Prosím o kontrolu logu
Napsal: 13 úno 2021 19:06
Dobrý večer,
prosím o kontrolu logu. Přítelkyni se zpomaluje a seká počítač, Avira jí hlásí několik podezřelých souborů a tr/crypt.xpack.gen.
Moc děkuji.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-02-2021
Ran by aja (administrator) on AJA-NTB (Hewlett-Packard HP Pavilion 15 Notebook PC) (13-02-2021 18:41:14)
Running from D:\Plocha
Loaded Profiles: aja
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\AutoHotkey\AutoHotkey.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Discord Inc. -> Discord Inc.) C:\Users\aja\AppData\Local\Discord\app-0.0.309\Discord.exe <6>
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(F.lux Software LLC -> f.lux Software LLC) C:\Users\aja\AppData\Local\FluxSoftware\Flux\flux.exe
(GlavSoft LLC. -> GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <15>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Hewlett-Packard) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Hi-Rez Studios) [File not signed] D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel(R) Driver & Support Assistant -> Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
(Intel(R) Driver & Support Assistant -> Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSATray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Softland S.R.L. -> Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
(Spotify AB -> Spotify Ltd) C:\Users\aja\AppData\Roaming\Spotify\Spotify.exe <6>
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2773232 2013-10-17] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [705728 2020-11-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [126200 2018-12-12] (Intel(R) Driver & Support Assistant -> Intel)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3285070336-867792745-467015435-1000\...\Run: [f.lux] => C:\Users\aja\AppData\Local\FluxSoftware\Flux\flux.exe [1469968 2020-06-17] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-3285070336-867792745-467015435-1000\...\Run: [Spotify] => C:\Users\aja\AppData\Roaming\Spotify\Spotify.exe [23722056 2021-02-05] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3285070336-867792745-467015435-1000\...\Run: [] => [X]
HKU\S-1-5-21-3285070336-867792745-467015435-1000\...\Run: [Discord] => C:\Users\aja\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3285070336-867792745-467015435-1000\...\MountPoints2: F - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3285070336-867792745-467015435-1000\...\MountPoints2: V - V:\setup.exe
HKU\S-1-5-21-3285070336-867792745-467015435-1000\...\MountPoints2: {50822d89-a616-11e8-aa85-a0d3c152f807} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3285070336-867792745-467015435-1000\...\MountPoints2: {5f4fa7db-615c-11e9-873e-8056f275a1a2} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3285070336-867792745-467015435-1000\...\MountPoints2: {5f4fa7ec-615c-11e9-873e-8056f275a1a2} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3285070336-867792745-467015435-1000\...\MountPoints2: {7ee16692-b395-11e8-93a8-a0d3c152f807} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3285070336-867792745-467015435-1000\...\MountPoints2: {999871d2-6be8-11e9-a7b2-8056f275a1a2} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3285070336-867792745-467015435-1000\...\MountPoints2: {a8d56778-d315-11e5-908f-a0d3c152f807} - F:\autorun.exe
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\hpzppw72: C:\Windows\System32\spool\prtprocs\x64\hpzppw72.dll [257024 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\doPDF 7 Monitor: C:\Windows\system32\dopdfmn7.dll [25888 2014-03-19] (Softland S.R.L. -> Softland)
HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\Windows\system32\hpzllw71.dll [53248 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\PCL hpz3lw72: C:\Windows\system32\hpz3lw72.dll [46080 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.150\Installer\chrmstp.exe [2021-02-08] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\Users\aja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Registration Assassin's Creed.LNK [2016-04-28]
ShortcutTarget: Registration Assassin's Creed.LNK -> D:\Hry\Assassin's Creed\Register\RegistrationReminder.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-05-12]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\replacefunckeys.ahk [2018-07-26] () [File not signed]
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0AEDDC88-E915-4650-B2E3-4489DFF45B90} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {13C7EB83-2A1A-42D7-A360-69E282AF456C} - \{FDE55449-AF58-4C4F-B28C-94B8154AA81A} -> No File <==== ATTENTION
Task: {1D31571A-D93E-4D54-AD64-3E3EB556A959} - \{981B7714-33E0-432F-A022-0BDDC2ECEA19} -> No File <==== ATTENTION
Task: {1F3500AC-E1DF-48DC-A5C0-FB0BB088F7F6} - \IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 -> No File <==== ATTENTION
Task: {29D02E91-67F0-4D37-8AE5-ED3BA2C2B4BD} - \{A845BF78-9E3E-4E5F-84B4-96B977815136} -> No File <==== ATTENTION
Task: {2A03F595-A8FA-48E4-AEA3-C3C284E565B3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {2B0721A9-F356-4D55-95EE-F0B1A5900E64} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [233176 2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {2CFE7C26-7DB0-45B2-BC69-B6BD6A3F82F6} - \{816C3A3F-3DFC-4881-99CB-DEB6DE0B48D4} -> No File <==== ATTENTION
Task: {588572F1-85DE-4B98-A5A5-4F895D08ABF0} - \IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon -> No File <==== ATTENTION
Task: {5EF5FB2A-9E74-40E7-AB4C-F8F7806F044B} - \ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon -> No File <==== ATTENTION
Task: {5FDC2A8C-88F6-4FA2-9654-60986524D9A6} - \ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d -> No File <==== ATTENTION
Task: {6FFEA7BB-303E-4378-80F4-795771F49269} - \StartDVR -> No File <==== ATTENTION
Task: {73DB9093-89F0-4F5A-9637-21AF08BAB9FC} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [29757392 2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {8BC4DCC1-B9E1-4C4B-A538-8C08B0B3C60E} - \Avast Software\Overseer -> No File <==== ATTENTION
Task: {8E124E2B-E485-44EF-8E2C-CB97BD295EAD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-04-23] (Google Inc -> Google Inc.)
Task: {8E3F7C1B-F50A-4E86-83C9-1453B9B6A8A3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-04-23] (Google Inc -> Google Inc.)
Task: {9B87201F-0FE4-45E4-887C-2F20D500F12F} - \AMDLinkUpdate -> No File <==== ATTENTION
Task: {B1A7C8FE-9B11-4F6A-87EB-6D88C1A6B3E9} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2649200 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {B8CAE4CA-BFB5-482D-B174-A143FA8FD504} - \Adobe Flash Player PPAPI Notifier -> No File <==== ATTENTION
Task: {DF79AF6C-2BED-402E-A374-388A2143DCA2} - \ModifyLinkUpdate -> No File <==== ATTENTION
Task: {F3328174-6D70-43E8-9FBF-8A41CFBDC2AC} - \StartCN -> No File <==== ATTENTION
Task: {F80EB2B8-5E55-44AB-BDB1-30DD05EF0298} - \Defraggler Volume C Task -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.120.250
Tcpip\..\Interfaces\{9B50915E-1AA6-4AD9-AD34-A0C9339CDD45}: [DhcpNameServer] 192.168.137.1
Tcpip\..\Interfaces\{B65319CF-2650-44F3-A9F4-A45F7F284BAA}: [DhcpNameServer] 192.168.120.250
FireFox:
========
FF ProfilePath: C:\Users\aja\AppData\Roaming\Mozilla\Firefox\Profiles\0yy4fbsg.default [2020-11-01]
FF user.js: detected! => C:\Users\aja\AppData\Roaming\Mozilla\Firefox\Profiles\0yy4fbsg.default\user.js [2018-06-07]
FF DownloadDir: C:\Users\Aja\Downloads
FF Homepage: Mozilla\Firefox\Profiles\0yy4fbsg.default -> hxxp://www.google.cz/
FF Session Restore: Mozilla\Firefox\Profiles\0yy4fbsg.default -> is enabled.
FF Extension: (Avira Browser Safety) - C:\Users\aja\AppData\Roaming\Mozilla\Firefox\Profiles\0yy4fbsg.default\Extensions\abs@avira.com.xpi [2016-02-28] [Legacy]
FF Extension: (ChatZilla) - C:\Users\aja\AppData\Roaming\Mozilla\Firefox\Profiles\0yy4fbsg.default\Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2016-01-07] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2015-12-29] (Adobe Systems Incorporated -> )
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-29] (Adobe Systems Incorporated -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-02-02] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\aja\AppData\Local\Google\Chrome\User Data\Default [2021-02-13]
CHR HomePage: Default -> hxxp://www.google.cz/
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\aja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-05-11]
CHR Extension: (Dokumenty) - C:\Users\aja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-11]
CHR Extension: (Disk Google) - C:\Users\aja\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25]
CHR Extension: (MEGA) - C:\Users\aja\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2021-02-11]
CHR Extension: (YouTube) - C:\Users\aja\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-05-11]
CHR Extension: (uBlock Origin) - C:\Users\aja\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-02-08]
CHR Extension: (Screen Recorder for Google Chrome™) - C:\Users\aja\AppData\Local\Google\Chrome\User Data\Default\Extensions\eclbecdgdoahkliaijlpkigldlkojjdn [2020-10-14]
CHR Extension: (Adobe Acrobat) - C:\Users\aja\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-12-17]
CHR Extension: (Tabulky) - C:\Users\aja\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-05-11]
CHR Extension: (Avira Browser Safety) - C:\Users\aja\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2021-02-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\aja\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\aja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\aja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-24]
CHR Extension: (Chrome Media Router) - C:\Users\aja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-29]
CHR Profile: C:\Users\aja\AppData\Local\Google\Chrome\User Data\System Profile [2018-01-12]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKU\S-1-5-21-3285070336-867792745-467015435-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\aja\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2017-10-05]
CHR HKU\S-1-5-21-3285070336-867792745-467015435-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [98208 2009-11-17] (Andrea Electronics -> Andrea Electronics Corporation)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1205960 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [483432 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [483432 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [573960 2021-01-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [636592 2020-11-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2988544 2020-06-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [384360 2020-12-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [246168 2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [161072 2020-12-16] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1579880 2013-12-27] (IVT CORPORATION -> IVT Corporation)
S3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [145656 2013-12-16] (IVT CORPORATION -> IVT Corporation)
R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [23288 2018-12-12] (Intel(R) Driver & Support Assistant -> Intel)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [784512 2019-06-24] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
U2 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2018-06-11] (Hi-Rez Studios) [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S3 hpqwmiex; C:\Users\aja\AppData\Roaming\Hewlett-Packard\hpqwmiex.exe [794112 2014-03-26] (Hewlett-Packard Company) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [41760 2015-11-18] (Softland S.R.L. -> Microsoft)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-12-28] (Even Balance, Inc. -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [2179056 2013-07-19] (GlavSoft LLC. -> GlavSoft LLC.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-11-15] (Microsoft Windows -> Microsoft Corporation)
S3 Intel(R) SUR QC SAM; "C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [68152 2019-06-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [222200 2020-11-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [178720 2020-05-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36072 2019-02-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [35376 2019-02-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [33968 2012-12-19] (Ralink Technology Corporation -> IVT Corporation)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (Ralink Technology Corporation -> IVT Corporation)
S3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [54064 2013-04-26] (Mediatek Inc. -> Ralink Corporation)
S3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [50272 2013-12-16] (IVT CORPORATION -> Ralink Corporation)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-11-23] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-11-23] (Disc Soft Ltd -> Disc Soft Ltd)
R1 Ext2Fsd; C:\Windows\System32\Drivers\Ext2Fsd.sys [787576 2015-06-09] (Kasherlab Technology Inc. -> www.ext2fsd.com)
R3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [301784 2015-06-01] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\DRIVERS\rtbth.sys [1204936 2014-02-12] (Mediatek Inc. -> Ralink Technology, Corp.)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [752856 2015-05-29] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
U5 RTSUER; C:\Windows\System32\Drivers\RTSUER.sys [402136 2015-05-27] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2013-11-15] (Microsoft Corporation) [File not signed]
S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [30720 2013-11-15] (Microsoft Corporation) [File not signed]
U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [33968 2012-12-19] (Ralink Technology Corporation -> IVT Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-13 18:40 - 2021-02-13 18:42 - 000000000 ____D C:\FRST
2021-02-12 21:34 - 2021-02-12 21:34 - 000000017 _____ C:\Users\aja\AppData\Local\resmon.resmoncfg
2021-02-12 21:21 - 2021-02-12 21:22 - 000000000 ____D C:\Users\aja\AppData\Local\TeamViewer
2021-02-12 21:21 - 2021-02-12 21:21 - 000000975 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2021-02-07 21:57 - 2021-02-07 21:58 - 000083288 _____ (Zoom Video Communications, Inc.) C:\Users\aja\Downloads\Zoom_cm_fik4fkwZ9vvrZo4_mCEbU7h-SZDwgbcuVAmr8ktGXDuJkFQMeqeU@JTrx2WoAS8F3AWlm_k0be628b127e0600e_.exe
2021-01-27 00:24 - 2021-01-27 00:25 - 000000000 ____D C:\Users\aja\AppData\Local\Discord
2021-01-19 13:58 - 2021-01-19 13:58 - 000253992 _____ (Cisco Webex LLC) C:\Users\aja\Downloads\webex.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-13 18:46 - 2017-08-27 19:38 - 000000000 ____D C:\Users\aja\AppData\Roaming\discord
2021-02-13 17:58 - 2019-06-30 18:32 - 000000000 ____D C:\Users\aja\AppData\Roaming\Spotify
2021-02-13 14:50 - 2009-07-14 05:45 - 000032448 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-02-13 14:50 - 2009-07-14 05:45 - 000032448 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-02-13 14:43 - 2016-01-07 22:20 - 000000000 __SHD C:\Users\aja\IntelGraphicsProfiles
2021-02-13 14:42 - 2015-12-14 18:18 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-02-13 14:40 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-02-13 14:40 - 2009-07-14 05:45 - 000441064 _____ C:\Windows\system32\FNTCACHE.DAT
2021-02-12 21:23 - 2014-03-26 21:12 - 000116656 _____ C:\Users\aja\AppData\Local\GDIPFONTCACHEV1.DAT
2021-02-12 20:50 - 2011-04-12 09:34 - 000669830 _____ C:\Windows\system32\perfh005.dat
2021-02-12 20:50 - 2011-04-12 09:34 - 000141956 _____ C:\Windows\system32\perfc005.dat
2021-02-12 20:50 - 2009-07-14 06:13 - 001586648 _____ C:\Windows\system32\PerfStringBackup.INI
2021-02-12 20:50 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2021-02-12 20:25 - 2016-01-07 21:23 - 000000000 ____D C:\Users\aja\AppData\Roaming\vlc
2021-02-12 18:53 - 2015-12-14 19:08 - 000000000 ____D C:\Users\aja\AppData\Roaming\TeamViewer
2021-02-12 18:53 - 2014-03-26 20:53 - 000000000 ___HD C:\AMD
2021-02-12 18:11 - 2019-06-30 18:33 - 000000000 ____D C:\Users\aja\AppData\Local\Spotify
2021-02-12 18:04 - 2014-04-25 18:28 - 000000000 ____D C:\Windows\Minidump
2021-02-12 18:04 - 2014-03-26 22:19 - 000000000 ____D C:\Users\aja\AppData\Roaming\uTorrent
2021-02-10 01:03 - 2020-09-30 19:36 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2021-02-10 01:02 - 2018-09-21 23:34 - 000002063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-02-08 22:25 - 2015-04-23 11:56 - 000002228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-05 16:47 - 2020-10-29 16:27 - 000003596 _____ C:\Windows\system32\Tasks\Avira_Security_Update
2021-02-05 13:16 - 2016-02-01 22:49 - 000003386 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-05 13:16 - 2016-02-01 22:49 - 000003258 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-03 21:07 - 2020-10-29 16:28 - 000003668 _____ C:\Windows\system32\Tasks\AviraSystemSpeedupUpdate
2021-02-03 12:12 - 2017-09-20 04:57 - 000003292 _____ C:\Windows\system32\Tasks\Avira_Antivirus_Systray
2021-01-27 11:59 - 2017-10-05 08:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2021-01-27 00:25 - 2017-08-27 19:38 - 000000000 ____D C:\Users\aja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2021-01-27 00:25 - 2017-08-27 19:37 - 000000000 ____D C:\Users\aja\AppData\Local\SquirrelTemp
2021-01-21 21:28 - 2020-12-28 21:14 - 000000000 ____D C:\Users\aja\Documents\The Witcher 3
2021-01-18 09:08 - 2020-08-24 21:03 - 000032602 _____ C:\Windows\Tasks\SCHEDLGU.TXT
==================== Files in the root of some directories ========
2017-04-15 10:26 - 2017-07-04 13:07 - 007137216 _____ (Geek Unіnstaller) C:\Program Files\geek.exe
2014-06-15 23:52 - 2021-01-01 17:37 - 000011776 _____ () C:\Users\aja\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-07-01 19:50 - 2020-07-01 19:50 - 000001456 _____ () C:\Users\aja\AppData\Local\psppirerc
2014-08-30 20:25 - 2014-09-02 20:53 - 000000600 _____ () C:\Users\aja\AppData\Local\PUTTY.RND
2020-07-01 19:50 - 2020-07-01 19:50 - 000000722 _____ () C:\Users\aja\AppData\Local\recently-used.xbel
2021-02-12 21:34 - 2021-02-12 21:34 - 000000017 _____ () C:\Users\aja\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2021-02-11 12:17
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-02-2021
Ran by aja (13-02-2021 18:46:29)
Running from D:\Plocha
Windows 7 Professional Service Pack 1 (X64) (2014-03-26 19:21:10)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3285070336-867792745-467015435-500 - Administrator - Disabled)
aja (S-1-5-21-3285070336-867792745-467015435-1000 - Administrator - Enabled) => C:\Users\aja
Guest (S-1-5-21-3285070336-867792745-467015435-501 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
. . (HKLM\...\{EAA6C597-BD0D-454D-AEB7-FF0A57905C1C}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32\...\{8CBC102C-34F4-4EB9-9529-3B222367621F}) (Version: 3.7.0.6 - Intel) Hidden
µTorrent (HKU\S-1-5-21-3285070336-867792745-467015435-1000\...\uTorrent) (Version: 3.5.5.45852 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20135 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.414 - Adobe)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
AutoHotkey 1.1.29.01 (HKLM\...\AutoHotkey) (Version: 1.1.29.01 - Lexikos)
Avira (HKLM-x32\...\{161e6084-b0f5-43e8-86d8-09eda5c0893d}) (Version: 1.2.153.30452 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{426D1710-5DFD-45E9-B11D-464792C5AD35}) (Version: 1.2.153.30452 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2101.2070 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.37.1.24458 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.0.44.15540 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version: - Avira Operations GmbH & Co. KG;)
Avira Software Updater (HKLM-x32\...\{9F45C615-6D95-47B5-BB0C-D78F6D15DE21}) (Version: 2.0.6.42639 - Avira Operations GmbH & Co. KG) Hidden
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.10.0.11063 - Avira Operations GmbH & Co. KG) Hidden
Backup and Sync from Google (HKLM\...\{00BA5D43-DC76-4DF2-A38C-5D3B8FABF5E4}) (Version: 3.54.3529.0458 - Google, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
C4500 (HKLM-x32\...\{9DC11D9A-6DCD-4064-8363-63914A0122AB}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Copy (HKLM-x32\...\{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}) (Version: 130.0.428.000 - Hewlett-Packard) Hidden
Cute Screen Recorder Free Version 1.6.0.8 (HKLM-x32\...\Cute Screen Recorder Free Version_is1) (Version: - )
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{2FF8C687-DB7D-4adc-A5DC-57983EC25046}) (Version: 130.0.465.000 - Hewlett-Packard) Hidden
Discord (HKU\S-1-5-21-3285070336-867792745-467015435-1000\...\Discord) (Version: 0.0.309 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{19BC09B5-F319-4A61-A878-475E7F7054EA}) (Version: 1.1.195.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
f.lux (HKU\S-1-5-21-3285070336-867792745-467015435-1000\...\Flux) (Version: - f.lux Software LLC)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.76.5239 - Gretech Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.150 - Google LLC)
GPBaseService2 (HKLM-x32\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.0.7.4 - Hi-Rez Studios)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HP 3D DriveGuard (HKLM\...\{04927A60-31CD-4614-A25C-055B1AD3A8CE}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart C4500 All-In-One Driver Software 13.0 Rel. 4 (HKLM\...\{AA6F009F-0CCD-4DD6-A462-28419C101D54}) (Version: 13.0 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
IMVU Avatar Chat Software (HKU\S-1-5-21-3285070336-867792745-467015435-1000\...\IMVU Avatar chat client software BETA) (Version: - )
Intel(R) Computing Improvement Program (HKLM\...\{93FE134F-7678-4D90-A849-6FF6EB28CCDF}) (Version: 2.4.04289 - Intel Corporation)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.5059 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.1.1000 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.10.255 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{f0bbb6e9-80c3-4fe8-8691-b51d1281d69e}) (Version: 3.7.0.6 - Intel)
Intel® Chipset Device Software (HKLM-x32\...\{98f335cd-0a32-4b3f-b74c-ef9480e834f0}) (Version: 10.0.27 - Intel(R) Corporation) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 8 Update 151 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
KakaoTalk (HKLM-x32\...\KakaoTalk) (Version: 3.2.1.2664 - Kakao Corp.)
KeyboardTest V3.2 (HKLM\...\KeyboardTest_is1) (Version: 3.2 - PassMark Software)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{79BF4901-1EC4-4726-B3C2-A7859706C6E7}) (Version: 3.0.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
Livestreamer 1.12.2 (HKLM-x32\...\Livestreamer) (Version: - )
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Mozilla Firefox 43.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 cs)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.1 - Mozilla)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version: - NCSOFT)
Network64 (HKLM\...\{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}) (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (HKLM\...\{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}) (Version: 140.0.221.000 - Hewlett-Packard) Hidden
novaPDF 8 (HKLM\...\{8608C4B2-639F-4F52-9EC5-27E1D8798F6E}) (Version: 8.5.938 - Softland) Hidden
novaPDF 8 add-in for Microsoft Office (x64) (HKLM\...\{A53F3DB0-ECBA-4CA0-A4AC-518FA7347A02}) (Version: 8.6.942 - Softland)
novaPDF 8 add-in for Microsoft Office (x86) (HKLM-x32\...\{A0B71772-5AC4-47D5-A175-99238C057B37}) (Version: 8.6.942 - Softland)
novaPDF 8 SDK COM (x64) (HKLM\...\{80DBAF1D-E308-43B6-8AA7-8F963391885D}) (Version: 8.6.942 - Softland)
novaPDF 8 SDK COM (x86) (HKLM-x32\...\{BB360DC6-5476-44A0-9867-345A993587AB}) (Version: 8.6.942 - Softland)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
osu! (HKLM-x32\...\{2718f898-9bfa-4cb3-800a-fa7564e2d9ba}) (Version: latest - ppy Pty Ltd)
osu! (HKLM-x32\...\{4d51be9e-36ca-4ea4-99cd-31ce8c801648}) (Version: latest - ppy Pty Ltd)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
PS_AIO_04_C4500_Software_Min (HKLM-x32\...\{CF408B76-8698-4298-B549-5E6A94931B64}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
Ralink Bluetooth Stack (HKLM\...\{B346BD6C-AE56-7DD3-175C-2374C7113BCB}) (Version: 11.0.752.0 - Mediatek)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.37.0 - Mediatek)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.102 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.97.1001.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Skype verze 8.59 (HKLM-x32\...\Skype_is1) (Version: 8.59 - Skype Technologies S.A.)
SolutionCenter (HKLM-x32\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spotify (HKU\S-1-5-21-3285070336-867792745-467015435-1000\...\Spotify) (Version: 1.1.52.687.gf5565fe5 - Spotify AB)
SRWare Iron verze 55.0.2900.1 (HKLM-x32\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: 55.0.2900.1 - SRWare)
Starshine 1.díl (HKLM-x32\...\{73B3C57B-3ED7-40DB-A554-32EB5D35F84E}) (Version: 1.00.000 - )
Starshine 2.díl (HKLM-x32\...\{2FA1102F-DE05-4E79-8CED-E5BAABFC2FEF}) (Version: 1.00.000 - )
Starshine 3.díl (HKLM-x32\...\{A7123032-A8DA-48AC-9F5D-0A3B14698375}) (Version: 1.00.000 - )
Starshine 4.díl (HKLM-x32\...\{C4ECF493-29C4-4CB7-903E-90C28F3D0C00}) (Version: 1.00.000 - )
Status (HKLM-x32\...\{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}) (Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.19.0 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19.4 - TeamSpeak Systems GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.2.2756 - TeamViewer)
The Sims 2 (HKLM-x32\...\{6E7DD182-9FC6-4651-0095-2E666CC6AF35}) (Version: - )
The Witcher 2 - Assassins of Kings Enhanced Edition (HKLM-x32\...\The Witcher 2 - Assassins of Kings Enhanced Edition_is1) (Version: - GOG.com)
TightVNC (HKLM\...\{D2372F87-7DA2-47F7-A102-AF2181B8EAA2}) (Version: 2.7.10.0 - GlavSoft LLC.)
Toolbox (HKLM-x32\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (HKLM-x32\...\{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}) (Version: 130.0.422.000 - Hewlett-Packard) Hidden
TuneBlade (HKLM-x32\...\{55CB4047-9486-4D47-86B8-D8007F0D8540}) (Version: 1.8.0 - TuneBlade)
UnloadSupport (HKLM-x32\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
VideoCam Suite (HKLM-x32\...\{8113EBFB-1524-4202-AECF-5F2C037FEF8C}) (Version: 1.00.821 - Panasonic) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.1 - Sysprogs)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3285070336-867792745-467015435-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation -> Intel Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\aja\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\aja\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\aja\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-01-20] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-01-20] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-01-20] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [BthSendToContextMenuExt] -> {CF373149-C3D9-4AEB-9CE8-BDD1D2FFFA5B} => C:\Windows\system32\BSAppShlExt.dll [2013-12-16] (IVT CORPORATION -> TODO: <公司名>)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2015-03-11] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-01-20] (Google LLC -> Google)
ContextMenuHandlers1: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\aja\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinCDEmu] -> {D0E37FD2-F675-426F-B09A-2CF37BA46FD5} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\aja\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers2: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\aja\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-01-20] (Google LLC -> Google)
ContextMenuHandlers4: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\aja\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2018-12-06] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2018-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2015-03-11] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll -> No File
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [71680 2013-02-26] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2013-02-26] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [442368 2004-08-18] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [442368 2004-08-18] (On2.com) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\aja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\aja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\3373c9ebc3a5e445\Chromium.lnk -> C:\Program Files (x86)\SRWare Iron\chrome.exe () -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2018-12-06 19:54 - 2018-12-06 19:54 - 000173432 _____ (AMD PMP-PE CB Code Signer v20180327 -> Advanced Micro Devices, Inc.) [File not signed] C:\Windows\system32\amdihk64.dll
2009-05-21 19:05 - 2009-05-21 19:05 - 000097280 _____ (Hewlett Packard) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\Product Assistant\bin\hprbevst.dll
2009-09-20 10:56 - 2009-09-20 10:56 - 001171456 _____ (Hewlett-Packard Co.) [File not signed] [File is in use] C:\Program Files (x86)\HP\Digital Imaging\bin\hpodio08.dll
2009-09-20 10:56 - 2009-09-20 10:56 - 000538112 _____ (Hewlett-Packard Co.) [File not signed] [File is in use] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.dll
2009-09-20 11:07 - 2009-09-20 11:07 - 000307712 _____ (Hewlett-Packard Co.) [File not signed] [File is in use] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsti08.dll
2009-09-20 11:36 - 2009-09-20 11:36 - 000205824 _____ (Hewlett-Packard Co.) [File not signed] [File is in use] C:\Program Files (x86)\HP\Digital Imaging\bin\hpquio08.dll
2009-09-20 10:56 - 2009-09-20 10:56 - 000629248 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpocxi08.dll
2009-09-20 10:56 - 2009-09-20 10:56 - 000032256 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.rsc
2009-09-20 10:56 - 2009-09-20 10:56 - 000274432 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotradd.dll
2009-09-20 10:56 - 2009-09-20 10:56 - 000293376 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcob08.dll
2009-09-20 11:36 - 2009-09-20 11:36 - 000249344 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqcxs08.dll
2009-09-20 11:24 - 2009-09-20 11:24 - 000213504 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddcmn.dll
2009-09-20 11:24 - 2009-09-20 11:24 - 000133120 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqddsvc.dll
2009-09-20 11:24 - 2009-09-20 11:24 - 000049664 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddusr.dll
2009-05-21 19:05 - 2009-05-21 19:05 - 000326144 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqrif08.dll
2009-09-20 11:07 - 2009-09-20 11:07 - 000931328 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsem08.rsc
2009-09-20 11:07 - 2009-09-20 11:07 - 000057856 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSplh08.dll
2009-09-20 11:07 - 2009-09-20 11:07 - 000203776 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqssm08.dll
2009-09-20 11:07 - 2009-09-20 11:07 - 000285184 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqstp08.dll
2009-09-20 11:07 - 2009-09-20 11:07 - 000012288 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqstp08.rsc
2009-09-20 11:36 - 2009-09-20 11:36 - 000150528 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtao08.dll
2009-09-20 11:36 - 2009-09-20 11:36 - 000048128 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc
2009-09-20 11:07 - 2009-09-20 11:07 - 000485888 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqwso08.dll
2010-10-22 12:08 - 2010-10-22 12:08 - 001039360 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpslpsvc64.dll
2009-05-21 17:57 - 2009-05-21 17:57 - 000040960 _____ (Hewlett-Packard) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpb01.dll
2009-05-21 17:57 - 2009-05-21 17:57 - 000038912 _____ (Hewlett-Packard) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpreh.dll
2010-08-06 10:15 - 2010-08-06 10:15 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-08-06 10:15 - 2010-08-06 10:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2010-08-06 10:15 - 2010-08-06 10:15 - 000054784 _____ (Hewlett-Packard) [File not signed] C:\Windows\system32\hpzipr12.dll
2016-01-07 20:53 - 2015-12-31 15:15 - 000077312 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2013-08-22 11:08 - 2013-08-22 11:08 - 000286720 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2013-08-22 11:08 - 2013-08-22 11:08 - 000517120 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2019-03-27 23:48 - 2019-03-27 23:48 - 000115200 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2014-03-26 22:55 - 2014-03-26 22:55 - 000225280 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.7523_none_508f21ccbcbbb7a8\msvcm90.dll
2014-03-26 22:54 - 2014-03-26 22:54 - 000796672 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6229_none_88dcc0bf2fb1b808\MSVCR80.dll
2014-03-26 22:53 - 2014-03-26 22:53 - 000626688 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6229_none_d089f796442de10e\MSVCR80.dll
2015-09-25 22:34 - 2015-09-28 19:08 - 000255488 _____ (Sysprogs OU) [File not signed] C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Version 8) (Whitelisted) ==========
HKU\S-1-5-21-3285070336-867792745-467015435-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-3285070336-867792745-467015435-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-3285070336-867792745-467015435-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3285070336-867792745-467015435-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-10-21] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-21] (Oracle America, Inc. -> Oracle Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll [2014-02-24] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2014-02-24] (Microsoft Windows -> Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll [2014-02-24] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2014-02-24] (Microsoft Windows -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2015-10-14 09:52 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
2020-04-09 23:53 - 2020-04-10 00:04 - 000000501 _____ C:\Windows\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Livestreamer
HKU\S-1-5-21-3285070336-867792745-467015435-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\aja\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.120.250
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\startupreg: BtTray => "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: tvncontrol => "C:\Program Files\TightVNC\tvnserver.exe" -controlservice -slave
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{5F6B1FA5-0498-44EC-8ECB-325AFF201392}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe (IVT CORPORATION -> IVT Corporation)
FirewallRules: [{58E238F7-1057-46D3-840D-2BE44FA98C24}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe (IVT CORPORATION -> IVT Corporation)
FirewallRules: [{E555E798-E081-4D0A-86A7-E786E3512A7B}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe (IVT CORPORATION -> IVT Corporation)
FirewallRules: [{07B1DD74-38BD-41D8-BC13-D8481FFB96D3}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe (IVT CORPORATION -> IVT Corporation)
FirewallRules: [{0F92C657-7EFA-447F-97B8-2B5517934CB1}] => (Allow) C:\Users\aja\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{04A6ADA3-D4F7-4915-A80B-2F3931821DAB}] => (Allow) C:\Users\aja\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{877A562D-1622-40FD-9493-F8BBD8E51D08}] => (Allow) C:\Program Files\TightVNC\tvnserver.exe (GlavSoft LLC. -> GlavSoft LLC.)
FirewallRules: [TCP Query User{05FB8F5B-ABBE-44B8-A873-3F1CCB41C680}D:\hry\warcraft iii\war3.exe] => (Allow) D:\hry\warcraft iii\war3.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [UDP Query User{D6399B91-D2EB-41C0-93BD-3AEDEFDC3567}D:\hry\warcraft iii\war3.exe] => (Allow) D:\hry\warcraft iii\war3.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [TCP Query User{A352CD74-F3C4-489C-8EAE-BC250F37B02C}D:\hry\cs16\hl.exe] => (Allow) D:\hry\cs16\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{BC1BCED3-E083-4F64-9A0B-CE8BB42C36B4}D:\hry\cs16\hl.exe] => (Allow) D:\hry\cs16\hl.exe (Valve) [File not signed]
FirewallRules: [{17090002-63C5-4B64-A364-C88676642C04}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{6BD8BE7C-ED84-4030-80A4-D2ECB59F5B51}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{079E7FB4-21B6-4CB7-8E00-7814C3CCDB23}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{68426033-68E1-4FCB-A983-2A6862E97582}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett-Packard) [File not signed]
FirewallRules: [{61C80B22-33D2-49BC-A43C-DB44B86B5A15}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{AD6653D7-4530-44A3-866F-B745556DF24E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe () [File not signed]
FirewallRules: [{E843EB28-4214-4DA3-A432-AC86B8C10392}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{D05BE9D7-0D7C-46D4-84BB-1774B03D89CC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett-Packard) [File not signed]
FirewallRules: [{E9013AAC-0D67-400D-B978-DA54ACDED9FF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{43BB1492-E98A-4873-A050-01DCF942F61B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett-Packard) [File not signed]
FirewallRules: [{31BB9555-6B1D-4ACB-BB5B-008F0C353288}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
FirewallRules: [{CB122C81-4005-4F91-9EC9-C170F0366EAF}] => (Allow) D:\Hry\League of Legends\lol.launcher.exe (Riot Games, Inc. -> )
FirewallRules: [{BF950AD4-3AD9-4523-8B7A-2F478E220BA7}] => (Allow) D:\Hry\League of Legends\lol.launcher.exe (Riot Games, Inc. -> )
FirewallRules: [{12C13813-7CF6-488D-AEF9-4A47C5E29AFC}] => (Allow) D:\Hry\League of Legends\lol.launcher.exe (Riot Games, Inc. -> )
FirewallRules: [{63250475-385C-4A8D-9187-B009CFE9B0D0}] => (Allow) D:\Hry\League of Legends\lol.launcher.exe (Riot Games, Inc. -> )
FirewallRules: [{CAFED2BD-013D-40AF-9749-FA888B989680}] => (Allow) D:\Hry\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{3898DF7B-0BE2-4C84-A021-B8BF95DFE6E9}] => (Allow) D:\Hry\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{7228E6DA-77BC-4654-9F6B-7DF119ACAC80}] => (Allow) D:\Hry\Hearthstone\Hearthstone\Hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [{9AEC69BF-70BC-451E-A0BB-D25E992964FC}] => (Allow) D:\Hry\Hearthstone\Hearthstone\Hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [TCP Query User{0789CD24-D8E7-4C50-93F7-A7DF953A9C32}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{C20335D3-0CB0-41DD-8B8E-29165FB21D37}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{4D8BB909-C5D4-43B8-8945-DDD64D07A614}D:\hry\warcraft iii platinovka\war3.exe] => (Allow) D:\hry\warcraft iii platinovka\war3.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [UDP Query User{2238B2BE-EC9D-4C6A-8257-8208F418DF56}D:\hry\warcraft iii platinovka\war3.exe] => (Allow) D:\hry\warcraft iii platinovka\war3.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [TCP Query User{BA41ED42-7482-4527-80D6-C2FADECCEACA}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{4BD2F1A8-FF3D-4771-85F4-045DAEF0FE37}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{9F0803E8-E2CF-49CC-9F19-6867410A3165}D:\hry\call of duty 2\cod2mp_s.exe] => (Allow) D:\hry\call of duty 2\cod2mp_s.exe () [File not signed]
FirewallRules: [UDP Query User{972D6CA6-5E2F-4B6D-84D8-52DA713449C9}D:\hry\call of duty 2\cod2mp_s.exe] => (Allow) D:\hry\call of duty 2\cod2mp_s.exe () [File not signed]
FirewallRules: [TCP Query User{4895B475-AA0C-4911-83ED-FDB8467A27D5}D:\hry\flatout 2\flatout2.exe] => (Allow) D:\hry\flatout 2\flatout2.exe () [File not signed]
FirewallRules: [UDP Query User{B4B3B143-827F-423E-886F-74E45C95DB9C}D:\hry\flatout 2\flatout2.exe] => (Allow) D:\hry\flatout 2\flatout2.exe () [File not signed]
FirewallRules: [{AFBBFDC0-B84A-491A-91E4-37427E15F274}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8FC25935-9C9E-4576-8D67-B9CB19750375}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D354FBDE-AC24-460D-86F2-0CDB98A87B1C}] => (Allow) D:\Hry\Assassin's Creed\AssassinsCreed_Dx9.exe => No File
FirewallRules: [{B4AF84AA-591B-4FEB-8ED0-F2343230AF4A}] => (Allow) D:\Hry\Assassin's Creed\AssassinsCreed_Dx9.exe => No File
FirewallRules: [{60AC36D8-D012-49AE-9122-51CDCAF24B97}] => (Allow) D:\Hry\Assassin's Creed\AssassinsCreed_Dx10.exe => No File
FirewallRules: [{45F4D565-D423-423A-A7DD-F7CEAE35326B}] => (Allow) D:\Hry\Assassin's Creed\AssassinsCreed_Dx10.exe => No File
FirewallRules: [{DCE6A8C1-6B1A-4148-88E6-EE60D7F8F652}] => (Allow) D:\Hry\Assassin's Creed\AssassinsCreed_Launcher.exe => No File
FirewallRules: [{A5CDBC47-BB2E-4249-8143-D88A4171AD26}] => (Allow) D:\Hry\Assassin's Creed\AssassinsCreed_Launcher.exe => No File
FirewallRules: [{1AB90708-4CFD-484E-A5A0-7E53679B918F}] => (Allow) D:\Hry\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe (Microsoft) [File not signed]
FirewallRules: [{1681D742-6475-42F2-9B59-7FA6AA187357}] => (Allow) D:\Hry\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe (Microsoft) [File not signed]
FirewallRules: [TCP Query User{0387DB6E-3D0C-46A9-95E6-2053D4A0A666}D:\hry\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\hry\steam\steamapps\common\paladins\binaries\win32\paladins.exe (Hi-Rez Studios, Inc. -> Hirez Studios, Inc.)
FirewallRules: [UDP Query User{56751935-238B-4CC3-BE8D-DBD541AFC556}D:\hry\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\hry\steam\steamapps\common\paladins\binaries\win32\paladins.exe (Hi-Rez Studios, Inc. -> Hirez Studios, Inc.)
FirewallRules: [{6E1B9833-1550-4262-88C3-C70D7CC4C1EB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{C094F1AE-73CE-486B-BA85-AB4F053CC843}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{0C0DFA74-EF21-48A7-B677-82B1961356A0}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{A411D506-538C-474C-9FD8-FD7B4000ACA4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{7C3F3FC4-A1D0-45AC-B69D-15FB97216549}] => (Allow) D:\Hry\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B6AC2127-41D4-42A7-8D8E-340D380B6DCD}] => (Allow) D:\Hry\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{2A03EA01-BEB1-45DC-BA1F-5CEE27B55FE1}D:\hry\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\hry\steam\steamapps\common\paladins\binaries\win32\paladins.exe (Hi-Rez Studios, Inc. -> Hirez Studios, Inc.)
FirewallRules: [UDP Query User{CCB3238C-2BBE-4AE0-91AE-DA7AC7782C5D}D:\hry\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\hry\steam\steamapps\common\paladins\binaries\win32\paladins.exe (Hi-Rez Studios, Inc. -> Hirez Studios, Inc.)
FirewallRules: [TCP Query User{D959DA79-473A-4FA7-BE15-BD90EA90D3CE}D:\hry\flatout 2\flatout2.exe] => (Allow) D:\hry\flatout 2\flatout2.exe () [File not signed]
FirewallRules: [UDP Query User{6719C012-7C80-4356-9709-4F860E1DC191}D:\hry\flatout 2\flatout2.exe] => (Allow) D:\hry\flatout 2\flatout2.exe () [File not signed]
FirewallRules: [TCP Query User{8CCCF233-D6E5-48AC-9310-3EA8CCDCBEE0}D:\hry\call of duty 2\cod2mp_s.exe] => (Allow) D:\hry\call of duty 2\cod2mp_s.exe () [File not signed]
FirewallRules: [UDP Query User{73309E6B-EE7D-4187-968A-309B0690F542}D:\hry\call of duty 2\cod2mp_s.exe] => (Allow) D:\hry\call of duty 2\cod2mp_s.exe () [File not signed]
FirewallRules: [TCP Query User{3FD57E62-8ACB-405D-A788-8DA7A1BD64CF}D:\plocha\bulanci.exe] => (Allow) D:\plocha\bulanci.exe () [File not signed]
FirewallRules: [UDP Query User{ED70EF75-F22C-4731-8491-E7C2D11A1D4E}D:\plocha\bulanci.exe] => (Allow) D:\plocha\bulanci.exe () [File not signed]
FirewallRules: [{B1A34F38-E7E4-4904-8236-A3B1CD6BBB6F}] => (Allow) D:\Hry\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe (Telltale Games) [File not signed]
FirewallRules: [{09302FCD-99AB-4C14-AF36-32B3693D8AE3}] => (Allow) D:\Hry\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe (Telltale Games) [File not signed]
FirewallRules: [TCP Query User{52B67638-CDCF-4D9A-BA09-4DA49D8A2342}D:\hry\hearthstone\hearthstone\hearthstone.exe] => (Allow) D:\hry\hearthstone\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [UDP Query User{BC831689-C6DD-4E8B-B6B0-0EF824A44A21}D:\hry\hearthstone\hearthstone\hearthstone.exe] => (Allow) D:\hry\hearthstone\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [{D5F8AF51-9076-474C-9DCC-1D51BBA7F20F}] => (Allow) D:\Hry\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe (DONTNOD Entertainment) [File not signed]
FirewallRules: [{34E6D837-5D8F-4CFA-90E2-6E2DC0EFF8F7}] => (Allow) D:\Hry\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe (DONTNOD Entertainment) [File not signed]
FirewallRules: [{920615D8-0B85-471C-AE8D-9926EB64991A}] => (Allow) D:\Hry\Steam\steamapps\common\Subnautica\Subnautica.exe () [File not signed]
FirewallRules: [{29502BDC-3D41-4870-B710-0CA5FADC4156}] => (Allow) D:\Hry\Steam\steamapps\common\Subnautica\Subnautica.exe () [File not signed]
FirewallRules: [{75B0D7B5-F880-4FAF-A03F-12A8825B021F}] => (Allow) D:\Hry\Steam\steamapps\common\Limbo\limbo.exe (Playdead) [File not signed]
FirewallRules: [{17138187-44A4-4878-A6FE-9B12B05E9AC6}] => (Allow) D:\Hry\Steam\steamapps\common\Limbo\limbo.exe (Playdead) [File not signed]
FirewallRules: [TCP Query User{224DD891-9AD8-4AAF-B2AC-625D7CFEAD52}D:\hry\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Block) D:\hry\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [UDP Query User{B433D18B-AA41-48A6-84D8-C44028D252D6}D:\hry\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Block) D:\hry\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [{CDDE7470-C788-47C2-9295-AA204FDA792B}] => (Allow) D:\Hry\Steam\steamapps\common\CaptainSpirit\CaptainSpirit\Binaries\Win64\CaptainSpirit-Win64-Shipping.exe (Square Enix) [File not signed]
FirewallRules: [{2EC5726A-FE9E-4F91-82FF-032C50EC7C96}] => (Allow) D:\Hry\Steam\steamapps\common\CaptainSpirit\CaptainSpirit\Binaries\Win64\CaptainSpirit-Win64-Shipping.exe (Square Enix) [File not signed]
FirewallRules: [{877FBAEF-77ED-4D90-B980-D31667D9E470}] => (Allow) D:\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{00896ED6-6737-421D-A89F-D4A3E0B75F20}] => (Allow) D:\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{ADC10144-E4D9-446D-AD73-995ED19DC0E2}] => (Allow) D:\Hry\Steam\steamapps\common\Ori DE\oriDE.exe () [File not signed]
FirewallRules: [{C74F2163-546B-4DDF-874D-B7DAD9731F2F}] => (Allow) D:\Hry\Steam\steamapps\common\Ori DE\oriDE.exe () [File not signed]
FirewallRules: [{FB7F0A2B-3F92-4C1D-A6D8-AFE431B14484}] => (Allow) D:\Hry\Steam\steamapps\common\Ori\ori.exe () [File not signed]
FirewallRules: [{453C56AC-ADCC-4272-8793-5B476492C657}] => (Allow) D:\Hry\Steam\steamapps\common\Ori\ori.exe () [File not signed]
FirewallRules: [{AD1A2463-D8B3-45B5-BF64-A6AD11C6D1B0}] => (Allow) D:\Hry\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{CA97A851-2E21-4829-AFCF-386891218B4E}] => (Allow) D:\Hry\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [TCP Query User{367EB5BC-6B74-48FB-8099-9C8FE3317090}D:\hry\world of warcraft ofic + battle.net\world of warcraft\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) D:\hry\world of warcraft ofic + battle.net\world of warcraft\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{86080BBA-B98A-4947-9D69-48F8E42A0F4F}D:\hry\world of warcraft ofic + battle.net\world of warcraft\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) D:\hry\world of warcraft ofic + battle.net\world of warcraft\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{ACC29842-1088-485F-8CE0-0530839C0DA6}D:\hry\world of warcraft ofic + battle.net\world of warcraft\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) D:\hry\world of warcraft ofic + battle.net\world of warcraft\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{ACD1EA84-2B27-4037-A19F-D7AEB5D2A4AF}D:\hry\world of warcraft ofic + battle.net\world of warcraft\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) D:\hry\world of warcraft ofic + battle.net\world of warcraft\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{536A8B04-1D5C-4118-B9F5-29F751823357}] => (Allow) D:\Hry\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe (DONTNOD Entertainment) [File not signed]
FirewallRules: [{E3514E0C-0677-4F02-8142-4F649D86A223}] => (Allow) D:\Hry\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe (DONTNOD Entertainment) [File not signed]
FirewallRules: [TCP Query User{04880BE5-44E0-4AB0-84E5-35101C302084}D:\hry\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\hry\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{F017C83F-3734-4F07-A54E-0AB5C6E0E571}D:\hry\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\hry\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{0A1F3159-9D14-457E-ADB8-8B5E59D4C9C7}D:\hry\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\hry\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{DA1CF9BC-2413-418D-B4B9-A1BE4DACF8BD}D:\hry\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\hry\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{6104E39F-F94C-4BB3-91A0-28A779F43C0F}C:\program files\java\jre1.8.0_151\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_151\bin\javaw.exe
FirewallRules: [UDP Query User{D8F3E812-1EBD-4320-A6E6-CB900CB8EEEE}C:\program files\java\jre1.8.0_151\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_151\bin\javaw.exe
FirewallRules: [TCP Query User{E7DDF157-E893-4F83-93A4-23698923C24C}C:\users\aja\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\aja\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{0F691D78-9DC5-4D31-BE14-C514AC8A7257}C:\users\aja\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\aja\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{883FCB1C-3596-499B-870B-1D0002354667}C:\users\aja\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\aja\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{079D33D8-A13A-47EA-B2A7-C64155AAC487}C:\users\aja\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\aja\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7717AAB4-F1BA-4426-8CCD-C043DB44FDEB}] => (Allow) D:\Hry\Steam\steamapps\common\AION\NCLauncher.exe (NCSOFT Corporation -> NCSOFT Corporation)
FirewallRules: [{82DA82FD-FD05-4600-BA1E-C1280193BD40}] => (Allow) D:\Hry\Steam\steamapps\common\AION\NCLauncher.exe (NCSOFT Corporation -> NCSOFT Corporation)
FirewallRules: [{9BB5A51A-93E8-4EE9-97B7-419340248482}] => (Allow) D:\Program Files (x86)\TuneBlade\Tuneblade.exe (Breakfree Audio -> TuneBlade)
FirewallRules: [{6A9CAE43-8DD3-4837-8D3F-5506459BC9B8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FE1FFEA1-2D76-4CFC-A6A3-786BFB5FDBB9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{118FB184-3046-4324-9884-5B33254C6404}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4EF4A8A1-0157-4CAD-9542-8F3A0F7AB500}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{E8F5A5A8-CBD6-49F4-AE38-47F86ED82D01}D:\hry\the.witcher.2.assassins.of.kings.enhanced.edition-skidrow\the witcher 2 enhanced edition\bin\witcher2.exe] => (Allow) D:\hry\the.witcher.2.assassins.of.kings.enhanced.edition-skidrow\the witcher 2 enhanced edition\bin\witcher2.exe () [File not signed]
FirewallRules: [UDP Query User{28E81B4D-6A97-4028-A4D4-DCE7E0629B76}D:\hry\the.witcher.2.assassins.of.kings.enhanced.edition-skidrow\the witcher 2 enhanced edition\bin\witcher2.exe] => (Allow) D:\hry\the.witcher.2.assassins.of.kings.enhanced.edition-skidrow\the witcher 2 enhanced edition\bin\witcher2.exe () [File not signed]
FirewallRules: [{A944D78C-89C2-402D-9778-45F2474E782B}] => (Block) D:\hry\the.witcher.2.assassins.of.kings.enhanced.edition-skidrow\the witcher 2 enhanced edition\bin\witcher2.exe () [File not signed]
FirewallRules: [{BB35B2C4-7B18-49D7-BC12-9161418AE1A5}] => (Block) D:\hry\the.witcher.2.assassins.of.kings.enhanced.edition-skidrow\the witcher 2 enhanced edition\bin\witcher2.exe () [File not signed]
FirewallRules: [{4E2AAC03-6E6B-4EC3-95E9-47CEECA51744}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C5365378-AC5E-4DEA-8162-AAF264DC7E28}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{3756D9C3-550E-441C-909A-34B4042DBE6A}D:\hry\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Block) D:\hry\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [UDP Query User{5C804A77-2E0E-4F53-AAE7-45365595DFB6}D:\hry\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Block) D:\hry\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [{9D9D26B4-5924-4B2E-89DE-0CB68E3D5898}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{45AF5749-161F-46D7-9402-328C92F7DA1D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{EC884E06-3350-4C71-84AE-E4F6770259FE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7E4C34AA-F63B-4952-9E55-0C39A5E4EEFA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{74C7CA42-A47C-4739-A924-4920255F778D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5168F6EF-784B-4548-AB3C-C14A678AC62D}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{87F33FD6-BAC9-418B-9AEC-13CEE55EC839}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{1E486AC9-1B94-4006-9468-A5D2C05FE3DD}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:60 GB) (Free:2.88 GB) (5%)
Check "VSS" service
==================== Faulty Device Manager Devices ============
Name: Photosmart C4500 series
Description: Photosmart C4500 series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (02/13/2021 06:50:25 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x80070422, Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
.
Operace:
Vytvoření instance serveru VSS
Error: (02/13/2021 06:50:25 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} a názvem IVssCoordinatorEx2 nelze spustit. [0x80070422, Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
]
Operace:
Vytvoření instance serveru VSS
Error: (02/13/2021 02:42:28 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x80070422, Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
.
Operace:
Vytvoření instance serveru VSS
Error: (02/13/2021 02:42:28 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} a názvem IVssCoordinatorEx2 nelze spustit. [0x80070422, Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
]
Operace:
Vytvoření instance serveru VSS
Error: (02/13/2021 02:42:27 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x80070422, Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
.
Operace:
Vytvoření instance serveru VSS
Error: (02/13/2021 02:42:27 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} a názvem IVssCoordinatorEx2 nelze spustit. [0x80070422, Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
]
Operace:
Vytvoření instance serveru VSS
Error: (02/13/2021 02:42:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/13/2021 12:07:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 29737940
System errors:
=============
Error: (02/13/2021 04:47:24 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.
Error: (02/13/2021 04:47:24 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (02/13/2021 04:47:24 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (02/13/2021 04:04:26 PM) (Source: BROWSER) (EventID: 8032) (User: )
Description: Službě Browser se při přenosu \Device\NetBT_Tcpip_{B65319CF-2650-44F3-A9F4-A45F7F284BAA} příliš často nezdařilo načíst záložní seznam.
Záložní prohledávač bude ukončen.
Error: (02/13/2021 02:47:06 PM) (Source: BROWSER) (EventID: 8032) (User: )
Description: Službě Browser se při přenosu \Device\NetBT_Tcpip_{B65319CF-2650-44F3-A9F4-A45F7F284BAA} příliš často nezdařilo načíst záložní seznam.
Záložní prohledávač bude ukončen.
Error: (02/13/2021 02:43:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (02/13/2021 02:43:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Presentation Foundation Font Cache 3.0.0.0 bylo dosaženo časového limitu (30000 ms).
Error: (02/13/2021 02:42:15 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Windows Defender:
=================
CodeIntegrity:
==============
Date: 2021-02-13 18:08:42.808
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe because the set of per-page image hashes could not be found on the system.
Date: 2021-02-13 18:08:42.789
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe because the set of per-page image hashes could not be found on the system.
Date: 2021-02-13 16:08:51.762
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe because the set of per-page image hashes could not be found on the system.
Date: 2021-02-13 16:08:51.737
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe because the set of per-page image hashes could not be found on the system.
Date: 2021-02-13 14:09:26.297
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe because the set of per-page image hashes could not be found on the system.
Date: 2021-02-13 14:09:26.282
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe because the set of per-page image hashes could not be found on the system.
Date: 2021-02-13 12:09:07.055
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe because the set of per-page image hashes could not be found on the system.
Date: 2021-02-13 12:09:07.041
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: Insyde F.14 10/04/2013
Motherboard: Hewlett-Packard 1970
Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
Percentage of memory in use: 91%
Total physical RAM: 3994.36 MB
Available physical RAM: 327.41 MB
Total Virtual: 8088.54 MB
Available Virtual: 2785.16 MB
==================== Drives ================================
Drive c: (Sedm) (Fixed) (Total:60 GB) (Free:2.88 GB) NTFS
Drive d: (Data) (Fixed) (Total:638.54 GB) (Free:18.63 GB) NTFS
\\?\Volume{a9df2ec4-b51a-11e3-a061-806e6f6e6963}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: 710FD2B4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=60 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=638.5 GB) - (Type=05)
==================== End of Addition.txt =======================
prosím o kontrolu logu. Přítelkyni se zpomaluje a seká počítač, Avira jí hlásí několik podezřelých souborů a tr/crypt.xpack.gen.
Moc děkuji.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-02-2021
Ran by aja (administrator) on AJA-NTB (Hewlett-Packard HP Pavilion 15 Notebook PC) (13-02-2021 18:41:14)
Running from D:\Plocha
Loaded Profiles: aja
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\AutoHotkey\AutoHotkey.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Discord Inc. -> Discord Inc.) C:\Users\aja\AppData\Local\Discord\app-0.0.309\Discord.exe <6>
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(F.lux Software LLC -> f.lux Software LLC) C:\Users\aja\AppData\Local\FluxSoftware\Flux\flux.exe
(GlavSoft LLC. -> GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <15>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Hewlett-Packard) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Hi-Rez Studios) [File not signed] D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel(R) Driver & Support Assistant -> Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
(Intel(R) Driver & Support Assistant -> Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSATray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Softland S.R.L. -> Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
(Spotify AB -> Spotify Ltd) C:\Users\aja\AppData\Roaming\Spotify\Spotify.exe <6>
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2773232 2013-10-17] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [705728 2020-11-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [126200 2018-12-12] (Intel(R) Driver & Support Assistant -> Intel)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3285070336-867792745-467015435-1000\...\Run: [f.lux] => C:\Users\aja\AppData\Local\FluxSoftware\Flux\flux.exe [1469968 2020-06-17] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-3285070336-867792745-467015435-1000\...\Run: [Spotify] => C:\Users\aja\AppData\Roaming\Spotify\Spotify.exe [23722056 2021-02-05] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3285070336-867792745-467015435-1000\...\Run: [] => [X]
HKU\S-1-5-21-3285070336-867792745-467015435-1000\...\Run: [Discord] => C:\Users\aja\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3285070336-867792745-467015435-1000\...\MountPoints2: F - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3285070336-867792745-467015435-1000\...\MountPoints2: V - V:\setup.exe
HKU\S-1-5-21-3285070336-867792745-467015435-1000\...\MountPoints2: {50822d89-a616-11e8-aa85-a0d3c152f807} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3285070336-867792745-467015435-1000\...\MountPoints2: {5f4fa7db-615c-11e9-873e-8056f275a1a2} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3285070336-867792745-467015435-1000\...\MountPoints2: {5f4fa7ec-615c-11e9-873e-8056f275a1a2} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3285070336-867792745-467015435-1000\...\MountPoints2: {7ee16692-b395-11e8-93a8-a0d3c152f807} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3285070336-867792745-467015435-1000\...\MountPoints2: {999871d2-6be8-11e9-a7b2-8056f275a1a2} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3285070336-867792745-467015435-1000\...\MountPoints2: {a8d56778-d315-11e5-908f-a0d3c152f807} - F:\autorun.exe
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\hpzppw72: C:\Windows\System32\spool\prtprocs\x64\hpzppw72.dll [257024 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\doPDF 7 Monitor: C:\Windows\system32\dopdfmn7.dll [25888 2014-03-19] (Softland S.R.L. -> Softland)
HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\Windows\system32\hpzllw71.dll [53248 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\PCL hpz3lw72: C:\Windows\system32\hpz3lw72.dll [46080 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.150\Installer\chrmstp.exe [2021-02-08] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\Users\aja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Registration Assassin's Creed.LNK [2016-04-28]
ShortcutTarget: Registration Assassin's Creed.LNK -> D:\Hry\Assassin's Creed\Register\RegistrationReminder.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-05-12]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\replacefunckeys.ahk [2018-07-26] () [File not signed]
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0AEDDC88-E915-4650-B2E3-4489DFF45B90} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {13C7EB83-2A1A-42D7-A360-69E282AF456C} - \{FDE55449-AF58-4C4F-B28C-94B8154AA81A} -> No File <==== ATTENTION
Task: {1D31571A-D93E-4D54-AD64-3E3EB556A959} - \{981B7714-33E0-432F-A022-0BDDC2ECEA19} -> No File <==== ATTENTION
Task: {1F3500AC-E1DF-48DC-A5C0-FB0BB088F7F6} - \IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 -> No File <==== ATTENTION
Task: {29D02E91-67F0-4D37-8AE5-ED3BA2C2B4BD} - \{A845BF78-9E3E-4E5F-84B4-96B977815136} -> No File <==== ATTENTION
Task: {2A03F595-A8FA-48E4-AEA3-C3C284E565B3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {2B0721A9-F356-4D55-95EE-F0B1A5900E64} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [233176 2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {2CFE7C26-7DB0-45B2-BC69-B6BD6A3F82F6} - \{816C3A3F-3DFC-4881-99CB-DEB6DE0B48D4} -> No File <==== ATTENTION
Task: {588572F1-85DE-4B98-A5A5-4F895D08ABF0} - \IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon -> No File <==== ATTENTION
Task: {5EF5FB2A-9E74-40E7-AB4C-F8F7806F044B} - \ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon -> No File <==== ATTENTION
Task: {5FDC2A8C-88F6-4FA2-9654-60986524D9A6} - \ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d -> No File <==== ATTENTION
Task: {6FFEA7BB-303E-4378-80F4-795771F49269} - \StartDVR -> No File <==== ATTENTION
Task: {73DB9093-89F0-4F5A-9637-21AF08BAB9FC} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [29757392 2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {8BC4DCC1-B9E1-4C4B-A538-8C08B0B3C60E} - \Avast Software\Overseer -> No File <==== ATTENTION
Task: {8E124E2B-E485-44EF-8E2C-CB97BD295EAD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-04-23] (Google Inc -> Google Inc.)
Task: {8E3F7C1B-F50A-4E86-83C9-1453B9B6A8A3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2015-04-23] (Google Inc -> Google Inc.)
Task: {9B87201F-0FE4-45E4-887C-2F20D500F12F} - \AMDLinkUpdate -> No File <==== ATTENTION
Task: {B1A7C8FE-9B11-4F6A-87EB-6D88C1A6B3E9} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2649200 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {B8CAE4CA-BFB5-482D-B174-A143FA8FD504} - \Adobe Flash Player PPAPI Notifier -> No File <==== ATTENTION
Task: {DF79AF6C-2BED-402E-A374-388A2143DCA2} - \ModifyLinkUpdate -> No File <==== ATTENTION
Task: {F3328174-6D70-43E8-9FBF-8A41CFBDC2AC} - \StartCN -> No File <==== ATTENTION
Task: {F80EB2B8-5E55-44AB-BDB1-30DD05EF0298} - \Defraggler Volume C Task -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.120.250
Tcpip\..\Interfaces\{9B50915E-1AA6-4AD9-AD34-A0C9339CDD45}: [DhcpNameServer] 192.168.137.1
Tcpip\..\Interfaces\{B65319CF-2650-44F3-A9F4-A45F7F284BAA}: [DhcpNameServer] 192.168.120.250
FireFox:
========
FF ProfilePath: C:\Users\aja\AppData\Roaming\Mozilla\Firefox\Profiles\0yy4fbsg.default [2020-11-01]
FF user.js: detected! => C:\Users\aja\AppData\Roaming\Mozilla\Firefox\Profiles\0yy4fbsg.default\user.js [2018-06-07]
FF DownloadDir: C:\Users\Aja\Downloads
FF Homepage: Mozilla\Firefox\Profiles\0yy4fbsg.default -> hxxp://www.google.cz/
FF Session Restore: Mozilla\Firefox\Profiles\0yy4fbsg.default -> is enabled.
FF Extension: (Avira Browser Safety) - C:\Users\aja\AppData\Roaming\Mozilla\Firefox\Profiles\0yy4fbsg.default\Extensions\abs@avira.com.xpi [2016-02-28] [Legacy]
FF Extension: (ChatZilla) - C:\Users\aja\AppData\Roaming\Mozilla\Firefox\Profiles\0yy4fbsg.default\Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2016-01-07] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2015-12-29] (Adobe Systems Incorporated -> )
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-29] (Adobe Systems Incorporated -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-02-02] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\aja\AppData\Local\Google\Chrome\User Data\Default [2021-02-13]
CHR HomePage: Default -> hxxp://www.google.cz/
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\aja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-05-11]
CHR Extension: (Dokumenty) - C:\Users\aja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-11]
CHR Extension: (Disk Google) - C:\Users\aja\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25]
CHR Extension: (MEGA) - C:\Users\aja\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2021-02-11]
CHR Extension: (YouTube) - C:\Users\aja\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-05-11]
CHR Extension: (uBlock Origin) - C:\Users\aja\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-02-08]
CHR Extension: (Screen Recorder for Google Chrome™) - C:\Users\aja\AppData\Local\Google\Chrome\User Data\Default\Extensions\eclbecdgdoahkliaijlpkigldlkojjdn [2020-10-14]
CHR Extension: (Adobe Acrobat) - C:\Users\aja\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-12-17]
CHR Extension: (Tabulky) - C:\Users\aja\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-05-11]
CHR Extension: (Avira Browser Safety) - C:\Users\aja\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2021-02-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\aja\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\aja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\aja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-24]
CHR Extension: (Chrome Media Router) - C:\Users\aja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-29]
CHR Profile: C:\Users\aja\AppData\Local\Google\Chrome\User Data\System Profile [2018-01-12]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKU\S-1-5-21-3285070336-867792745-467015435-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\aja\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2017-10-05]
CHR HKU\S-1-5-21-3285070336-867792745-467015435-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [98208 2009-11-17] (Andrea Electronics -> Andrea Electronics Corporation)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1205960 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [483432 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [483432 2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [573960 2021-01-14] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [636592 2020-11-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2988544 2020-06-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [384360 2020-12-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [246168 2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [161072 2020-12-16] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1579880 2013-12-27] (IVT CORPORATION -> IVT Corporation)
S3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [145656 2013-12-16] (IVT CORPORATION -> IVT Corporation)
R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [23288 2018-12-12] (Intel(R) Driver & Support Assistant -> Intel)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [784512 2019-06-24] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
U2 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2018-06-11] (Hi-Rez Studios) [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S3 hpqwmiex; C:\Users\aja\AppData\Roaming\Hewlett-Packard\hpqwmiex.exe [794112 2014-03-26] (Hewlett-Packard Company) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [41760 2015-11-18] (Softland S.R.L. -> Microsoft)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-12-28] (Even Balance, Inc. -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [2179056 2013-07-19] (GlavSoft LLC. -> GlavSoft LLC.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-11-15] (Microsoft Windows -> Microsoft Corporation)
S3 Intel(R) SUR QC SAM; "C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [68152 2019-06-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [222200 2020-11-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [178720 2020-05-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36072 2019-02-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [35376 2019-02-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [33968 2012-12-19] (Ralink Technology Corporation -> IVT Corporation)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (Ralink Technology Corporation -> IVT Corporation)
S3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [54064 2013-04-26] (Mediatek Inc. -> Ralink Corporation)
S3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [50272 2013-12-16] (IVT CORPORATION -> Ralink Corporation)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-11-23] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-11-23] (Disc Soft Ltd -> Disc Soft Ltd)
R1 Ext2Fsd; C:\Windows\System32\Drivers\Ext2Fsd.sys [787576 2015-06-09] (Kasherlab Technology Inc. -> www.ext2fsd.com)
R3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [301784 2015-06-01] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\DRIVERS\rtbth.sys [1204936 2014-02-12] (Mediatek Inc. -> Ralink Technology, Corp.)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [752856 2015-05-29] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
U5 RTSUER; C:\Windows\System32\Drivers\RTSUER.sys [402136 2015-05-27] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2013-11-15] (Microsoft Corporation) [File not signed]
S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [30720 2013-11-15] (Microsoft Corporation) [File not signed]
U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [33968 2012-12-19] (Ralink Technology Corporation -> IVT Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-13 18:40 - 2021-02-13 18:42 - 000000000 ____D C:\FRST
2021-02-12 21:34 - 2021-02-12 21:34 - 000000017 _____ C:\Users\aja\AppData\Local\resmon.resmoncfg
2021-02-12 21:21 - 2021-02-12 21:22 - 000000000 ____D C:\Users\aja\AppData\Local\TeamViewer
2021-02-12 21:21 - 2021-02-12 21:21 - 000000975 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2021-02-07 21:57 - 2021-02-07 21:58 - 000083288 _____ (Zoom Video Communications, Inc.) C:\Users\aja\Downloads\Zoom_cm_fik4fkwZ9vvrZo4_mCEbU7h-SZDwgbcuVAmr8ktGXDuJkFQMeqeU@JTrx2WoAS8F3AWlm_k0be628b127e0600e_.exe
2021-01-27 00:24 - 2021-01-27 00:25 - 000000000 ____D C:\Users\aja\AppData\Local\Discord
2021-01-19 13:58 - 2021-01-19 13:58 - 000253992 _____ (Cisco Webex LLC) C:\Users\aja\Downloads\webex.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-13 18:46 - 2017-08-27 19:38 - 000000000 ____D C:\Users\aja\AppData\Roaming\discord
2021-02-13 17:58 - 2019-06-30 18:32 - 000000000 ____D C:\Users\aja\AppData\Roaming\Spotify
2021-02-13 14:50 - 2009-07-14 05:45 - 000032448 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-02-13 14:50 - 2009-07-14 05:45 - 000032448 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-02-13 14:43 - 2016-01-07 22:20 - 000000000 __SHD C:\Users\aja\IntelGraphicsProfiles
2021-02-13 14:42 - 2015-12-14 18:18 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-02-13 14:40 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-02-13 14:40 - 2009-07-14 05:45 - 000441064 _____ C:\Windows\system32\FNTCACHE.DAT
2021-02-12 21:23 - 2014-03-26 21:12 - 000116656 _____ C:\Users\aja\AppData\Local\GDIPFONTCACHEV1.DAT
2021-02-12 20:50 - 2011-04-12 09:34 - 000669830 _____ C:\Windows\system32\perfh005.dat
2021-02-12 20:50 - 2011-04-12 09:34 - 000141956 _____ C:\Windows\system32\perfc005.dat
2021-02-12 20:50 - 2009-07-14 06:13 - 001586648 _____ C:\Windows\system32\PerfStringBackup.INI
2021-02-12 20:50 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2021-02-12 20:25 - 2016-01-07 21:23 - 000000000 ____D C:\Users\aja\AppData\Roaming\vlc
2021-02-12 18:53 - 2015-12-14 19:08 - 000000000 ____D C:\Users\aja\AppData\Roaming\TeamViewer
2021-02-12 18:53 - 2014-03-26 20:53 - 000000000 ___HD C:\AMD
2021-02-12 18:11 - 2019-06-30 18:33 - 000000000 ____D C:\Users\aja\AppData\Local\Spotify
2021-02-12 18:04 - 2014-04-25 18:28 - 000000000 ____D C:\Windows\Minidump
2021-02-12 18:04 - 2014-03-26 22:19 - 000000000 ____D C:\Users\aja\AppData\Roaming\uTorrent
2021-02-10 01:03 - 2020-09-30 19:36 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2021-02-10 01:02 - 2018-09-21 23:34 - 000002063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-02-08 22:25 - 2015-04-23 11:56 - 000002228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-05 16:47 - 2020-10-29 16:27 - 000003596 _____ C:\Windows\system32\Tasks\Avira_Security_Update
2021-02-05 13:16 - 2016-02-01 22:49 - 000003386 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-05 13:16 - 2016-02-01 22:49 - 000003258 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-03 21:07 - 2020-10-29 16:28 - 000003668 _____ C:\Windows\system32\Tasks\AviraSystemSpeedupUpdate
2021-02-03 12:12 - 2017-09-20 04:57 - 000003292 _____ C:\Windows\system32\Tasks\Avira_Antivirus_Systray
2021-01-27 11:59 - 2017-10-05 08:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2021-01-27 00:25 - 2017-08-27 19:38 - 000000000 ____D C:\Users\aja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2021-01-27 00:25 - 2017-08-27 19:37 - 000000000 ____D C:\Users\aja\AppData\Local\SquirrelTemp
2021-01-21 21:28 - 2020-12-28 21:14 - 000000000 ____D C:\Users\aja\Documents\The Witcher 3
2021-01-18 09:08 - 2020-08-24 21:03 - 000032602 _____ C:\Windows\Tasks\SCHEDLGU.TXT
==================== Files in the root of some directories ========
2017-04-15 10:26 - 2017-07-04 13:07 - 007137216 _____ (Geek Unіnstaller) C:\Program Files\geek.exe
2014-06-15 23:52 - 2021-01-01 17:37 - 000011776 _____ () C:\Users\aja\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-07-01 19:50 - 2020-07-01 19:50 - 000001456 _____ () C:\Users\aja\AppData\Local\psppirerc
2014-08-30 20:25 - 2014-09-02 20:53 - 000000600 _____ () C:\Users\aja\AppData\Local\PUTTY.RND
2020-07-01 19:50 - 2020-07-01 19:50 - 000000722 _____ () C:\Users\aja\AppData\Local\recently-used.xbel
2021-02-12 21:34 - 2021-02-12 21:34 - 000000017 _____ () C:\Users\aja\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2021-02-11 12:17
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-02-2021
Ran by aja (13-02-2021 18:46:29)
Running from D:\Plocha
Windows 7 Professional Service Pack 1 (X64) (2014-03-26 19:21:10)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3285070336-867792745-467015435-500 - Administrator - Disabled)
aja (S-1-5-21-3285070336-867792745-467015435-1000 - Administrator - Enabled) => C:\Users\aja
Guest (S-1-5-21-3285070336-867792745-467015435-501 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
. . (HKLM\...\{EAA6C597-BD0D-454D-AEB7-FF0A57905C1C}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32\...\{8CBC102C-34F4-4EB9-9529-3B222367621F}) (Version: 3.7.0.6 - Intel) Hidden
µTorrent (HKU\S-1-5-21-3285070336-867792745-467015435-1000\...\uTorrent) (Version: 3.5.5.45852 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20135 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.414 - Adobe)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
AutoHotkey 1.1.29.01 (HKLM\...\AutoHotkey) (Version: 1.1.29.01 - Lexikos)
Avira (HKLM-x32\...\{161e6084-b0f5-43e8-86d8-09eda5c0893d}) (Version: 1.2.153.30452 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{426D1710-5DFD-45E9-B11D-464792C5AD35}) (Version: 1.2.153.30452 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2101.2070 - Avira Operations GmbH & Co. KG) Hidden
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.37.1.24458 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.0.44.15540 - Avira Operations GmbH & Co. KG) Hidden
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version: - Avira Operations GmbH & Co. KG;)
Avira Software Updater (HKLM-x32\...\{9F45C615-6D95-47B5-BB0C-D78F6D15DE21}) (Version: 2.0.6.42639 - Avira Operations GmbH & Co. KG) Hidden
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.10.0.11063 - Avira Operations GmbH & Co. KG) Hidden
Backup and Sync from Google (HKLM\...\{00BA5D43-DC76-4DF2-A38C-5D3B8FABF5E4}) (Version: 3.54.3529.0458 - Google, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
C4500 (HKLM-x32\...\{9DC11D9A-6DCD-4064-8363-63914A0122AB}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Copy (HKLM-x32\...\{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}) (Version: 130.0.428.000 - Hewlett-Packard) Hidden
Cute Screen Recorder Free Version 1.6.0.8 (HKLM-x32\...\Cute Screen Recorder Free Version_is1) (Version: - )
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{2FF8C687-DB7D-4adc-A5DC-57983EC25046}) (Version: 130.0.465.000 - Hewlett-Packard) Hidden
Discord (HKU\S-1-5-21-3285070336-867792745-467015435-1000\...\Discord) (Version: 0.0.309 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{19BC09B5-F319-4A61-A878-475E7F7054EA}) (Version: 1.1.195.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
f.lux (HKU\S-1-5-21-3285070336-867792745-467015435-1000\...\Flux) (Version: - f.lux Software LLC)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.76.5239 - Gretech Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.150 - Google LLC)
GPBaseService2 (HKLM-x32\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.0.7.4 - Hi-Rez Studios)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HP 3D DriveGuard (HKLM\...\{04927A60-31CD-4614-A25C-055B1AD3A8CE}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart C4500 All-In-One Driver Software 13.0 Rel. 4 (HKLM\...\{AA6F009F-0CCD-4DD6-A462-28419C101D54}) (Version: 13.0 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
IMVU Avatar Chat Software (HKU\S-1-5-21-3285070336-867792745-467015435-1000\...\IMVU Avatar chat client software BETA) (Version: - )
Intel(R) Computing Improvement Program (HKLM\...\{93FE134F-7678-4D90-A849-6FF6EB28CCDF}) (Version: 2.4.04289 - Intel Corporation)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.5059 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.1.1000 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.10.255 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{f0bbb6e9-80c3-4fe8-8691-b51d1281d69e}) (Version: 3.7.0.6 - Intel)
Intel® Chipset Device Software (HKLM-x32\...\{98f335cd-0a32-4b3f-b74c-ef9480e834f0}) (Version: 10.0.27 - Intel(R) Corporation) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 8 Update 151 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
KakaoTalk (HKLM-x32\...\KakaoTalk) (Version: 3.2.1.2664 - Kakao Corp.)
KeyboardTest V3.2 (HKLM\...\KeyboardTest_is1) (Version: 3.2 - PassMark Software)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{79BF4901-1EC4-4726-B3C2-A7859706C6E7}) (Version: 3.0.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
Livestreamer 1.12.2 (HKLM-x32\...\Livestreamer) (Version: - )
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Mozilla Firefox 43.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 cs)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.1 - Mozilla)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version: - NCSOFT)
Network64 (HKLM\...\{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}) (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (HKLM\...\{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}) (Version: 140.0.221.000 - Hewlett-Packard) Hidden
novaPDF 8 (HKLM\...\{8608C4B2-639F-4F52-9EC5-27E1D8798F6E}) (Version: 8.5.938 - Softland) Hidden
novaPDF 8 add-in for Microsoft Office (x64) (HKLM\...\{A53F3DB0-ECBA-4CA0-A4AC-518FA7347A02}) (Version: 8.6.942 - Softland)
novaPDF 8 add-in for Microsoft Office (x86) (HKLM-x32\...\{A0B71772-5AC4-47D5-A175-99238C057B37}) (Version: 8.6.942 - Softland)
novaPDF 8 SDK COM (x64) (HKLM\...\{80DBAF1D-E308-43B6-8AA7-8F963391885D}) (Version: 8.6.942 - Softland)
novaPDF 8 SDK COM (x86) (HKLM-x32\...\{BB360DC6-5476-44A0-9867-345A993587AB}) (Version: 8.6.942 - Softland)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
osu! (HKLM-x32\...\{2718f898-9bfa-4cb3-800a-fa7564e2d9ba}) (Version: latest - ppy Pty Ltd)
osu! (HKLM-x32\...\{4d51be9e-36ca-4ea4-99cd-31ce8c801648}) (Version: latest - ppy Pty Ltd)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
PS_AIO_04_C4500_Software_Min (HKLM-x32\...\{CF408B76-8698-4298-B549-5E6A94931B64}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
Ralink Bluetooth Stack (HKLM\...\{B346BD6C-AE56-7DD3-175C-2374C7113BCB}) (Version: 11.0.752.0 - Mediatek)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.37.0 - Mediatek)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.102 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.97.1001.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Skype verze 8.59 (HKLM-x32\...\Skype_is1) (Version: 8.59 - Skype Technologies S.A.)
SolutionCenter (HKLM-x32\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spotify (HKU\S-1-5-21-3285070336-867792745-467015435-1000\...\Spotify) (Version: 1.1.52.687.gf5565fe5 - Spotify AB)
SRWare Iron verze 55.0.2900.1 (HKLM-x32\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: 55.0.2900.1 - SRWare)
Starshine 1.díl (HKLM-x32\...\{73B3C57B-3ED7-40DB-A554-32EB5D35F84E}) (Version: 1.00.000 - )
Starshine 2.díl (HKLM-x32\...\{2FA1102F-DE05-4E79-8CED-E5BAABFC2FEF}) (Version: 1.00.000 - )
Starshine 3.díl (HKLM-x32\...\{A7123032-A8DA-48AC-9F5D-0A3B14698375}) (Version: 1.00.000 - )
Starshine 4.díl (HKLM-x32\...\{C4ECF493-29C4-4CB7-903E-90C28F3D0C00}) (Version: 1.00.000 - )
Status (HKLM-x32\...\{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}) (Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.19.0 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19.4 - TeamSpeak Systems GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.2.2756 - TeamViewer)
The Sims 2 (HKLM-x32\...\{6E7DD182-9FC6-4651-0095-2E666CC6AF35}) (Version: - )
The Witcher 2 - Assassins of Kings Enhanced Edition (HKLM-x32\...\The Witcher 2 - Assassins of Kings Enhanced Edition_is1) (Version: - GOG.com)
TightVNC (HKLM\...\{D2372F87-7DA2-47F7-A102-AF2181B8EAA2}) (Version: 2.7.10.0 - GlavSoft LLC.)
Toolbox (HKLM-x32\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (HKLM-x32\...\{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}) (Version: 130.0.422.000 - Hewlett-Packard) Hidden
TuneBlade (HKLM-x32\...\{55CB4047-9486-4D47-86B8-D8007F0D8540}) (Version: 1.8.0 - TuneBlade)
UnloadSupport (HKLM-x32\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
VideoCam Suite (HKLM-x32\...\{8113EBFB-1524-4202-AECF-5F2C037FEF8C}) (Version: 1.00.821 - Panasonic) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.1 - Sysprogs)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3285070336-867792745-467015435-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation -> Intel Corporation)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\aja\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\aja\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\aja\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-01-20] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-01-20] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-01-20] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [BthSendToContextMenuExt] -> {CF373149-C3D9-4AEB-9CE8-BDD1D2FFFA5B} => C:\Windows\system32\BSAppShlExt.dll [2013-12-16] (IVT CORPORATION -> TODO: <公司名>)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2015-03-11] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-01-20] (Google LLC -> Google)
ContextMenuHandlers1: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\aja\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinCDEmu] -> {D0E37FD2-F675-426F-B09A-2CF37BA46FD5} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\aja\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers2: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\aja\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-01-20] (Google LLC -> Google)
ContextMenuHandlers4: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\aja\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2018-12-06] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2018-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-12-31] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2015-03-11] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll -> No File
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-10-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinCDEmu] -> {A9901FCD-B4DF-43A1-BD5D-6C9F88679497} => C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll [2015-09-28] (Sysprogs OU) [File not signed]
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [71680 2013-02-26] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2013-02-26] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [442368 2004-08-18] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [442368 2004-08-18] (On2.com) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\aja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\aja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\3373c9ebc3a5e445\Chromium.lnk -> C:\Program Files (x86)\SRWare Iron\chrome.exe () -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2018-12-06 19:54 - 2018-12-06 19:54 - 000173432 _____ (AMD PMP-PE CB Code Signer v20180327 -> Advanced Micro Devices, Inc.) [File not signed] C:\Windows\system32\amdihk64.dll
2009-05-21 19:05 - 2009-05-21 19:05 - 000097280 _____ (Hewlett Packard) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\Product Assistant\bin\hprbevst.dll
2009-09-20 10:56 - 2009-09-20 10:56 - 001171456 _____ (Hewlett-Packard Co.) [File not signed] [File is in use] C:\Program Files (x86)\HP\Digital Imaging\bin\hpodio08.dll
2009-09-20 10:56 - 2009-09-20 10:56 - 000538112 _____ (Hewlett-Packard Co.) [File not signed] [File is in use] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.dll
2009-09-20 11:07 - 2009-09-20 11:07 - 000307712 _____ (Hewlett-Packard Co.) [File not signed] [File is in use] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsti08.dll
2009-09-20 11:36 - 2009-09-20 11:36 - 000205824 _____ (Hewlett-Packard Co.) [File not signed] [File is in use] C:\Program Files (x86)\HP\Digital Imaging\bin\hpquio08.dll
2009-09-20 10:56 - 2009-09-20 10:56 - 000629248 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpocxi08.dll
2009-09-20 10:56 - 2009-09-20 10:56 - 000032256 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.rsc
2009-09-20 10:56 - 2009-09-20 10:56 - 000274432 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotradd.dll
2009-09-20 10:56 - 2009-09-20 10:56 - 000293376 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcob08.dll
2009-09-20 11:36 - 2009-09-20 11:36 - 000249344 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqcxs08.dll
2009-09-20 11:24 - 2009-09-20 11:24 - 000213504 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddcmn.dll
2009-09-20 11:24 - 2009-09-20 11:24 - 000133120 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqddsvc.dll
2009-09-20 11:24 - 2009-09-20 11:24 - 000049664 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddusr.dll
2009-05-21 19:05 - 2009-05-21 19:05 - 000326144 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqrif08.dll
2009-09-20 11:07 - 2009-09-20 11:07 - 000931328 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsem08.rsc
2009-09-20 11:07 - 2009-09-20 11:07 - 000057856 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSplh08.dll
2009-09-20 11:07 - 2009-09-20 11:07 - 000203776 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqssm08.dll
2009-09-20 11:07 - 2009-09-20 11:07 - 000285184 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqstp08.dll
2009-09-20 11:07 - 2009-09-20 11:07 - 000012288 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqstp08.rsc
2009-09-20 11:36 - 2009-09-20 11:36 - 000150528 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtao08.dll
2009-09-20 11:36 - 2009-09-20 11:36 - 000048128 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc
2009-09-20 11:07 - 2009-09-20 11:07 - 000485888 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqwso08.dll
2010-10-22 12:08 - 2010-10-22 12:08 - 001039360 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpslpsvc64.dll
2009-05-21 17:57 - 2009-05-21 17:57 - 000040960 _____ (Hewlett-Packard) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpb01.dll
2009-05-21 17:57 - 2009-05-21 17:57 - 000038912 _____ (Hewlett-Packard) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpreh.dll
2010-08-06 10:15 - 2010-08-06 10:15 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-08-06 10:15 - 2010-08-06 10:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2010-08-06 10:15 - 2010-08-06 10:15 - 000054784 _____ (Hewlett-Packard) [File not signed] C:\Windows\system32\hpzipr12.dll
2016-01-07 20:53 - 2015-12-31 15:15 - 000077312 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2013-08-22 11:08 - 2013-08-22 11:08 - 000286720 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2013-08-22 11:08 - 2013-08-22 11:08 - 000517120 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2019-03-27 23:48 - 2019-03-27 23:48 - 000115200 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2014-03-26 22:55 - 2014-03-26 22:55 - 000225280 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.7523_none_508f21ccbcbbb7a8\msvcm90.dll
2014-03-26 22:54 - 2014-03-26 22:54 - 000796672 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6229_none_88dcc0bf2fb1b808\MSVCR80.dll
2014-03-26 22:53 - 2014-03-26 22:53 - 000626688 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6229_none_d089f796442de10e\MSVCR80.dll
2015-09-25 22:34 - 2015-09-28 19:08 - 000255488 _____ (Sysprogs OU) [File not signed] C:\Program Files (x86)\WinCDEmu\x64\WinCDEmuContextMenu.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Version 8) (Whitelisted) ==========
HKU\S-1-5-21-3285070336-867792745-467015435-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-3285070336-867792745-467015435-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-3285070336-867792745-467015435-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3285070336-867792745-467015435-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-10-21] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-21] (Oracle America, Inc. -> Oracle Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll [2014-02-24] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2014-02-24] (Microsoft Windows -> Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll [2014-02-24] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2014-02-24] (Microsoft Windows -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2015-10-14 09:52 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
2020-04-09 23:53 - 2020-04-10 00:04 - 000000501 _____ C:\Windows\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Livestreamer
HKU\S-1-5-21-3285070336-867792745-467015435-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\aja\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.120.250
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\startupreg: BtTray => "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: tvncontrol => "C:\Program Files\TightVNC\tvnserver.exe" -controlservice -slave
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{5F6B1FA5-0498-44EC-8ECB-325AFF201392}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe (IVT CORPORATION -> IVT Corporation)
FirewallRules: [{58E238F7-1057-46D3-840D-2BE44FA98C24}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe (IVT CORPORATION -> IVT Corporation)
FirewallRules: [{E555E798-E081-4D0A-86A7-E786E3512A7B}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe (IVT CORPORATION -> IVT Corporation)
FirewallRules: [{07B1DD74-38BD-41D8-BC13-D8481FFB96D3}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe (IVT CORPORATION -> IVT Corporation)
FirewallRules: [{0F92C657-7EFA-447F-97B8-2B5517934CB1}] => (Allow) C:\Users\aja\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{04A6ADA3-D4F7-4915-A80B-2F3931821DAB}] => (Allow) C:\Users\aja\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{877A562D-1622-40FD-9493-F8BBD8E51D08}] => (Allow) C:\Program Files\TightVNC\tvnserver.exe (GlavSoft LLC. -> GlavSoft LLC.)
FirewallRules: [TCP Query User{05FB8F5B-ABBE-44B8-A873-3F1CCB41C680}D:\hry\warcraft iii\war3.exe] => (Allow) D:\hry\warcraft iii\war3.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [UDP Query User{D6399B91-D2EB-41C0-93BD-3AEDEFDC3567}D:\hry\warcraft iii\war3.exe] => (Allow) D:\hry\warcraft iii\war3.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [TCP Query User{A352CD74-F3C4-489C-8EAE-BC250F37B02C}D:\hry\cs16\hl.exe] => (Allow) D:\hry\cs16\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{BC1BCED3-E083-4F64-9A0B-CE8BB42C36B4}D:\hry\cs16\hl.exe] => (Allow) D:\hry\cs16\hl.exe (Valve) [File not signed]
FirewallRules: [{17090002-63C5-4B64-A364-C88676642C04}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{6BD8BE7C-ED84-4030-80A4-D2ECB59F5B51}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{079E7FB4-21B6-4CB7-8E00-7814C3CCDB23}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{68426033-68E1-4FCB-A983-2A6862E97582}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett-Packard) [File not signed]
FirewallRules: [{61C80B22-33D2-49BC-A43C-DB44B86B5A15}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{AD6653D7-4530-44A3-866F-B745556DF24E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe () [File not signed]
FirewallRules: [{E843EB28-4214-4DA3-A432-AC86B8C10392}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{D05BE9D7-0D7C-46D4-84BB-1774B03D89CC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett-Packard) [File not signed]
FirewallRules: [{E9013AAC-0D67-400D-B978-DA54ACDED9FF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{43BB1492-E98A-4873-A050-01DCF942F61B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett-Packard) [File not signed]
FirewallRules: [{31BB9555-6B1D-4ACB-BB5B-008F0C353288}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
FirewallRules: [{CB122C81-4005-4F91-9EC9-C170F0366EAF}] => (Allow) D:\Hry\League of Legends\lol.launcher.exe (Riot Games, Inc. -> )
FirewallRules: [{BF950AD4-3AD9-4523-8B7A-2F478E220BA7}] => (Allow) D:\Hry\League of Legends\lol.launcher.exe (Riot Games, Inc. -> )
FirewallRules: [{12C13813-7CF6-488D-AEF9-4A47C5E29AFC}] => (Allow) D:\Hry\League of Legends\lol.launcher.exe (Riot Games, Inc. -> )
FirewallRules: [{63250475-385C-4A8D-9187-B009CFE9B0D0}] => (Allow) D:\Hry\League of Legends\lol.launcher.exe (Riot Games, Inc. -> )
FirewallRules: [{CAFED2BD-013D-40AF-9749-FA888B989680}] => (Allow) D:\Hry\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{3898DF7B-0BE2-4C84-A021-B8BF95DFE6E9}] => (Allow) D:\Hry\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{7228E6DA-77BC-4654-9F6B-7DF119ACAC80}] => (Allow) D:\Hry\Hearthstone\Hearthstone\Hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [{9AEC69BF-70BC-451E-A0BB-D25E992964FC}] => (Allow) D:\Hry\Hearthstone\Hearthstone\Hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [TCP Query User{0789CD24-D8E7-4C50-93F7-A7DF953A9C32}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{C20335D3-0CB0-41DD-8B8E-29165FB21D37}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{4D8BB909-C5D4-43B8-8945-DDD64D07A614}D:\hry\warcraft iii platinovka\war3.exe] => (Allow) D:\hry\warcraft iii platinovka\war3.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [UDP Query User{2238B2BE-EC9D-4C6A-8257-8208F418DF56}D:\hry\warcraft iii platinovka\war3.exe] => (Allow) D:\hry\warcraft iii platinovka\war3.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [TCP Query User{BA41ED42-7482-4527-80D6-C2FADECCEACA}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{4BD2F1A8-FF3D-4771-85F4-045DAEF0FE37}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{9F0803E8-E2CF-49CC-9F19-6867410A3165}D:\hry\call of duty 2\cod2mp_s.exe] => (Allow) D:\hry\call of duty 2\cod2mp_s.exe () [File not signed]
FirewallRules: [UDP Query User{972D6CA6-5E2F-4B6D-84D8-52DA713449C9}D:\hry\call of duty 2\cod2mp_s.exe] => (Allow) D:\hry\call of duty 2\cod2mp_s.exe () [File not signed]
FirewallRules: [TCP Query User{4895B475-AA0C-4911-83ED-FDB8467A27D5}D:\hry\flatout 2\flatout2.exe] => (Allow) D:\hry\flatout 2\flatout2.exe () [File not signed]
FirewallRules: [UDP Query User{B4B3B143-827F-423E-886F-74E45C95DB9C}D:\hry\flatout 2\flatout2.exe] => (Allow) D:\hry\flatout 2\flatout2.exe () [File not signed]
FirewallRules: [{AFBBFDC0-B84A-491A-91E4-37427E15F274}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8FC25935-9C9E-4576-8D67-B9CB19750375}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D354FBDE-AC24-460D-86F2-0CDB98A87B1C}] => (Allow) D:\Hry\Assassin's Creed\AssassinsCreed_Dx9.exe => No File
FirewallRules: [{B4AF84AA-591B-4FEB-8ED0-F2343230AF4A}] => (Allow) D:\Hry\Assassin's Creed\AssassinsCreed_Dx9.exe => No File
FirewallRules: [{60AC36D8-D012-49AE-9122-51CDCAF24B97}] => (Allow) D:\Hry\Assassin's Creed\AssassinsCreed_Dx10.exe => No File
FirewallRules: [{45F4D565-D423-423A-A7DD-F7CEAE35326B}] => (Allow) D:\Hry\Assassin's Creed\AssassinsCreed_Dx10.exe => No File
FirewallRules: [{DCE6A8C1-6B1A-4148-88E6-EE60D7F8F652}] => (Allow) D:\Hry\Assassin's Creed\AssassinsCreed_Launcher.exe => No File
FirewallRules: [{A5CDBC47-BB2E-4249-8143-D88A4171AD26}] => (Allow) D:\Hry\Assassin's Creed\AssassinsCreed_Launcher.exe => No File
FirewallRules: [{1AB90708-4CFD-484E-A5A0-7E53679B918F}] => (Allow) D:\Hry\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe (Microsoft) [File not signed]
FirewallRules: [{1681D742-6475-42F2-9B59-7FA6AA187357}] => (Allow) D:\Hry\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe (Microsoft) [File not signed]
FirewallRules: [TCP Query User{0387DB6E-3D0C-46A9-95E6-2053D4A0A666}D:\hry\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\hry\steam\steamapps\common\paladins\binaries\win32\paladins.exe (Hi-Rez Studios, Inc. -> Hirez Studios, Inc.)
FirewallRules: [UDP Query User{56751935-238B-4CC3-BE8D-DBD541AFC556}D:\hry\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\hry\steam\steamapps\common\paladins\binaries\win32\paladins.exe (Hi-Rez Studios, Inc. -> Hirez Studios, Inc.)
FirewallRules: [{6E1B9833-1550-4262-88C3-C70D7CC4C1EB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{C094F1AE-73CE-486B-BA85-AB4F053CC843}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{0C0DFA74-EF21-48A7-B677-82B1961356A0}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{A411D506-538C-474C-9FD8-FD7B4000ACA4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{7C3F3FC4-A1D0-45AC-B69D-15FB97216549}] => (Allow) D:\Hry\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B6AC2127-41D4-42A7-8D8E-340D380B6DCD}] => (Allow) D:\Hry\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{2A03EA01-BEB1-45DC-BA1F-5CEE27B55FE1}D:\hry\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\hry\steam\steamapps\common\paladins\binaries\win32\paladins.exe (Hi-Rez Studios, Inc. -> Hirez Studios, Inc.)
FirewallRules: [UDP Query User{CCB3238C-2BBE-4AE0-91AE-DA7AC7782C5D}D:\hry\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\hry\steam\steamapps\common\paladins\binaries\win32\paladins.exe (Hi-Rez Studios, Inc. -> Hirez Studios, Inc.)
FirewallRules: [TCP Query User{D959DA79-473A-4FA7-BE15-BD90EA90D3CE}D:\hry\flatout 2\flatout2.exe] => (Allow) D:\hry\flatout 2\flatout2.exe () [File not signed]
FirewallRules: [UDP Query User{6719C012-7C80-4356-9709-4F860E1DC191}D:\hry\flatout 2\flatout2.exe] => (Allow) D:\hry\flatout 2\flatout2.exe () [File not signed]
FirewallRules: [TCP Query User{8CCCF233-D6E5-48AC-9310-3EA8CCDCBEE0}D:\hry\call of duty 2\cod2mp_s.exe] => (Allow) D:\hry\call of duty 2\cod2mp_s.exe () [File not signed]
FirewallRules: [UDP Query User{73309E6B-EE7D-4187-968A-309B0690F542}D:\hry\call of duty 2\cod2mp_s.exe] => (Allow) D:\hry\call of duty 2\cod2mp_s.exe () [File not signed]
FirewallRules: [TCP Query User{3FD57E62-8ACB-405D-A788-8DA7A1BD64CF}D:\plocha\bulanci.exe] => (Allow) D:\plocha\bulanci.exe () [File not signed]
FirewallRules: [UDP Query User{ED70EF75-F22C-4731-8491-E7C2D11A1D4E}D:\plocha\bulanci.exe] => (Allow) D:\plocha\bulanci.exe () [File not signed]
FirewallRules: [{B1A34F38-E7E4-4904-8236-A3B1CD6BBB6F}] => (Allow) D:\Hry\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe (Telltale Games) [File not signed]
FirewallRules: [{09302FCD-99AB-4C14-AF36-32B3693D8AE3}] => (Allow) D:\Hry\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe (Telltale Games) [File not signed]
FirewallRules: [TCP Query User{52B67638-CDCF-4D9A-BA09-4DA49D8A2342}D:\hry\hearthstone\hearthstone\hearthstone.exe] => (Allow) D:\hry\hearthstone\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [UDP Query User{BC831689-C6DD-4E8B-B6B0-0EF824A44A21}D:\hry\hearthstone\hearthstone\hearthstone.exe] => (Allow) D:\hry\hearthstone\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [{D5F8AF51-9076-474C-9DCC-1D51BBA7F20F}] => (Allow) D:\Hry\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe (DONTNOD Entertainment) [File not signed]
FirewallRules: [{34E6D837-5D8F-4CFA-90E2-6E2DC0EFF8F7}] => (Allow) D:\Hry\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe (DONTNOD Entertainment) [File not signed]
FirewallRules: [{920615D8-0B85-471C-AE8D-9926EB64991A}] => (Allow) D:\Hry\Steam\steamapps\common\Subnautica\Subnautica.exe () [File not signed]
FirewallRules: [{29502BDC-3D41-4870-B710-0CA5FADC4156}] => (Allow) D:\Hry\Steam\steamapps\common\Subnautica\Subnautica.exe () [File not signed]
FirewallRules: [{75B0D7B5-F880-4FAF-A03F-12A8825B021F}] => (Allow) D:\Hry\Steam\steamapps\common\Limbo\limbo.exe (Playdead) [File not signed]
FirewallRules: [{17138187-44A4-4878-A6FE-9B12B05E9AC6}] => (Allow) D:\Hry\Steam\steamapps\common\Limbo\limbo.exe (Playdead) [File not signed]
FirewallRules: [TCP Query User{224DD891-9AD8-4AAF-B2AC-625D7CFEAD52}D:\hry\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Block) D:\hry\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [UDP Query User{B433D18B-AA41-48A6-84D8-C44028D252D6}D:\hry\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Block) D:\hry\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [{CDDE7470-C788-47C2-9295-AA204FDA792B}] => (Allow) D:\Hry\Steam\steamapps\common\CaptainSpirit\CaptainSpirit\Binaries\Win64\CaptainSpirit-Win64-Shipping.exe (Square Enix) [File not signed]
FirewallRules: [{2EC5726A-FE9E-4F91-82FF-032C50EC7C96}] => (Allow) D:\Hry\Steam\steamapps\common\CaptainSpirit\CaptainSpirit\Binaries\Win64\CaptainSpirit-Win64-Shipping.exe (Square Enix) [File not signed]
FirewallRules: [{877FBAEF-77ED-4D90-B980-D31667D9E470}] => (Allow) D:\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{00896ED6-6737-421D-A89F-D4A3E0B75F20}] => (Allow) D:\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{ADC10144-E4D9-446D-AD73-995ED19DC0E2}] => (Allow) D:\Hry\Steam\steamapps\common\Ori DE\oriDE.exe () [File not signed]
FirewallRules: [{C74F2163-546B-4DDF-874D-B7DAD9731F2F}] => (Allow) D:\Hry\Steam\steamapps\common\Ori DE\oriDE.exe () [File not signed]
FirewallRules: [{FB7F0A2B-3F92-4C1D-A6D8-AFE431B14484}] => (Allow) D:\Hry\Steam\steamapps\common\Ori\ori.exe () [File not signed]
FirewallRules: [{453C56AC-ADCC-4272-8793-5B476492C657}] => (Allow) D:\Hry\Steam\steamapps\common\Ori\ori.exe () [File not signed]
FirewallRules: [{AD1A2463-D8B3-45B5-BF64-A6AD11C6D1B0}] => (Allow) D:\Hry\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{CA97A851-2E21-4829-AFCF-386891218B4E}] => (Allow) D:\Hry\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [TCP Query User{367EB5BC-6B74-48FB-8099-9C8FE3317090}D:\hry\world of warcraft ofic + battle.net\world of warcraft\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) D:\hry\world of warcraft ofic + battle.net\world of warcraft\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{86080BBA-B98A-4947-9D69-48F8E42A0F4F}D:\hry\world of warcraft ofic + battle.net\world of warcraft\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) D:\hry\world of warcraft ofic + battle.net\world of warcraft\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{ACC29842-1088-485F-8CE0-0530839C0DA6}D:\hry\world of warcraft ofic + battle.net\world of warcraft\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) D:\hry\world of warcraft ofic + battle.net\world of warcraft\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{ACD1EA84-2B27-4037-A19F-D7AEB5D2A4AF}D:\hry\world of warcraft ofic + battle.net\world of warcraft\world of warcraft\_retail_\utils\wowvoiceproxy.exe] => (Allow) D:\hry\world of warcraft ofic + battle.net\world of warcraft\world of warcraft\_retail_\utils\wowvoiceproxy.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{536A8B04-1D5C-4118-B9F5-29F751823357}] => (Allow) D:\Hry\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe (DONTNOD Entertainment) [File not signed]
FirewallRules: [{E3514E0C-0677-4F02-8142-4F649D86A223}] => (Allow) D:\Hry\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe (DONTNOD Entertainment) [File not signed]
FirewallRules: [TCP Query User{04880BE5-44E0-4AB0-84E5-35101C302084}D:\hry\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\hry\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{F017C83F-3734-4F07-A54E-0AB5C6E0E571}D:\hry\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\hry\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{0A1F3159-9D14-457E-ADB8-8B5E59D4C9C7}D:\hry\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\hry\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{DA1CF9BC-2413-418D-B4B9-A1BE4DACF8BD}D:\hry\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\hry\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{6104E39F-F94C-4BB3-91A0-28A779F43C0F}C:\program files\java\jre1.8.0_151\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_151\bin\javaw.exe
FirewallRules: [UDP Query User{D8F3E812-1EBD-4320-A6E6-CB900CB8EEEE}C:\program files\java\jre1.8.0_151\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_151\bin\javaw.exe
FirewallRules: [TCP Query User{E7DDF157-E893-4F83-93A4-23698923C24C}C:\users\aja\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\aja\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{0F691D78-9DC5-4D31-BE14-C514AC8A7257}C:\users\aja\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\aja\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{883FCB1C-3596-499B-870B-1D0002354667}C:\users\aja\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\aja\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{079D33D8-A13A-47EA-B2A7-C64155AAC487}C:\users\aja\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\aja\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7717AAB4-F1BA-4426-8CCD-C043DB44FDEB}] => (Allow) D:\Hry\Steam\steamapps\common\AION\NCLauncher.exe (NCSOFT Corporation -> NCSOFT Corporation)
FirewallRules: [{82DA82FD-FD05-4600-BA1E-C1280193BD40}] => (Allow) D:\Hry\Steam\steamapps\common\AION\NCLauncher.exe (NCSOFT Corporation -> NCSOFT Corporation)
FirewallRules: [{9BB5A51A-93E8-4EE9-97B7-419340248482}] => (Allow) D:\Program Files (x86)\TuneBlade\Tuneblade.exe (Breakfree Audio -> TuneBlade)
FirewallRules: [{6A9CAE43-8DD3-4837-8D3F-5506459BC9B8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FE1FFEA1-2D76-4CFC-A6A3-786BFB5FDBB9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{118FB184-3046-4324-9884-5B33254C6404}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4EF4A8A1-0157-4CAD-9542-8F3A0F7AB500}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{E8F5A5A8-CBD6-49F4-AE38-47F86ED82D01}D:\hry\the.witcher.2.assassins.of.kings.enhanced.edition-skidrow\the witcher 2 enhanced edition\bin\witcher2.exe] => (Allow) D:\hry\the.witcher.2.assassins.of.kings.enhanced.edition-skidrow\the witcher 2 enhanced edition\bin\witcher2.exe () [File not signed]
FirewallRules: [UDP Query User{28E81B4D-6A97-4028-A4D4-DCE7E0629B76}D:\hry\the.witcher.2.assassins.of.kings.enhanced.edition-skidrow\the witcher 2 enhanced edition\bin\witcher2.exe] => (Allow) D:\hry\the.witcher.2.assassins.of.kings.enhanced.edition-skidrow\the witcher 2 enhanced edition\bin\witcher2.exe () [File not signed]
FirewallRules: [{A944D78C-89C2-402D-9778-45F2474E782B}] => (Block) D:\hry\the.witcher.2.assassins.of.kings.enhanced.edition-skidrow\the witcher 2 enhanced edition\bin\witcher2.exe () [File not signed]
FirewallRules: [{BB35B2C4-7B18-49D7-BC12-9161418AE1A5}] => (Block) D:\hry\the.witcher.2.assassins.of.kings.enhanced.edition-skidrow\the witcher 2 enhanced edition\bin\witcher2.exe () [File not signed]
FirewallRules: [{4E2AAC03-6E6B-4EC3-95E9-47CEECA51744}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C5365378-AC5E-4DEA-8162-AAF264DC7E28}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{3756D9C3-550E-441C-909A-34B4042DBE6A}D:\hry\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Block) D:\hry\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [UDP Query User{5C804A77-2E0E-4F53-AAE7-45365595DFB6}D:\hry\steam\steamapps\common\paladins\binaries\win64\paladins.exe] => (Block) D:\hry\steam\steamapps\common\paladins\binaries\win64\paladins.exe (Hirez Studios, Inc.) [File not signed]
FirewallRules: [{9D9D26B4-5924-4B2E-89DE-0CB68E3D5898}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{45AF5749-161F-46D7-9402-328C92F7DA1D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{EC884E06-3350-4C71-84AE-E4F6770259FE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7E4C34AA-F63B-4952-9E55-0C39A5E4EEFA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{74C7CA42-A47C-4739-A924-4920255F778D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5168F6EF-784B-4548-AB3C-C14A678AC62D}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{87F33FD6-BAC9-418B-9AEC-13CEE55EC839}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{1E486AC9-1B94-4006-9468-A5D2C05FE3DD}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:60 GB) (Free:2.88 GB) (5%)
Check "VSS" service
==================== Faulty Device Manager Devices ============
Name: Photosmart C4500 series
Description: Photosmart C4500 series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (02/13/2021 06:50:25 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x80070422, Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
.
Operace:
Vytvoření instance serveru VSS
Error: (02/13/2021 06:50:25 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} a názvem IVssCoordinatorEx2 nelze spustit. [0x80070422, Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
]
Operace:
Vytvoření instance serveru VSS
Error: (02/13/2021 02:42:28 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x80070422, Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
.
Operace:
Vytvoření instance serveru VSS
Error: (02/13/2021 02:42:28 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} a názvem IVssCoordinatorEx2 nelze spustit. [0x80070422, Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
]
Operace:
Vytvoření instance serveru VSS
Error: (02/13/2021 02:42:27 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x80070422, Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
.
Operace:
Vytvoření instance serveru VSS
Error: (02/13/2021 02:42:27 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} a názvem IVssCoordinatorEx2 nelze spustit. [0x80070422, Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
]
Operace:
Vytvoření instance serveru VSS
Error: (02/13/2021 02:42:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (02/13/2021 12:07:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 29737940
System errors:
=============
Error: (02/13/2021 04:47:24 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.
Error: (02/13/2021 04:47:24 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (02/13/2021 04:47:24 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (02/13/2021 04:04:26 PM) (Source: BROWSER) (EventID: 8032) (User: )
Description: Službě Browser se při přenosu \Device\NetBT_Tcpip_{B65319CF-2650-44F3-A9F4-A45F7F284BAA} příliš často nezdařilo načíst záložní seznam.
Záložní prohledávač bude ukončen.
Error: (02/13/2021 02:47:06 PM) (Source: BROWSER) (EventID: 8032) (User: )
Description: Službě Browser se při přenosu \Device\NetBT_Tcpip_{B65319CF-2650-44F3-A9F4-A45F7F284BAA} příliš často nezdařilo načíst záložní seznam.
Záložní prohledávač bude ukončen.
Error: (02/13/2021 02:43:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (02/13/2021 02:43:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Presentation Foundation Font Cache 3.0.0.0 bylo dosaženo časového limitu (30000 ms).
Error: (02/13/2021 02:42:15 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Windows Defender:
=================
CodeIntegrity:
==============
Date: 2021-02-13 18:08:42.808
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe because the set of per-page image hashes could not be found on the system.
Date: 2021-02-13 18:08:42.789
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe because the set of per-page image hashes could not be found on the system.
Date: 2021-02-13 16:08:51.762
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe because the set of per-page image hashes could not be found on the system.
Date: 2021-02-13 16:08:51.737
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe because the set of per-page image hashes could not be found on the system.
Date: 2021-02-13 14:09:26.297
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe because the set of per-page image hashes could not be found on the system.
Date: 2021-02-13 14:09:26.282
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe because the set of per-page image hashes could not be found on the system.
Date: 2021-02-13 12:09:07.055
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe because the set of per-page image hashes could not be found on the system.
Date: 2021-02-13 12:09:07.041
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: Insyde F.14 10/04/2013
Motherboard: Hewlett-Packard 1970
Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
Percentage of memory in use: 91%
Total physical RAM: 3994.36 MB
Available physical RAM: 327.41 MB
Total Virtual: 8088.54 MB
Available Virtual: 2785.16 MB
==================== Drives ================================
Drive c: (Sedm) (Fixed) (Total:60 GB) (Free:2.88 GB) NTFS
Drive d: (Data) (Fixed) (Total:638.54 GB) (Free:18.63 GB) NTFS
\\?\Volume{a9df2ec4-b51a-11e3-a061-806e6f6e6963}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: 710FD2B4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=60 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=638.5 GB) - (Type=05)
==================== End of Addition.txt =======================
