023-11-23 20:54 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-02-27 22:28 - 2023-11-23 20:54 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2025-02-27 13:47 - 2023-11-24 17:31 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2025-02-27 13:44 - 2024-09-07 18:23 - 000000000 ____D C:\Users\FantoGir\AppData\Local\AVG
2025-02-27 13:25 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2025-02-27 08:53 - 2023-11-23 20:06 - 000000000 ____D C:\Users\FantoGir\AppData\Local\Packages
2025-02-27 08:53 - 2023-11-23 19:52 - 000000000 ____D C:\ProgramData\Packages
2025-02-27 08:52 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\USOPrivate
2025-02-27 08:48 - 2024-05-07 20:49 - 001164200 _____ (ASUSTeK Computer Inc.) C:\WINDOWS\system32\AsusDownloadAgent.exe
2025-02-27 08:48 - 2024-05-07 20:49 - 000366592 _____ C:\WINDOWS\system32\syncas.dll
2025-02-27 08:48 - 2024-05-07 20:49 - 000007387 _____ C:\WINDOWS\Ascd_tmp.ini
2025-02-27 08:48 - 2024-05-07 20:49 - 000000847 _____ C:\WINDOWS\Ascd_ProcessLog.ini
2025-02-27 08:47 - 2023-11-23 19:49 - 000289560 _____ () C:\WINDOWS\system32\AsusDownLoadLicense.exe
2025-02-27 08:36 - 2023-11-23 20:06 - 000002352 _____ C:\Users\FantoGir\Desktop\Microsoft Edge.lnk
2025-02-27 08:36 - 2023-11-23 20:06 - 000000000 __RHD C:\Users\Public\AccountPictures
2025-02-27 08:35 - 2024-04-01 08:26 - 000000000 ___RD C:\Program Files\Windows Defender
2025-02-27 08:35 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Windows NT
2025-02-27 08:33 - 2024-09-07 18:23 - 000002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG AntiVirus Free.lnk
2025-02-27 08:33 - 2024-04-01 08:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-02-27 08:32 - 2024-04-01 08:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-02-27 08:31 - 2024-09-08 10:14 - 000000000 ____D C:\Users\FantoGir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NFS Most Wanted
2025-02-27 08:31 - 2024-04-21 23:12 - 000000000 ____D C:\Users\FantoGir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk
2025-02-27 08:31 - 2023-11-24 17:27 - 000000000 ____D C:\Users\FantoGir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2025-02-27 08:31 - 2023-11-23 20:53 - 000000000 ____D C:\Users\FantoGir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2025-02-27 08:30 - 2024-08-19 10:49 - 000000000 ____D C:\Users\FantoGir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Westwood
2025-02-27 08:30 - 2024-04-01 08:26 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows
2025-02-27 08:29 - 2023-11-24 20:53 - 001750342 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2025-02-27 08:29 - 2023-11-23 19:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2025-02-27 08:28 - 2024-09-13 18:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2025-02-27 08:28 - 2024-09-13 17:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2025-02-27 08:28 - 2024-09-08 10:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NFS Most Wanted
2025-02-27 08:28 - 2024-09-07 16:35 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2025-02-27 08:28 - 2024-06-06 17:59 - 000000000 ____D C:\WINDOWS\system32\%userprofile%
2025-02-27 08:28 - 2024-05-02 17:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prusa3D
2025-02-27 08:28 - 2024-04-21 23:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeCAD 0.21
2025-02-27 08:28 - 2024-04-01 08:29 - 000000000 ____D C:\WINDOWS\Setup
2025-02-27 08:28 - 2024-04-01 08:26 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2025-02-27 08:28 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2025-02-27 08:28 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2025-02-27 08:28 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2025-02-27 08:28 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2025-02-27 08:28 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-02-27 08:28 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2025-02-27 08:28 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\spool
2025-02-27 08:28 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2025-02-27 08:28 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2025-02-27 08:28 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\NDF
2025-02-27 08:28 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2025-02-27 08:28 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2025-02-27 08:28 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\et-EE
2025-02-27 08:28 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\es-MX
2025-02-27 08:28 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2025-02-27 08:28 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-02-27 08:28 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-02-27 08:28 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ServiceState
2025-02-27 08:28 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\Registration
2025-02-27 08:28 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2025-02-27 08:28 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\IME
2025-02-27 08:28 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2025-02-27 08:28 - 2023-11-24 21:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\DAEMON Tools Lite
2025-02-27 08:28 - 2023-11-24 21:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tracker Software
2025-02-27 08:28 - 2023-11-24 20:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView
2025-02-27 08:28 - 2023-11-24 17:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2025-02-27 08:28 - 2023-11-23 20:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2025-02-27 08:28 - 2023-11-23 20:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2025-02-27 08:28 - 2023-11-23 20:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2025-02-27 08:28 - 2022-05-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Hydrogen
2025-02-27 08:28 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2025-02-27 08:28 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2025-02-27 08:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2025-02-27 08:28 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2025-02-27 08:27 - 2024-04-01 08:26 - 000000000 __RHD C:\Users\Public\Libraries
2025-02-27 08:26 - 2024-09-13 17:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ
2025-02-27 08:26 - 2024-08-23 10:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2025-02-27 08:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\schemas
2025-02-27 08:26 - 2023-11-24 17:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewFeature1
2025-02-27 08:26 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2025-02-27 08:23 - 2024-04-01 17:31 - 000000000 ___SD C:\WINDOWS\system32\AppV
2025-02-27 08:23 - 2024-04-01 17:31 - 000000000 ____D C:\WINDOWS\InboxApps
2025-02-27 08:23 - 2024-04-01 17:31 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2025-02-27 08:23 - 2024-04-01 17:31 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2025-02-27 08:23 - 2024-04-01 17:31 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2025-02-27 08:23 - 2024-04-01 17:30 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2025-02-27 08:23 - 2024-04-01 17:30 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\system32\UNP
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\system32\F12
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\WUModels
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\UUS
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\qps-plocm
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\qps-ploc
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\hi-IN
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemApps
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\te-IN
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ta-IN
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\setup
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\qps-plocm
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\qps-ploc
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\or-IN
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\km-KH
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\is-IS
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\id-ID
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\hi-IN
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\DDFs
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Com
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\be-BY
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\as-IN
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\am-ET
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\Provisioning
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\BrowserCore
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-02-27 08:23 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\System
2025-02-27 08:23 - 2024-04-01 08:21 - 000000000 ____D C:\WINDOWS\servicing
2025-02-27 08:22 - 2024-04-01 17:31 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2025-02-27 08:22 - 2024-04-01 17:31 - 000028898 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2025-02-27 08:22 - 2024-04-01 08:26 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2025-02-27 08:22 - 2024-04-01 08:26 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2025-02-27 08:21 - 2024-04-01 08:22 - 000063064 _____ (Microsoft Corporation) C:\WINDOWS\system32\HalExtIntcLpioDMA.dll
2025-02-27 08:21 - 2024-04-01 08:22 - 000062952 _____ (Microsoft Corporation) C:\WINDOWS\system32\HalExtIntcPseDMA.dll
2025-02-27 08:21 - 2024-04-01 08:22 - 000062944 _____ (Microsoft Corporation) C:\WINDOWS\system32\HalExtPL080.dll
2025-02-27 08:18 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\OCR
2025-02-27 08:17 - 2024-04-01 17:28 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2025-02-27 08:17 - 2024-04-01 17:28 - 000000000 ____D C:\WINDOWS\system32\WCN
2025-02-27 08:17 - 2024-04-01 08:26 - 000000000 ___RD C:\Program Files (x86)\Windows Defender
2025-02-27 08:17 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2025-02-27 08:17 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\MUI
2025-02-27 08:16 - 2024-04-01 17:28 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2025-02-27 08:16 - 2024-04-01 17:28 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2025-02-27 08:16 - 2024-04-01 17:28 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2025-02-27 08:16 - 2024-04-01 17:28 - 000000000 ____D C:\WINDOWS\system32\winrm
2025-02-27 08:16 - 2024-04-01 17:28 - 000000000 ____D C:\WINDOWS\system32\slmgr
2025-02-27 08:16 - 2024-04-01 17:28 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2025-02-26 17:03 - 2024-09-13 16:13 - 134222904 _____ C:\WINDOWS\392667600.dat
2025-02-26 14:53 - 2024-05-02 17:33 - 000000000 ____D C:\Users\FantoGir\AppData\Roaming\PrusaSlicer
2025-02-26 14:53 - 2024-05-02 17:32 - 000000743 _____ C:\Users\Public\Desktop\Prusa G-code Viewer.lnk
2025-02-26 14:53 - 2024-05-02 17:32 - 000000743 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prusa G-code Viewer.lnk
2025-02-26 14:35 - 2023-11-23 20:53 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-02-26 14:35 - 2023-11-23 20:53 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-02-25 11:05 - 2023-11-23 21:07 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2025-02-22 09:42 - 2023-11-23 20:13 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-02-19 15:23 - 2023-11-24 17:27 - 000000000 ____D C:\Program Files (x86)\Overwolf
2025-02-16 21:54 - 2023-11-23 20:46 - 000000000 ____D C:\Program Files\Microsoft Office
2025-02-15 19:20 - 2023-11-23 20:53 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-02-13 21:51 - 2023-11-23 20:13 - 209365816 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-02-13 18:05 - 2024-09-07 18:20 - 000055064 _____ (Gen Digital Inc.) C:\WINDOWS\system32\icarus_rvrt.exe
2025-02-13 00:21 - 2024-09-07 18:22 - 000383056 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2025-02-12 16:30 - 2024-11-20 14:55 - 000316232 ____N (Gen Digital Inc.) C:\WINDOWS\system32\avgBoot.exe
2025-02-12 16:30 - 2024-09-07 18:22 - 001424952 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgSP.sys
2025-02-12 16:30 - 2024-09-07 18:22 - 000955960 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2025-02-12 16:30 - 2024-09-07 18:22 - 000550992 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgNetHub.sys
2025-02-12 16:30 - 2024-09-07 18:22 - 000381488 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2025-02-12 16:30 - 2024-09-07 18:22 - 000296016 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2025-02-12 16:30 - 2024-09-07 18:22 - 000275024 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2025-02-12 16:30 - 2024-09-07 18:22 - 000235088 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2025-02-12 16:30 - 2024-09-07 18:22 - 000098360 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2025-02-12 16:30 - 2024-09-07 18:22 - 000084560 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2025-02-12 16:30 - 2024-09-07 18:22 - 000069712 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2025-02-12 16:30 - 2024-09-07 18:22 - 000028728 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2025-02-12 16:30 - 2024-09-07 18:22 - 000020560 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgArDisk.sys

==================== Files in the root of some directories ========

2023-11-24 20:56 - 2023-11-24 20:56 - 000000096 _____ () C:\Users\FantoGir\AppData\Local\fusioncache.dat

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-03-2025
Ran by FantoGir (04-03-2025 18:42:22)
Running from C:\Users\FantoGir\Desktop
Microsoft Windows 11 Pro Version 24H2 26100.3194 (X64) (2025-02-27 07:35:47)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1493484511-2504686390-3813843252-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1493484511-2504686390-3813843252-1002 - Limited - Enabled)
DefaultAccount (S-1-5-21-1493484511-2504686390-3813843252-503 - Limited - Disabled)
FantoGir (S-1-5-21-1493484511-2504686390-3813843252-1001 - Administrator - Enabled) => C:\Users\FantoGir
Guest (S-1-5-21-1493484511-2504686390-3813843252-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1493484511-2504686390-3813843252-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
FW: AVG Antivirus (Enabled) {2092F4DC-EC63-3680-C854-E2DACF7E736A}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 24.005.20421 - Adobe)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_2) (Version: 20.0.2 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601108}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Ashampoo Burning Studio FREE (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.24.13 - Ashampoo GmbH & Co. KG)
Autodesk Fusion (HKU\S-1-5-21-1493484511-2504686390-3813843252-1001\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.18961 - Autodesk, Inc.)
AVG AntiVirus Free (HKLM\...\AVG Antivirus) (Version: 24.12.9725.2390 - Gen Digital Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.33 - Piriform)
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1990.6 - Piriform Software) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 12.0.0.2126 - Disc Soft Ltd)
Emperor: Battle For Dune (HKLM-x32\...\Emperor) (Version: - )
EternalCast (HKLM-x32\...\EternalCast) (Version: 1.0.0.6 - Copyright © 2024 Industrial Contracting LLC )
Facecheck (HKU\S-1-5-21-1493484511-2504686390-3813843252-1001\...\Overwolf_fiekjlgoffmlmgfmggnoeoljkmfkcapcdmcgcfgm) (Version: 1.8.17 - Overwolf app)
FreeCAD 0.21.2 (HKLM\...\FreeCAD0212) (Version: 0.21.2 - FreeCAD Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 133.0.6943.142 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Hamachi (HKLM-x32\...\{C00E2143-38F2-49BA-AB8A-03F22F02F0A4}) (Version: 2.3.0.111 - LogMeIn, Inc.) Hidden
Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.3.0.111 - LogMeIn, Inc.)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
League of Legends (HKU\S-1-5-21-1493484511-2504686390-3813843252-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
LEGO Education SPIKE (HKLM\...\{D764E01A-7DC7-409C-B836-1F078AC51869}) (Version: 3.4.5 - The LEGO Group)
Malwarebytes version 5.2.6.163 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.2.6.163 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.18429.20158 - Microsoft Corporation)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.18429.20158 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 133.0.3065.92 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 133.0.3065.92 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 25.020.0202.0001 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1493484511-2504686390-3813843252-1001\...\Teams) (Version: 1.6.00.24078 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.30.30704 (HKLM-x32\...\{4d8dcf8c-a72a-43e1-9833-c12724db736e}) (Version: 14.30.30704.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 x64 Additional Runtime - 14.12.25810 (HKLM\...\{2CD849A7-86A1-34A6-B8F9-D72F5B21A9AE}) (Version: 14.12.25810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x64 Minimum Runtime - 14.12.25810 (HKLM\...\{C99E2ADC-0347-336E-A603-F1992B09D582}) (Version: 14.12.25810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.30.30704 (HKLM-x32\...\{BF08E976-B92E-4336-B56F-2171179476C4}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.30.30704 (HKLM-x32\...\{F6080405-9FA8-4CAA-9982-14E95D1A3DAC}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 121.0 (x64 cs)) (Version: 121.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 120.0 - Mozilla)
Need for Speed Most Wanted (black edition) (HKLM-x32\...\Need for Speed Most Wanted (black edition)) (Version: 1.3 - Electronic Arts)
NVIDIA Ovladače grafiky 560.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 560.94 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.18429.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.18429.20158 - Microsoft Corporation) Hidden
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.267.1.1 - Overwolf Ltd.)
PDF-XChange PRO (HKLM\...\{7C27AE43-385F-42DC-A8CA-1F1FD397336E}) (Version: 8.0.336.0 - Tracker Software Products (Canada) Ltd.) Hidden
PDF-XChange PRO (HKLM-x32\...\{5844f5e4-0620-4dc8-97a1-fb18e73fd2a1}) (Version: 8.0.336.0 - Tracker Software Products (Canada) Ltd.)
PrusaSlicer (HKLM\...\PrusaSlicer_is1) (Version: 2.9.0 - Prusa Research s.r.o.)
Riot Client (HKU\S-1-5-21-1493484511-2504686390-3813843252-1001\...\Riot Game Riot_Client.) (Version: - Riot Games, Inc)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.6.0.24078 - Microsoft Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.2.3 - TeamSpeak Systems GmbH)
TeamSpeak Overlay (HKU\S-1-5-21-1493484511-2504686390-3813843252-1001\...\Overwolf_jnabojaampcpfclojlbildognlnebnhfhibiielh) (Version: 1.0.0.2 - Overwolf app)
Titan Quest (HKLM-x32\...\{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}) (Version: 1.00.0000 - Iron Lore)
Titan Quest Immortal Throne (HKLM-x32\...\{B5C5C17E-FEF6-4062-8151-A427AE8AF9D7}) (Version: 1.00.0000 - Iron Lore)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.17.4 - VideoLAN)
Warlords Battlecry III (HKLM-x32\...\{93DA8968-092B-4E6F-B568-AB8471952143}) (Version: W4PCA0.8 - )
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 6.23 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.23.0 - win.rar GmbH)
XnView 2.51.5 (HKLM-x32\...\XnView_is1) (Version: 2.51.5 - Gougelet Pierre-e)

Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2025-02-02] ()
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt [2024-11-09] (INTEL CORP) [Startup Task]
Microsoft Clipchamp -> C:\Program Files\WindowsApps\Clipchamp.Clipchamp_4.0.10720.0_x64__yxz26nhyzhsrt [2025-02-28] (Microsoft Corp.)
Microsoft.StartExperiencesApp -> C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.235.0_x64__8wekyb3d8bbwe [2025-02-13] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.967.0_x64__56jybvy8sckqj [2025-02-27] (NVIDIA Corp.)
SpotifyAB.SpotifyMusic -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.258.498.0_x64__zpdnekdrzrea0 [2025-02-28] (Spotify AB) [Startup Task]
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.373.1736.0_x64__8wekyb3d8bbwe [2025-01-22] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_6000.401.2352.0_x64__8wekyb3d8bbwe [2025-02-21] (Microsoft Corp.)
WinRAR -> C:\Program Files\WinRAR [2023-11-23] (win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1493484511-2504686390-3813843252-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1493484511-2504686390-3813843252-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\FantoGir\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.23213.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1493484511-2504686390-3813843252-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1493484511-2504686390-3813843252-1001_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\FantoGir\AppData\Local\Autodesk\webdeploy\production\35a60349b112668a59dd7bbcc68b2622875103f4\NPreview10.dll (Autodesk, Inc. -> )
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.020.0202.0001\FileSyncShell64.dll [2025-03-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.020.0202.0001\FileSyncShell64.dll [2025-03-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.020.0202.0001\FileSyncShell64.dll [2025-03-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.020.0202.0001\FileSyncShell64.dll [2025-03-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.020.0202.0001\FileSyncShell64.dll [2025-03-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.020.0202.0001\FileSyncShell64.dll [2025-03-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.020.0202.0001\FileSyncShell64.dll [2025-03-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2025-02-12] (AVG Technologies USA, LLC -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.020.0202.0001\FileSyncShell64.dll [2025-03-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.020.0202.0001\FileSyncShell64.dll [2025-03-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.020.0202.0001\FileSyncShell64.dll [2025-03-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.020.0202.0001\FileSyncShell64.dll [2025-03-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.020.0202.0001\FileSyncShell64.dll [2025-03-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.020.0202.0001\FileSyncShell64.dll [2025-03-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.020.0202.0001\FileSyncShell64.dll [2025-03-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2025-02-12] (AVG Technologies USA, LLC -> Gen Digital Inc.)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.020.0202.0001\FileSyncShell64.dll [2025-03-03] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2025-02-12] (AVG Technologies USA, LLC -> Gen Digital Inc.)
ContextMenuHandlers1: [PDFXChange Editor Context menu] -> {2ACD35AB-F74A-4C20-AA9B-2DE80081626D} => C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x64.dll [2020-01-06] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2023-11-24] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
ContextMenuHandlers3: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2025-02-12] (AVG Technologies USA, LLC -> Gen Digital Inc.)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2023-11-24] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-02-15] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.020.0202.0001\FileSyncShell64.dll [2025-03-03] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.020.0202.0001\FileSyncShell64.dll [2025-03-03] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_0afec3f2050014a0\nvshext.dll [2024-09-15] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2025-02-12] (AVG Technologies USA, LLC -> Gen Digital Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-02-15] (Malwarebytes Inc. -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\FantoGir\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\FantoGir - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

2024-05-15 20:58 - 2024-05-15 20:58 - 000126976 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\UpdatePolicyScenarioReliabilityAggregator.dll
2023-11-23 20:49 - 2023-11-23 20:49 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2023-11-23 20:49 - 2023-11-23 20:49 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\root\Office16\c2r64.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2019.lnk:AAF8908258 [4306]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [4306]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox — anonymní prohlížení.lnk:DD458B7765 [4306]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk:980850BA8A [4306]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook (classic).lnk:5465085A2F [4306]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook (classic).lnk:BE800952D3 [4306]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk:1DC1525F34 [4306]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk:F208FC6732 [4306]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk:7AD7FA8AB1 [3442]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\avgSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

SearchScopes: HKU\S-1-5-21-1493484511-2504686390-3813843252-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: PDF-XChange IE Plugin -> {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} -> C:\Program Files\Tracker Software\PDF-XChange Standard\PXCIEAddin.x64.dll [2020-01-06] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-12-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: PDF-XChange IE Plugin -> {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} -> C:\Program Files\Tracker Software\PDF-XChange Standard\PXCIEAddin.x86.dll [2020-01-06] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
Toolbar: HKLM - PDF-XChange IE Plugin - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange Standard\PXCIEAddin.x64.dll [2020-01-06] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
Toolbar: HKLM-x32 - PDF-XChange IE Plugin - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange Standard\PXCIEAddin.x86.dll [2020-01-06] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-02-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-02-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-02-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-02-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-02-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-02-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-02-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-02-07] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1493484511-2504686390-3813843252-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1493484511-2504686390-3813843252-1001\...\sharepoint.com -> hxxps://zsdolnibecva-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2021-06-05 13:08 - 2021-06-05 13:08 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1493484511-2504686390-3813843252-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\DesktopSpotlight\Assets\Images\image_1.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: Realtek PCIe GbE Family Controller -> rtcx21x64.sys
Hamachi: LogMeIn Hamachi Virtual Ethernet Adapter -> Hamdrv.sys

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKU\S-1-5-21-1493484511-2504686390-3813843252-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{563D9281-DA97-4EB9-83DD-BB55BF789DE9}] => (Allow) C:\Program Files (x86)\Overwolf\0.267.1.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{B7757E84-BBFE-4EB5-B7A9-6CAC7212B105}] => (Allow) C:\Program Files (x86)\Overwolf\0.267.1.1\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{8DE8C66E-9F9E-4736-B5BC-F4B19D3982FB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8D961FB9-795A-4D37-9A85-DCA4472838D7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E708BFBB-15AF-4E89-B57B-08B16721881E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5C748D27-BE6A-4B98-9118-50F33AA6407E}] => (Allow) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> Gen Digital Inc.)
FirewallRules: [{08C67A16-8710-47F2-99DD-AB8211ED2CCC}] => (Allow) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> Gen Digital Inc.)
FirewallRules: [UDP Query User{5A5BEB3C-29AF-4DE9-8338-7FECED367518}C:\users\fantogir\desktop\games\titan quest immortal throne\tqit.exe] => (Allow) C:\users\fantogir\desktop\games\titan quest immortal throne\tqit.exe () [File not signed]
FirewallRules: [TCP Query User{24E2A86A-46C6-4053-BB92-13BE5E11FA53}C:\users\fantogir\desktop\games\titan quest immortal throne\tqit.exe] => (Allow) C:\users\fantogir\desktop\games\titan quest immortal throne\tqit.exe () [File not signed]
FirewallRules: [UDP Query User{1210116D-A005-4297-9709-503FA932551F}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{69916DA6-6DF9-4617-9205-EA07D66950A2}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{867B7D51-7DCD-4681-A830-FF8F1876176A}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{A9DFB606-DC30-472C-8A12-E8C14CE1B12F}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{80B41F29-E2B5-41BB-B584-9BA24B735E93}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25017.203.3370.1174_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{23D3C360-C2DC-4F5D-A6B0-86565BAC2BFC}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25017.203.3370.1174_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A78C010E-5541-4989-A523-249DFB0191DE}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_25031.704.3457.9326_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D76E4367-183F-419C-A8AC-D063F5C429C2}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_25031.704.3457.9326_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F061DB43-A536-4FF1-8C33-B6D322CF3F1C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{1DDA644A-3A70-4403-9BFD-588283C8D911}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.258.498.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{770449EB-61D8-4C7D-80AB-D7F8F975580A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.258.498.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8A7544DB-0FE7-47C5-BBA3-ECB57E763794}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.258.498.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{72B47C25-11A2-4A12-8CCB-18213331F628}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.258.498.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4EBFC8CC-E8D2-4927-AF2F-F8C8C8EDEED7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.258.498.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9B7D54D5-BC82-44C8-9515-E317233893B5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.258.498.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{97422594-952D-4077-B0F6-50E8E4259831}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.258.498.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7847E609-C936-48BD-AA12-4121BF75692D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.258.498.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{381FD68F-AF67-44D3-A7E8-907CF048BE37}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.258.498.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{19E1FB14-22EC-4DFD-894C-F04F23F8EAF2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.258.498.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{24D679FA-029F-4A53-A41E-C87547F52BFC}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\133.0.3065.92\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

27-02-2025 08:52:20 Windows Update
28-02-2025 17:15:45 Instalační služba modulů systému Windows
03-03-2025 18:32:37 Windows Update
04-03-2025 18:03:39 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices ============
Name: Zařízení PCI
Description: Zařízení PCI
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Řadič sběrnice SM
Description: Řadič sběrnice SM
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (03/01/2025 10:28:53 AM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-51AH7CS)
Description: Název chybující aplikace: Battlecry III.exe, verze: 1.0.3.0, časové razítko: 0x41351d68
Název chybujícího modulu: Battlecry III.exe, verze: 1.0.3.0, časové razítko: 0x41351d68
Kód výjimky: 0xc0000005
Posun chyby: 0x00119830
ID chybujícího procesu: 0x8bc
Čas spuštění chybující aplikace: 0x1db8a82098b7e90
Cesta k chybující aplikaci: D:\Games\BC3\Battlecry III.exe
Cesta k chybujícímu modulu: D:\Games\BC3\Battlecry III.exe
ID sestavy: 0784e597-f083-4c2e-a8ef-39be15af8336
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:

Error: (03/01/2025 09:14:55 AM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-51AH7CS)
Description: Název chybující aplikace: Battlecry III.exe, verze: 1.0.3.0, časové razítko: 0x41351d68
Název chybujícího modulu: Battlecry III.exe, verze: 1.0.3.0, časové razítko: 0x41351d68
Kód výjimky: 0xc0000005
Posun chyby: 0x00119830
ID chybujícího procesu: 0x3cb4
Čas spuštění chybující aplikace: 0x1db8a81e945a7f6
Cesta k chybující aplikaci: D:\Games\BC3\Battlecry III.exe
Cesta k chybujícímu modulu: D:\Games\BC3\Battlecry III.exe
ID sestavy: eec097e2-5391-4b43-a9ad-b5586265703c
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:

Error: (03/01/2025 01:01:28 AM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-51AH7CS)
Description: Název chybující aplikace: Battlecry III.exe, verze: 1.0.3.0, časové razítko: 0x41351d68
Název chybujícího modulu: Battlecry III.exe, verze: 1.0.3.0, časové razítko: 0x41351d68
Kód výjimky: 0xc0000005
Posun chyby: 0x00119830
ID chybujícího procesu: 0xb30
Čas spuštění chybující aplikace: 0x1db8a318edb3bed
Cesta k chybující aplikaci: D:\Games\BC3\Battlecry III.exe
Cesta k chybujícímu modulu: D:\Games\BC3\Battlecry III.exe
ID sestavy: 9f03558a-bc36-4c0e-8af4-2b9e921ef218
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:

Error: (02/28/2025 08:04:26 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..

Error: (02/28/2025 08:04:26 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]

Error: (02/28/2025 12:23:55 PM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-51AH7CS)
Description: Název chybující aplikace: LeagueClient.exe, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x000001958ff1a4e0
ID chybujícího procesu: 0x42c8
Čas spuštění chybující aplikace: 0x1db89d3400a73c4
Cesta k chybující aplikaci: C:\Users\FantoGir\Desktop\Games\Riot Games\League of Legends\LeagueClient.exe
Cesta k chybujícímu modulu: unknown
ID sestavy: 4b502440-4e0d-49cd-b27e-21a03793c942
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:

Error: (02/27/2025 01:35:43 PM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-51AH7CS)
Description: Název chybující aplikace: Battlecry III.exe, verze: 1.0.3.0, časové razítko: 0x00000000
Název chybujícího modulu: Battlecry III.exe, verze: 1.0.3.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000120
ID chybujícího procesu: 0x435c
Čas spuštění chybující aplikace: 0x1db89141d0fcd86
Cesta k chybující aplikaci: D:\Games\BC3\Battlecry III.exe
Cesta k chybujícímu modulu: D:\Games\BC3\Battlecry III.exe
ID sestavy: 89c1e53b-3fb6-4614-9e5a-fcfd6d3e3e2e
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:


System errors:
=============
Error: (03/04/2025 06:03:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba EternalCast Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 100 milisekund: Restartovat službu.

Error: (03/04/2025 06:03:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (03/04/2025 03:09:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (03/04/2025 03:09:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Disc Soft Lite Bus Service byla neočekávaně ukončena. Tento stav nastal již 5krát.

Error: (03/04/2025 03:09:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba EternalCast Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 100 milisekund: Restartovat službu.

Error: (03/04/2025 03:08:11 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931

Error: (03/04/2025 12:22:31 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (03/04/2025 12:22:31 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba EternalCast Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 100 milisekund: Restartovat službu.


CodeIntegrity:
===============
Date: 2025-03-02 08:44:16
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2025-03-02 08:42:50
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 1601 09/20/2018
Motherboard: ASUSTeK COMPUTER INC. PRIME B360M-A
Processor: Intel(R) Core(TM) i5-8400 CPU @ 2.80GHz
Percentage of memory in use: 56%
Total physical RAM: 16228.35 MB
Available physical RAM: 7121.68 MB
Total Virtual: 23652.35 MB
Available Virtual: 12045.62 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:893.47 GB) (Free:701.44 GB) (Model: ADATA SU650) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:59.83 GB) (Model: ST1000DM010-2EP102) NTFS
Drive e: (Fleška) (Removable) (Total:57.72 GB) (Free:30.01 GB) exFAT

\\?\Volume{579f20c8-55bf-42a4-aa5a-9d18fd0f570c}\ () (Fixed) (Total:0.67 GB) (Free:0.11 GB) NTFS
\\?\Volume{70fe9d73-f193-49b9-b662-7da7b3b0f24b}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 894.3 GB) (Disk ID: 400AC985)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 3060A0DF)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 57.8 GB) (Disk ID: 7B4C4F53)
Partition 1: (Active) - (Size=57.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

[JaRon]

Ahoj,
pouzi fixlist s obsahom:
Start

U3 AVG Business Console Client Antivirus Service; no ImagePath
U3 avgBcc; no ImagePath
U3 avgbdisk; no ImagePath
S4 GSDriver; \SystemRoot\System32\drivers\GSDriver64.sys [X]

HKU\S-1-5-21-1493484511-2504686390-3813843252-1001\...\MountPoints2: {a6e75939-8a3c-11ee-ac14-833ebfd4365b} - "E:\autorun.exe"
HKU\S-1-5-21-1493484511-2504686390-3813843252-1001\...\MountPoints2: {bc6ab1be-8c4f-11ee-ac14-833ebfd4365b} - "F:\autorun.exe"

EmptyTemp:

End

[Giraffe]

Fix result of Farbar Recovery Scan Tool (x64) Version: 02-03-2025
Ran by FantoGir (04-03-2025 22:15:31) Run:2
Running from C:\Users\FantoGir\Desktop
Loaded Profiles: FantoGir
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

U3 AVG Business Console Client Antivirus Service; no ImagePath
U3 avgBcc; no ImagePath
U3 avgbdisk; no ImagePath
S4 GSDriver; \SystemRoot\System32\drivers\GSDriver64.sys [X]

HKU\S-1-5-21-1493484511-2504686390-3813843252-1001\...\MountPoints2: {a6e75939-8a3c-11ee-ac14-833ebfd4365b} - "E:\autorun.exe"
HKU\S-1-5-21-1493484511-2504686390-3813843252-1001\...\MountPoints2: {bc6ab1be-8c4f-11ee-ac14-833ebfd4365b} - "F:\autorun.exe"

EmptyTemp:

End
*****************

AVG Business Console Client Antivirus Service => service not found.
HKLM\System\CurrentControlSet\Services\avgBcc => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\avgbdisk => could not remove, key could be protected
GSDriver => service not found.
HKU\S-1-5-21-1493484511-2504686390-3813843252-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a6e75939-8a3c-11ee-ac14-833ebfd4365b} => not found
HKU\S-1-5-21-1493484511-2504686390-3813843252-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bc6ab1be-8c4f-11ee-ac14-833ebfd4365b} => not found

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10620025 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 51355 B
Edge => 0 B
Chrome => 176537987 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 4676 B
NetworkService => 4676 B
FantoGir => -1929486 B

RecycleBin => 0 B
EmptyTemp: => 179.8 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 04-03-2025 22:17:29)


Result of scheduled keys to remove after reboot:

HKLM\System\CurrentControlSet\Services\avgBcc => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\avgbdisk => could not remove, key could be protected

==== End of Fixlog 22:17:29 ====

[JaRon]

Pokial Adwcleaner najde znovu PUP, tak restartuj PC do nudzoveho rezimu a daj ho odstranit
s Adwcleanerom

[Giraffe]

Bylo nutné použít Adwcleaner v nouzovém režimu. Teď to vypadá, že PUP je fuč. Děkuji za pomoc

[JaRon]

Niektore smejdy sa drzia pevnejsie
Za malo