Pomalé PC
Napsal: 08 črc 2022 14:30
Zdravím, prosím o kontrolu logu kvůli pomalému PC a internetu. Díky 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-07-2022
Ran by hemmp (administrator) on LAPTOP-J664RDVR (HP HP Laptop 15s-fq1xxx) (08-07-2022 15:04:00)
Running from C:\Users\hemmp\AppData\Local\Temp\nsy9616.tmp
Loaded Profiles: hemmp
Platform: Microsoft Windows 10 Home Version 21H2 19044.1766 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe <4>
(C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe ->) (Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpnd\expressvpnd.exe
(C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe ->) (GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe <2>
(C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe ->) (GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GOG Galaxy Notifications Renderer.exe
(C:\Program Files\AVG\Antivirus\AVGSvc.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe <2>
(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\WindowsApps\AD2F1837.myHP_6.52219.341.0_x64__v10z8vjag6ke6\win32\DesktopExtension.exe ->) (HP Inc.) C:\Program Files\WindowsApps\AD2F1837.myHP_6.52219.341.0_x64__v10z8vjag6ke6\win32\HPAudioSwitch.exe
(C:\Users\hemmp\Downloads\FRST64.exe ->) (Seznam.cz, a.s. -> ) C:\Users\hemmp\AppData\Local\Temp\nsy9616.tmp\listicka.exe
(cmd.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MSC\MfeBrowserHost.exe
(cmd.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe
(Discord Inc. -> Discord Inc.) C:\Users\hemmp\AppData\Local\Discord\app-1.0.9005\Discord.exe <6>
(DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxCUIServiceN.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxEMN.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(explorer.exe ->) (GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <45>
(explorer.exe ->) (HP Inc.) C:\Program Files\WindowsApps\AD2F1837.myHP_6.52219.341.0_x64__v10z8vjag6ke6\win32\DesktopExtension.exe
(explorer.exe ->) (Internet Info, s.r.o. -> ) C:\Users\hemmp\Downloads\FRST64.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (win.rar GmbH -> Alexander Roshal) C:\Program Files\WinRAR\WinRAR.exe
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationService.exe
(GOG Sp. z o.o. -> GOG.com) C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
(HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.2.15.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(services.exe ->) (Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_29c6c876bdaf5af9\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_b7ebf8cfcf460a6c\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_b7ebf8cfcf460a6c\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_b7ebf8cfcf460a6c\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_b7ebf8cfcf460a6c\x64\SysInfoCap.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ba273d0ffb93e225\RstMwService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0b214be229a13e84\jhi_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_21306a77b30fd6e0\esif_uf.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxCUIServiceN.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_54b736e5be5b50b2\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0067181d6d0f8476\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\CSP\4.6.104.0\McCSPServiceHost.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <3>
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_21_4\mcapexe.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(sihost.exe ->) (McAfee LLC.) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\Win32\mcafee-security-ft.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(svchost.exe ->) (HP Inc.) C:\Program Files\WindowsApps\AD2F1837.myHP_6.52219.341.0_x64__v10z8vjag6ke6\HP.MyHP.exe
(svchost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (McAfee LLC.) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.exe
(svchost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MQS\QcShm.exe
(svchost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\VUL\McVulCtr.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1737_none_7dec0d8c7ca729de\TiWorker.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\windows\System32\RtkAudUService64.exe [1138976 2020-08-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [249712 2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [465120 2020-08-20] (Express Vpn LLC -> ExpressVPN)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [1058512 2018-12-18] (DivX, LLC. -> DivX, LLC)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3792546399-3355871787-48867317-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [525312 2021-08-06] (HP Inc.) [File not signed]
HKU\S-1-5-21-3792546399-3355871787-48867317-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-3792546399-3355871787-48867317-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14074968 2022-06-05] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-3792546399-3355871787-48867317-1001\...\Run: [Discord] => C:\Users\hemmp\AppData\Local\Discord\Update.exe [1512096 2021-05-24] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3792546399-3355871787-48867317-1001\...\Run: [MicrosoftEdgeAutoLaunch_7F36051C283E0CF78DB6FF6826A4EF4A] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3601824 2022-07-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3792546399-3355871787-48867317-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\hemmp\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-3792546399-3355871787-48867317-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\hemmp\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-3792546399-3355871787-48867317-1001\...\RunOnce: [Delete Cached Update Binary] => C:\windows\system32\cmd.exe /q /c del /q "C:\Users\hemmp\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3792546399-3355871787-48867317-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\windows\system32\cmd.exe /q /c del /q "C:\Users\hemmp\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3792546399-3355871787-48867317-1001\...\RunOnce: [Uninstall 22.111.0522.0002] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\hemmp\AppData\Local\Microsoft\OneDrive\22.111.0522.0002" (No File)
HKU\S-1-5-21-3792546399-3355871787-48867317-1001\...\MountPoints2: {497cddae-3fbd-11ec-a534-1418c377c86e} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3792546399-3355871787-48867317-1001\...\MountPoints2: {68a93f73-9384-11ec-a54c-1418c377c86e} - "D:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\103.0.5060.114\Installer\chrmstp.exe [2022-07-05] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0CDEFB30-1AF5-4F8C-9FC3-B787C664C54C} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [4962160 2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
"C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" could not be unlocked. <==== ATTENTION
Task: {11D0AC55-0C44-425E-9486-E4B835EF7FEA} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {1FCCF53C-28C3-4FF6-A3E7-2360B292B5A3} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1032448 2021-08-02] (McAfee, LLC -> McAfee, LLC)
Task: {2055D609-0563-48B3-A35B-151033709FF5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-08-18] (Google LLC -> Google LLC)
Task: {2345EA82-A433-474E-A2E0-585F186BAABB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [411280 2022-05-31] (HP Inc. -> HP Inc.)
Task: {3B69A0E1-1BEC-4F28-AE36-F12460350893} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2287472 2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {6CB03E39-7034-4FCF-80A0-B59D8CB78949} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice
Task: {748F9E41-5483-46F6-9AB2-F34B18AD97A0} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4549112 2022-04-01] (McAfee, LLC -> McAfee, LLC)
Task: {76C611A1-1675-44AF-973F-9E21AFD9C257} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144800 2022-07-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {9E87CA16-C356-45DA-8CAC-B23972266580} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144800 2022-07-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {B29CF1F4-0960-4B29-AA2A-809EB351AD22} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [67472 2022-07-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {CC945D25-4B9A-466F-B3DC-417340D70ADA} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23374288 2022-07-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {D0138E92-86DB-4A08-81DF-0D062C1EAE0D} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [68568 2017-08-02] (DivX, LLC -> DivX, LLC)
Task: {D57ED56D-E505-48D1-BA7B-B2E713E1C99A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-08-18] (Google LLC -> Google LLC)
Task: {EF3BFC06-618F-409E-B037-0245D8165A55} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.7.104\DADUpdater.exe [4089168 2022-02-08] (McAfee, LLC -> McAfee, LLC)
Task: {EF616530-E744-4090-A089-A4B7DAA44238} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [757944 2021-05-06] (McAfee, LLC -> McAfee, LLC)
Task: {F449D259-3751-47EB-B9B2-7131B7B328DD} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644472 2019-06-21] (HP Inc. -> HP Inc.)
Task: {F692589D-492C-48FD-B23E-59B587E72374} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23374288 2022-07-03] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{ac6afac6-f443-473d-b368-87def6d84791}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\hemmp\AppData\Local\Microsoft\Edge\User Data\Default [2022-07-07]
Edge Notifications: Default -> hxxps://optolov.ru
Edge HomePage: Default -> hxxp://google.com/
FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2021-08-22] (McAfee, LLC -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2021-08-22] (McAfee, LLC -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-04] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\hemmp\AppData\Local\Google\Chrome\User Data\Default [2022-07-08]
CHR HomePage: Default -> hxxp://www.nempe.cz/
CHR Extension: (McAfee® WebAdvisor) - C:\Users\hemmp\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2022-06-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\hemmp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-22]
CHR Extension: (FormApps Extension) - C:\Users\hemmp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2021-08-18]
CHR Extension: (Grammarly: Grammar Checker and Writing App) - C:\Users\hemmp\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2022-07-01]
CHR Extension: (Kitten) - C:\Users\hemmp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbfbdnbihgeniefagfpfgbfolmgnkmd [2022-04-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\hemmp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-18]
CHR Profile: C:\Users\hemmp\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-12-24]
CHR Profile: C:\Users\hemmp\AppData\Local\Google\Chrome\User Data\System Profile [2021-12-15]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 0032081656673931mcinstcleanup; C:\ProgramData\McInstTemp0032081656673931\McInst.exe [872896 2021-08-22] (McAfee, LLC -> McAfee, LLC)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [612720 2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [612720 2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [8469160 2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [109480 2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12111312 2022-07-03] (Microsoft Corporation -> Microsoft Corporation)
R2 ExpressVPNService; C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe [437472 2020-08-20] (Express Vpn LLC -> ExpressVPN)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2275928 2022-06-05] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7166552 2022-04-28] (GOG Sp. z o.o. -> GOG.com)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [905080 2020-03-18] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_b7ebf8cfcf460a6c\x64\AppHelperCap.exe [765016 2022-05-26] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_b7ebf8cfcf460a6c\x64\DiagsCap.exe [763480 2022-05-26] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_b7ebf8cfcf460a6c\x64\NetworkCap.exe [760408 2022-05-26] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_b7ebf8cfcf460a6c\x64\SysInfoCap.exe [763976 2022-05-26] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_29c6c876bdaf5af9\x64\TouchpointAnalyticsClientService.exe [489696 2022-05-26] (HP Inc. -> HP Inc.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [808728 2022-06-30] (McAfee, LLC -> McAfee, LLC)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_21_4\McApExe.exe [789752 2021-08-22] (McAfee, LLC -> McAfee, LLC)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [589592 2020-06-24] (McAfee, LLC -> McAfee, LLC)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\4.6.104.0\\McCSPServiceHost.exe [2825792 2021-08-13] (McAfee, LLC -> McAfee, LLC)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [652232 2021-05-11] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [652232 2021-05-11] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [652232 2021-05-11] (McAfee, Inc. -> McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1671760 2021-08-10] (McAfee, LLC -> McAfee, LLC)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [4288832 2021-08-13] (McAfee, LLC -> McAfee, LLC)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AmUStor; C:\windows\system32\drivers\AmUStorU.sys [135296 2020-07-16] (Alcorlink Corp. -> )
R0 avgArDisk; C:\windows\System32\drivers\avgArDisk.sys [39064 2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\windows\System32\drivers\avgArPot.sys [232800 2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\windows\System32\drivers\avgbidsdriver.sys [382680 2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\windows\System32\drivers\avgbidsh.sys [255208 2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\windows\System32\drivers\avgbuniv.sys [102624 2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\windows\System32\drivers\avgElam.sys [25040 2022-06-27] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\windows\System32\drivers\avgKbd.sys [45224 2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgMonFlt; C:\windows\System32\drivers\avgMonFlt.sys [271744 2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\windows\System32\drivers\avgNetHub.sys [549112 2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\windows\System32\drivers\avgRdr2.sys [111192 2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\windows\System32\drivers\avgRvrt.sys [86256 2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\windows\System32\drivers\avgSnx.sys [857600 2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\windows\System32\drivers\avgSP.sys [662288 2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\windows\System32\drivers\avgStm.sys [218736 2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\windows\System32\drivers\avgVmm.sys [322064 2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 cfwids; C:\windows\System32\drivers\cfwids.sys [80400 2021-05-19] (McAfee, Inc. -> McAfee, LLC)
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\expressvpnsplittunnel.sys [37024 2020-08-20] (ExprsVPN LLC -> ExpressVPN)
R3 HPCustomCapDriver; C:\windows\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.)
S3 iaLPSS2_GPIO2_ICL; C:\windows\System32\DriverStore\FileRepository\ialpss2_gpio2_icl.inf_amd64_90beccc7e046abab\iaLPSS2_GPIO2_ICL.sys [132872 2020-06-29] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_ICL; C:\windows\System32\DriverStore\FileRepository\ialpss2_i2c_icl.inf_amd64_c8c0638291b9b209\iaLPSS2_I2C_ICL.sys [200456 2020-06-29] (Intel Corporation -> Intel Corporation)
S3 iaLPSS2_SPI_ICL; C:\windows\System32\DriverStore\FileRepository\ialpss2_spi_icl.inf_amd64_66a759065dfa6f64\iaLPSS2_SPI_ICL.sys [160024 2020-06-29] (Intel Corporation -> Intel Corporation)
S3 iaLPSS2_UART2_ICL; C:\windows\System32\DriverStore\FileRepository\ialpss2_uart2_icl.inf_amd64_b535659b9405201a\iaLPSS2_UART2_ICL.sys [312600 2020-06-29] (Intel Corporation -> Intel Corporation)
R3 mfeaack; C:\windows\System32\drivers\mfeaack.sys [550944 2021-05-19] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\windows\System32\drivers\mfeavfk.sys [390664 2021-05-19] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\windows\System32\drivers\mfeelamk.sys [85952 2021-05-19] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\windows\System32\drivers\mfefirek.sys [527368 2021-05-19] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\windows\System32\drivers\mfehidk.sys [1037320 2021-05-19] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\windows\System32\DRIVERS\mfencbdc.sys [590032 2021-04-16] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\windows\System32\DRIVERS\mfencrk.sys [120512 2021-04-16] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\windows\System32\drivers\mfeplk.sys [121352 2021-05-19] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\windows\System32\drivers\mfewfpk.sys [257552 2021-05-19] (McAfee, Inc. -> McAfee, LLC)
R3 tapexpressvpn; C:\windows\System32\drivers\tapexpressvpn.sys [52904 2020-08-20] (ExprsVPN LLC -> The OpenVPN Project)
S3 WdBoot; C:\windows\system32\drivers\wd\WdBoot.sys [49600 2022-04-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\wd\WdFilter.sys [443664 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\windows\System32\drivers\WirelessButtonDriver64.sys [37280 2021-11-23] (HP Inc. -> HP)
S3 mfeavfk01; \Device\mfeavfk01.sys [X]
S3 MpKslc5b2b263; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{96C462A1-346C-4B27-ABB1-45361EE293B3}\MpKslDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-07-08 15:04 - 2022-07-08 15:04 - 000000000 ____D C:\Program Files (x86)\Seznam.cz
2022-07-08 15:03 - 2022-07-08 15:04 - 000000000 ____D C:\Users\hemmp\AppData\Roaming\Seznam.cz
2022-07-08 15:03 - 2022-07-08 15:04 - 000000000 ____D C:\FRST
2022-07-08 15:02 - 2022-07-08 15:02 - 002369024 _____ (Farbar) C:\Users\hemmp\Downloads\FRST64 (1).exe
2022-07-08 14:53 - 2022-07-08 14:53 - 000000000 ___HD C:\$AV_AVG
2022-07-08 14:52 - 2022-07-08 14:53 - 013227192 _____ C:\Users\hemmp\Downloads\FRST64.exe
2022-07-08 12:58 - 2022-07-08 12:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2022-07-07 13:17 - 2022-07-07 13:17 - 000000000 ____D C:\Users\hemmp\Downloads\Jo Nesbo - Netopýr
2022-07-05 23:40 - 2022-07-05 23:40 - 000000000 ____D C:\Program Files (x86)\I-Doser Premium
2022-07-05 23:39 - 2022-07-05 23:39 - 000000000 ____D C:\Program Files (x86)\I-Doser
2022-07-05 23:27 - 2022-07-05 23:40 - 000000000 ____D C:\Users\hemmp\Documents\Dose Files
2022-07-03 14:31 - 2022-07-03 14:31 - 000000000 ____D C:\Users\hemmp\Downloads\Stephen King Temná věž - Pistolník
2022-07-03 12:41 - 2022-07-03 13:29 - 873778673 _____ C:\Users\hemmp\Downloads\Malý princ- nezkrácená verze, Pavel Vacek a Kateřina Liďáková AUDIOKNIHA .flac
2022-07-01 13:12 - 2022-07-01 13:12 - 000000000 ____D C:\ProgramData\McInstTemp0032081656673931
2022-06-27 14:59 - 2022-06-27 14:59 - 000025040 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgElam.sys
2022-06-25 14:03 - 2022-06-25 15:31 - 1606196828 _____ C:\Users\hemmp\Downloads\Control 2007 Drama Ian Curtis,Joy Division CZ Titulky.avi
2022-06-22 23:02 - 2022-07-07 13:05 - 000000000 ____D C:\windows\system32\Tasks\AVAST Software
2022-06-21 20:30 - 2022-06-21 20:31 - 000000000 ____D C:\Users\hemmp\Desktop\Alpy 2022
2022-06-17 05:22 - 2022-06-17 05:22 - 002260480 _____ C:\windows\system32\TextInputMethodFormatter.dll
2022-06-17 05:22 - 2022-06-17 05:22 - 001333760 _____ C:\windows\SysWOW64\TextInputMethodFormatter.dll
2022-06-17 05:22 - 2022-06-17 05:22 - 000232288 _____ C:\windows\system32\containerdevicemanagement.dll
2022-06-17 05:22 - 2022-06-17 05:22 - 000104448 _____ C:\windows\system32\nettraceex.dll
2022-06-17 05:22 - 2022-06-17 05:22 - 000011787 _____ C:\windows\system32\DrtmAuthTxt.wim
2022-06-17 05:04 - 2022-06-17 05:04 - 000000000 ___HD C:\$WinREAgent
2022-06-16 16:24 - 2022-06-16 16:24 - 000000000 ____D C:\windows\system32\gf2engine
2022-06-16 12:54 - 2022-06-16 12:54 - 000000000 ____D C:\Users\hemmp\AppData\Local\AVG
2022-06-16 12:29 - 2022-06-16 12:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2022-06-16 12:29 - 2022-06-16 12:29 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2022-06-16 12:29 - 2015-12-18 12:00 - 000755200 _____ C:\windows\system32\xvidcore.dll
2022-06-16 12:29 - 2015-12-18 12:00 - 000674816 _____ C:\windows\SysWOW64\xvidcore.dll
2022-06-16 12:29 - 2015-12-18 12:00 - 000309248 _____ C:\windows\system32\xvidvfw.dll
2022-06-16 12:29 - 2015-12-18 12:00 - 000282112 _____ C:\windows\SysWOW64\xvidvfw.dll
2022-06-16 12:29 - 2015-10-24 19:00 - 000112128 _____ C:\windows\SysWOW64\ff_vfw.dll
2022-06-16 12:29 - 2015-02-28 18:22 - 003571200 _____ (x264vfw project) C:\windows\system32\x264vfw64.dll
2022-06-16 12:29 - 2015-02-28 18:21 - 003591680 _____ (x264vfw project) C:\windows\SysWOW64\x264vfw.dll
2022-06-16 12:29 - 2012-07-21 13:55 - 000180736 _____ (fccHandler) C:\windows\system32\ac3acm.acm
2022-06-16 12:29 - 2012-07-21 13:54 - 000122880 _____ (fccHandler) C:\windows\SysWOW64\ac3acm.acm
2022-06-16 12:29 - 2011-12-07 20:37 - 000148992 _____ ( ) C:\windows\system32\lagarith.dll
2022-06-16 12:29 - 2011-12-07 20:32 - 000216064 _____ ( ) C:\windows\SysWOW64\lagarith.dll
2022-06-16 12:25 - 2022-07-04 18:32 - 000000000 ____D C:\Users\hemmp\AppData\Local\CrashDumps
2022-06-16 12:24 - 2022-07-07 13:05 - 000003250 _____ C:\windows\system32\Tasks\Antivirus Emergency Update
2022-06-16 12:24 - 2022-07-07 13:05 - 000002772 _____ C:\windows\system32\Tasks\DivXUpdate
2022-06-16 12:24 - 2022-06-16 12:24 - 000382680 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgbidsdriver.sys
2022-06-16 12:24 - 2022-06-16 12:24 - 000322064 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgVmm.sys
2022-06-16 12:24 - 2022-06-16 12:24 - 000002078 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG AntiVirus FREE.lnk
2022-06-16 12:24 - 2022-06-16 12:24 - 000002066 _____ C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk
2022-06-16 12:24 - 2022-06-16 12:24 - 000000000 ____D C:\windows\system32\Tasks\AVG
2022-06-16 12:24 - 2022-06-16 12:24 - 000000000 ____D C:\Users\hemmp\AppData\Roaming\AVG
2022-06-16 12:24 - 2022-06-16 12:23 - 000857600 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgSnx.sys
2022-06-16 12:24 - 2022-06-16 12:23 - 000662288 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgSP.sys
2022-06-16 12:24 - 2022-06-16 12:23 - 000549112 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgNetHub.sys
2022-06-16 12:24 - 2022-06-16 12:23 - 000271744 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgMonFlt.sys
2022-06-16 12:24 - 2022-06-16 12:23 - 000269168 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\avgBoot.exe
2022-06-16 12:24 - 2022-06-16 12:23 - 000255208 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgbidsh.sys
2022-06-16 12:24 - 2022-06-16 12:23 - 000232800 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgArPot.sys
2022-06-16 12:24 - 2022-06-16 12:23 - 000218736 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgStm.sys
2022-06-16 12:24 - 2022-06-16 12:23 - 000111192 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgRdr2.sys
2022-06-16 12:24 - 2022-06-16 12:23 - 000102624 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgbuniv.sys
2022-06-16 12:24 - 2022-06-16 12:23 - 000086256 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgRvrt.sys
2022-06-16 12:24 - 2022-06-16 12:23 - 000045224 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgKbd.sys
2022-06-16 12:24 - 2022-06-16 12:23 - 000039064 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgArDisk.sys
2022-06-16 12:23 - 2022-06-18 17:59 - 000000000 ____D C:\Users\hemmp\AppData\Roaming\DivX
2022-06-16 12:23 - 2022-06-16 12:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2022-06-16 12:23 - 2022-06-16 12:23 - 000000000 ____D C:\Program Files\Common Files\AVG
2022-06-16 12:23 - 2022-06-16 12:23 - 000000000 ____D C:\Program Files\AVG
2022-06-16 12:22 - 2022-06-20 00:40 - 000000000 ____D C:\ProgramData\AVG
2022-06-16 12:22 - 2022-06-16 12:24 - 000000000 ____D C:\ProgramData\DivX
2022-06-16 12:22 - 2022-06-16 12:24 - 000000000 ____D C:\Program Files (x86)\DivX
2022-06-16 12:22 - 2022-06-16 12:22 - 004076208 _____ (DivX, LLC) C:\Users\hemmp\Downloads\DivXInstaller.exe
2022-06-14 01:24 - 2022-06-14 01:24 - 012951327 _____ C:\Users\hemmp\Downloads\freehra_playboy2003.rar
2022-06-11 22:43 - 2022-06-11 22:43 - 000587013 _____ C:\Users\hemmp\Downloads\eTicket_3906.pdf
2022-06-11 20:47 - 2022-06-11 21:23 - 665786243 _____ C:\Users\hemmp\Downloads\DNA Says Love You E12 END HARDSUB.mp4
2022-06-09 23:48 - 2022-06-10 00:24 - 663868237 _____ C:\Users\hemmp\Downloads\DNA Says Love You E11 HARDSUB (1).mp4
2022-06-09 23:07 - 2022-06-09 23:48 - 663868237 _____ C:\Users\hemmp\Downloads\DNA Says Love You E11 HARDSUB.mp4
2022-06-09 17:06 - 2022-06-09 17:42 - 664470213 _____ C:\Users\hemmp\Downloads\DNA Says Love You E10 HARDSUB.mp4
2022-06-09 16:28 - 2022-06-09 17:04 - 665413833 _____ C:\Users\hemmp\Downloads\DNA Says Love You E09 HARDSUB.mp4
2022-06-09 11:16 - 2022-06-09 11:52 - 663854816 _____ C:\Users\hemmp\Downloads\DNA Says Love You E08 HARDSUB.mp4
2022-06-09 09:22 - 2022-06-09 09:59 - 683085298 _____ C:\Users\hemmp\Downloads\DNA Says Love You E07 HARDSUB.mp4
2022-06-09 08:13 - 2022-06-09 08:50 - 683692646 _____ C:\Users\hemmp\Downloads\DNA Says Love You E06 HARDSUB.mp4
2022-06-08 19:14 - 2022-06-08 19:51 - 683493961 _____ C:\Users\hemmp\Downloads\DNA Says Love You E05 HARDSUB.mp4
2022-06-08 18:16 - 2022-06-08 18:54 - 683176152 _____ C:\Users\hemmp\Downloads\DNA Says Love You E04 HARDSUB.mp4
2022-06-08 16:15 - 2022-06-08 16:53 - 687820300 _____ C:\Users\hemmp\Downloads\DNA Says Love You E03 HARDSUB.mp4
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-07-08 15:04 - 2021-08-18 11:57 - 000000000 ____D C:\Program Files (x86)\Google
2022-07-08 14:44 - 2021-08-09 22:40 - 000000000 ____D C:\Users\hemmp\AppData\Roaming\discord
2022-07-08 14:42 - 2021-08-09 22:40 - 000000000 ____D C:\Users\hemmp\AppData\Local\Discord
2022-07-08 14:35 - 2020-05-06 10:58 - 000000000 ____D C:\windows\system32\SleepStudy
2022-07-08 14:35 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-07-07 23:52 - 2019-12-07 11:14 - 000000000 ____D C:\windows\AppReadiness
2022-07-07 23:51 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-07-07 23:24 - 2020-12-02 03:39 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-07-07 23:24 - 2020-12-02 03:39 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-07-07 13:05 - 2021-12-11 19:20 - 000003058 _____ C:\windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3792546399-3355871787-48867317-1001
2022-07-07 13:05 - 2021-08-18 11:57 - 000003402 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
2022-07-07 13:05 - 2021-08-18 11:57 - 000003178 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore
2022-07-07 13:05 - 2021-08-02 19:58 - 000002854 _____ C:\windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3792546399-3355871787-48867317-1001
2022-07-07 13:05 - 2021-05-14 10:46 - 000002850 _____ C:\windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3792546399-3355871787-48867317-500
2022-07-07 13:05 - 2021-05-14 10:32 - 000002662 _____ C:\windows\system32\Tasks\McAfeeLogon
2022-07-07 13:05 - 2021-05-14 10:31 - 000002646 _____ C:\windows\system32\Tasks\McAfee Remediation (Prepare)
2022-07-07 13:05 - 2020-12-02 03:47 - 000002766 _____ C:\windows\system32\Tasks\HPAudioSwitch
2022-07-07 13:05 - 2020-12-02 03:38 - 000003568 _____ C:\windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-07-07 13:05 - 2020-12-02 03:38 - 000003344 _____ C:\windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-07-07 04:07 - 2021-08-06 19:08 - 000000000 ____D C:\Users\hemmp\Documents\The Witcher 3
2022-07-05 03:05 - 2021-08-18 11:58 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-07-05 03:05 - 2021-08-18 11:58 - 000002213 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-07-04 20:58 - 2020-12-02 12:19 - 000748614 _____ C:\windows\system32\perfh005.dat
2022-07-04 20:58 - 2020-12-02 12:19 - 000161152 _____ C:\windows\system32\perfc005.dat
2022-07-04 20:58 - 2020-05-06 11:03 - 001833340 _____ C:\windows\system32\PerfStringBackup.INI
2022-07-04 20:58 - 2019-12-07 11:13 - 000000000 ____D C:\windows\INF
2022-07-04 18:16 - 2020-12-02 03:48 - 000000000 ____D C:\Program Files\Microsoft Office
2022-07-02 11:43 - 2021-08-29 18:17 - 000021036 _____ C:\Users\hemmp\Documents\Nový textový dokument.txt
2022-07-01 13:12 - 2021-05-14 10:31 - 000000000 ____D C:\Program Files (x86)\McAfee
2022-06-25 12:40 - 2021-05-14 10:22 - 000000000 ____D C:\ProgramData\Packages
2022-06-25 11:40 - 2021-08-02 19:58 - 000000000 ___RD C:\Users\hemmp\OneDrive
2022-06-25 11:40 - 2021-05-14 11:03 - 000002384 _____ C:\Users\hemmp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-06-23 13:42 - 2021-05-14 11:09 - 000000000 __SHD C:\Users\hemmp\IntelGraphicsProfiles
2022-06-20 00:40 - 2021-05-14 11:03 - 000000000 ____D C:\Users\hemmp
2022-06-20 00:40 - 2020-12-02 03:38 - 000000000 ____D C:\Intel
2022-06-20 00:40 - 2020-05-06 10:58 - 000008192 ___SH C:\DumpStack.log.tmp
2022-06-20 00:40 - 2020-05-06 10:58 - 000000006 ____H C:\windows\Tasks\SA.DAT
2022-06-20 00:40 - 2019-12-07 11:14 - 000000000 ____D C:\windows\ServiceState
2022-06-20 00:40 - 2019-12-07 11:03 - 000786432 _____ C:\windows\system32\config\BBI
2022-06-19 05:34 - 2019-12-07 11:03 - 000000000 ____D C:\windows\CbsTemp
2022-06-18 17:58 - 2020-05-06 10:58 - 000551128 _____ C:\windows\system32\FNTCACHE.DAT
2022-06-18 17:57 - 2021-05-14 20:15 - 000000000 ____D C:\windows\HoloShell
2022-06-18 17:57 - 2019-12-07 11:14 - 000000000 ___RD C:\windows\ImmersiveControlPanel
2022-06-18 17:57 - 2019-12-07 11:14 - 000000000 ____D C:\windows\SysWOW64\lv-LV
2022-06-18 17:57 - 2019-12-07 11:14 - 000000000 ____D C:\windows\SysWOW64\lt-LT
2022-06-18 17:57 - 2019-12-07 11:14 - 000000000 ____D C:\windows\SysWOW64\et-EE
2022-06-18 17:57 - 2019-12-07 11:14 - 000000000 ____D C:\windows\SysWOW64\es-MX
2022-06-18 17:57 - 2019-12-07 11:14 - 000000000 ____D C:\windows\SysWOW64\Dism
2022-06-18 17:57 - 2019-12-07 11:14 - 000000000 ____D C:\windows\SystemResources
2022-06-18 17:57 - 2019-12-07 11:14 - 000000000 ____D C:\windows\system32\ShellExperiences
2022-06-18 17:57 - 2019-12-07 11:14 - 000000000 ____D C:\windows\system32\oobe
2022-06-18 17:57 - 2019-12-07 11:14 - 000000000 ____D C:\windows\system32\lv-LV
2022-06-18 17:57 - 2019-12-07 11:14 - 000000000 ____D C:\windows\system32\lt-LT
2022-06-18 17:57 - 2019-12-07 11:14 - 000000000 ____D C:\windows\system32\et-EE
2022-06-18 17:57 - 2019-12-07 11:14 - 000000000 ____D C:\windows\system32\es-MX
2022-06-18 17:57 - 2019-12-07 11:14 - 000000000 ____D C:\windows\system32\Dism
2022-06-18 17:57 - 2019-12-07 11:14 - 000000000 ____D C:\windows\system32\DDFs
2022-06-18 17:57 - 2019-12-07 11:14 - 000000000 ____D C:\windows\bcastdvr
2022-06-18 17:57 - 2019-12-07 11:03 - 000000000 ____D C:\windows\servicing
2022-06-17 05:21 - 2020-05-06 11:01 - 002877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintConfig.dll
2022-06-17 04:59 - 2021-08-06 15:12 - 000000000 ____D C:\windows\system32\MRT
2022-06-17 04:55 - 2021-08-06 15:12 - 145918784 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2022-06-16 12:24 - 2019-12-07 11:14 - 000000000 ___HD C:\windows\ELAMBKUP
2022-06-13 16:49 - 2019-12-07 11:03 - 000032768 _____ C:\windows\system32\config\ELAM
2022-06-09 07:09 - 2021-08-09 22:40 - 000002234 _____ C:\Users\hemmp\Desktop\Discord.lnk
2022-06-09 07:09 - 2021-08-02 20:16 - 000000000 ____D C:\windows\system32\Tasks\Hewlett-Packard
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-07-2022
Ran by hemmp (08-07-2022 15:06:37)
Running from C:\Users\hemmp\AppData\Local\Temp\nsy9616.tmp
Microsoft Windows 10 Home Version 21H2 19044.1766 (X64) (2021-05-14 09:00:00)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3792546399-3355871787-48867317-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3792546399-3355871787-48867317-503 - Limited - Disabled)
Guest (S-1-5-21-3792546399-3355871787-48867317-501 - Limited - Disabled)
hemmp (S-1-5-21-3792546399-3355871787-48867317-1001 - Administrator - Enabled) => C:\Users\hemmp
WDAGUtilityAccount (S-1-5-21-3792546399-3355871787-48867317-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Disabled - Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
FW: McAfee Firewall (Disabled) {A57E80C3-3899-292F-ECD6-209A91801C57}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AVG AntiVirus FREE (HKLM\...\AVG Antivirus) (Version: 22.5.3235 - AVG Technologies)
Basemental Drugs (HKU\S-1-5-21-3792546399-3355871787-48867317-1001\...\{AE33B5C0-AA1E-4984-BF9E-7434A5C8E7E5}}_is1) (Version: 7.13.142 - Basemental GameMods)
Basemental Gangs (HKU\S-1-5-21-3792546399-3355871787-48867317-1001\...\{0CC0B732-CF1A-44E2-8590-07244DDBA53E}}_is1) (Version: 6.18.55 - Basemental GameMods)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.76.1091 - AB Team, d.o.o.)
Discord (HKU\S-1-5-21-3792546399-3355871787-48867317-1001\...\Discord) (Version: 0.0.310 - Discord Inc.)
DivX Setup (HKLM\...\DivX Setup) (Version: 10.8.9.0 - DivX, LLC)
ExpressVPN (HKLM-x32\...\{E5B9C3E5-889C-4F22-A959-F4B8468D8835}) (Version: 7.12.1.4 - ExpressVPN) Hidden
ExpressVPN (HKLM-x32\...\{ebd248cd-b3ef-4e14-b91a-d626fa5c392a}) (Version: 7.12.1.4 - ExpressVPN)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 103.0.5060.114 - Google LLC)
HP Audio Switch (HKLM-x32\...\{3A5141D4-47DB-4302-9B1C-272BE585BC8A}) (Version: 1.0.179.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.17.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
I-Doser 4.50 (HKLM-x32\...\I-Doser 4.50) (Version: - )
K-Lite Mega Codec Pack 11.9.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.9.0 - KLCP)
KMPlayer 64X (remove only) (HKLM\...\KMPlayer 64X) (Version: 2022.2.25.13 - PandoraTV)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0 R37 - McAfee, LLC)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.15225.20288 - Microsoft Corporation)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.15225.20288 - Microsoft Corporation)
Microsoft 365 - sk-sk (HKLM\...\O365HomePremRetail - sk-sk) (Version: 16.0.15225.20288 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 103.0.1264.49 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 103.0.1264.44 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3792546399-3355871787-48867317-1001\...\OneDriveSetup.exe) (Version: 22.121.0605.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29016 (HKLM-x32\...\{40d3fee2-b257-46c2-bdc0-cb1088d97327}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29016 (HKLM-x32\...\{1aaa01ad-3069-4288-9c6f-37a140a8f6c7}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.27.29016 (HKLM\...\{F07B1E25-5670-4556-9C7F-5A1966C83269}) (Version: 14.27.29016 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.27.29016 (HKLM\...\{E493B8F4-E300-43EC-95D0-BDF3711297EA}) (Version: 14.27.29016 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.27.29016 (HKLM-x32\...\{5CD4E357-9ED6-42AC-B654-F1FC21DD60C9}) (Version: 14.27.29016 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.27.29016 (HKLM-x32\...\{E2C131AD-D30F-4D67-ACE9-B3D485E84DA8}) (Version: 14.27.29016 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15330.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15330.20196 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13127.20616 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13127.20616 - Microsoft Corporation) Hidden
Seznam Software (HKU\S-1-5-21-3792546399-3355871787-48867317-1001\...\SeznamInstall) (Version: 2.1.35 - Seznam.cz)
The Sims 3 Ultimate Collection verze 1.67.2 (HKLM-x32\...\The Sims 3 Ultimate Collection_is1) (Version: 1.67.2 - EA Games)
The Sims 4 (HKLM-x32\...\The Sims 4_is1) (Version: - )
The Witcher 3: Wild Hunt - Game of the Year Edition (HKLM-x32\...\1495134320_is1) (Version: 1.32 - GOG.com)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.00 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.726 - McAfee, LLC)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Packages:
=========
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2815.0_x64__343d40qqvtj1t [2022-01-30] (Amazon.com)
AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.51091.0_x64__8wekyb3d8bbwe [2022-05-17] (Microsoft Corporation)
Booking.com EMEA: Big savings on hotels in 96,000 destinations worldwide -> C:\Program Files\WindowsApps\PricelinePartnerNetwork.Booking.comEMEABigsavingso_2.0.5.0_x64__mgae2k3ys4ra0 [2022-01-30] (Priceline Partner Network)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.8.0_x64__xbfy0k16fey96 [2022-03-23] (Dropbox Inc.)
Energy Star -> C:\Program Files\WindowsApps\AD2F1837.HPInc.EnergyStar_1.2.0.0_x64__v10z8vjag6ke6 [2021-05-14] (HP Inc.)
HP Audio Center -> C:\Program Files\WindowsApps\AD2F1837.HPAudioCenter_1.15.226.0_x64__v10z8vjag6ke6 [2021-05-14] (HP Inc.)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_1.8.1.0_x64__v10z8vjag6ke6 [2022-03-10] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.0.42.0_x64__v10z8vjag6ke6 [2022-01-30] (HP Inc.)
HP QuickDrop -> C:\Program Files\WindowsApps\AD2F1837.HPQuickDrop_2.5.10203.0_x64__v10z8vjag6ke6 [2022-06-04] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_136.1.269.0_x64__v10z8vjag6ke6 [2022-04-27] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.18.43.0_x64__v10z8vjag6ke6 [2022-07-01] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.2.15.0_x64__v10z8vjag6ke6 [2022-01-23] (HP Inc.)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1026.0_x64__8j3eq9eme6ctt [2022-04-04] (INTEL CORP)
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy [2022-01-30] (McAfee LLC.)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.5310.0_x64__8wekyb3d8bbwe [2022-06-07] (Microsoft Studios) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_52.10620.425.0_x64__8wekyb3d8bbwe [2022-07-05] (Microsoft Corporation)
myHP -> C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53228.0_x64__v10z8vjag6ke6 [2022-06-17] (0)
myHP -> C:\Program Files\WindowsApps\AD2F1837.myHP_6.52219.341.0_x64__v10z8vjag6ke6 [2022-06-17] (HP Inc.) [Startup Task]
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt [2022-04-20] (INTEL CORP) [Startup Task]
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.4.4.0_x64__kx24dqmazqk8j [2022-01-30] (Random Salad Games LLC)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0 [2022-06-25] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\windows\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_b840211aa1b1b9ff\OptaneShellExt.dll [2020-10-21] (Intel(R) Rapid Storage Technology -> )
ShellIconOverlayIdentifiers: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ShellIconOverlayIdentifiers-x32: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [DivXShellExtensionItem] -> {48A8A3B0-57E8-4F2B-A49D-19E02B92377B} => C:\Program Files (x86)\Common Files\DivX Shared\DivXShellExtension64.dll [2018-10-09] (DivX, LLC -> DivX, LLC)
ContextMenuHandlers1: [DivXShellExtensionItem64] -> {6B49A276-0DBA-43F4-BC96-A841AD11B40B} => C:\Program Files (x86)\Common Files\DivX Shared\DivXShellExtension64.dll [2018-10-09] (DivX, LLC -> DivX, LLC)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2021-08-22] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\windows\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_b840211aa1b1b9ff\OptaneShellExt.dll [2020-10-21] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2021-08-22] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.LAGS] => C:\windows\system32\lagarith.dll [148992 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\windows\system32\x264vfw64.dll [3571200 2015-02-28] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\windows\system32\xvidvfw.dll [309248 2015-12-18] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3591680 2015-02-28] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [282112 2015-12-18] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Trials.lnk -> C:\Program Files (x86)\Online Services\Adobe\WizLink.exe () -> hxxp://js.redirect.hp.com/jumpstation?type=103&RedeemCode=XWG8TK9Ra8EZ3XZx%2bwmd30DKk67n3jpft%2fpCWyY56PBmMS3gJE1mlN4wWb9WB1ycC0%2bBYHGPxF3k2WyW3dO7zbPNLRT663cWZantFwavwlNa6g52OSApBIAHZeCF%2bK2Xtmiyaa20Q8EklEVoMy1DwyOiXO%2f6pPYL%2fymzL6DCzcE%3d
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass.lnk -> C:\Program Files (x86)\Online Services\LastPass\WizLink.exe () -> hxxp://js.redirect.hp.com/jumpstation?bd=lastpass&c=*&locale=*&pf=*&s=*&tp=edge
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Utomik - Play over 1000 games.lnk -> C:\Program Files (x86)\Online Services\Utomik\WizLink.exe () -> hxxps://www.utomik.com/hp_desktop
==================== Loaded Modules (Whitelisted) =============
2020-12-02 03:42 - 2020-12-02 03:42 - 001165824 _____ () [File not signed] C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\e_sqlite3.dll
2022-06-21 16:50 - 2022-06-21 16:50 - 000138240 _____ () [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\4a3769626565d5b38994a350ecd077f7\Interop.IWshRuntimeLibrary.ni.dll
2022-06-21 16:49 - 2022-06-21 16:49 - 000134656 _____ (hardcodet.net) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\e8c0202b75b88f80a49b29ee7dd59c05\Hardcodet.Wpf.TaskbarNotification.ni.dll
2021-05-14 10:29 - 2021-05-14 10:29 - 000014336 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.2.15.0_x64__v10z8vjag6ke6\SystemEventUtility\NativeRpcClient.DLL
2022-04-20 15:19 - 2022-04-20 15:19 - 042859520 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\IGCC.dll
2022-06-21 16:50 - 2022-06-21 16:50 - 001701888 _____ (Mark Heath & Contributors) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\NAudio\0346d007fe845aca86073384bc6faa0d\NAudio.ni.dll
2021-11-14 21:09 - 2021-11-14 21:09 - 016742912 _____ (McAfee LLC) [File not signed] C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.dll
2022-06-21 16:50 - 2022-06-21 16:50 - 003060736 _____ (Newtonsoft) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\ffa925098478e9512799d9bdb2fcb126\Newtonsoft.Json.ni.dll
2022-06-21 16:49 - 2022-06-21 16:49 - 000793088 _____ (The Apache Software Foundation) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\log4net\5ce59cbc54a4f8e4c7cca616c9ee2d63\log4net.ni.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\avgSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
SearchScopes: HKLM -> {436D9B53-4B31-4945-ACF7-1A4B569C7902} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {436D9B53-4B31-4945-ACF7-1A4B569C7902} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-3792546399-3355871787-48867317-1001 -> {436D9B53-4B31-4945-ACF7-1A4B569C7902} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2022-06-17] (McAfee, LLC -> McAfee, LLC)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2022-05-31] (HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-07-04] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2022-06-17] (McAfee, LLC -> McAfee, LLC)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2022-05-31] (HP Inc. -> HP Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-07-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-07-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-07-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-07-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-07-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-07-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-07-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-07-04] (Microsoft Corporation -> Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2021-08-22] (McAfee, LLC -> McAfee, LLC)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2021-08-22] (McAfee, LLC -> McAfee, LLC)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2021-09-22 12:53 - 000002192 _____ C:\windows\system32\drivers\etc\hosts
109.94.209.70 fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 fitgirlrepack.games # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 www.fitgirlrepack.games # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repack.net # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site
109.94.209.70 fitgirlpack.site # Fake FitGirl site
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3792546399-3355871787-48867317-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\hemmp\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{F45DC0AC-E979-44BB-B9F9-BBAE2B56CDC3}] => (Allow) C:\Program Files (x86)\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{24B82088-66C6-4575-BD15-519ECE877125}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{173FB6C9-9CC0-4640-A52A-3943CE0AC795}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [TCP Query User{A0237CA3-05C3-4EA6-9EB2-A11A7F55BD87}C:\games\the sims 4\game\bin\ts4_x64.exe] => (Block) C:\games\the sims 4\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [UDP Query User{ABC4854C-34D2-4C46-B197-A6345D90E1DD}C:\games\the sims 4\game\bin\ts4_x64.exe] => (Block) C:\games\the sims 4\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{39E56E28-50F3-44FC-9D34-34DBBC47BFDF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{08A41440-A3B2-483A-94F9-DF071DF46122}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{8C4338E4-F894-4D76-864B-808F344336F8}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{A161B331-E713-4B56-85D4-B3A9DCA3060D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{01188F80-5EBA-40F7-874E-2649A781AAB0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1E275531-643E-4526-B971-181491D90E63}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5ABE7A44-38EF-4D1D-A5F7-B112388DF916}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{36FA3FF1-6B8A-4236-A264-E1E90557DCC9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B1578B02-C193-4D94-B27F-543D965CCD2A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{88C3641F-E360-4787-910B-C3AAFB7DA987}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{66A804B4-658F-4579-AD93-65D332D62F87}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3F555B30-4F54-456F-B272-E0FB0A24CC04}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{79387ED4-6D1E-44A8-AE6F-DACB31205611}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{483FAE29-75BE-4B94-ACF8-A56DE8E7D6D9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1DDC012D-5EC3-4208-A082-D3A191459DBC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{74054E4C-B0C3-49F7-A03B-45D3E4738074}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\103.0.1264.44\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CF8648A7-E8AA-471F-8342-705272AE474E}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
05-07-2022 19:32:31 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (07/04/2022 06:32:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GalaxyOverlay.exe, verze: 2.0.8.28, časové razítko: 0x62665951
Název chybujícího modulu: VCRUNTIME140.dll, verze: 14.29.30135.0, časové razítko: 0x612d902b
Kód výjimky: 0xc0000005
Posun chyby: 0x000032ae
ID chybujícího procesu: 0x7cb0
Čas spuštění chybující aplikace: 0x01d88fc3a2002831
Cesta k chybující aplikaci: C:\ProgramData\GOG.com\Galaxy\redists\overlay\GalaxyOverlay.exe
Cesta k chybujícímu modulu: C:\windows\SYSTEM32\VCRUNTIME140.dll
ID zprávy: 1d1bb7f0-2713-4419-854b-64954e13e6c2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/01/2022 03:12:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AppHelperCap.exe, verze: 1.44.3002.0, časové razítko: 0x628e7924
Název chybujícího modulu: AppHelperCap.exe, verze: 1.44.3002.0, časové razítko: 0x628e7924
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000001c6c8
ID chybujícího procesu: 0x3f30
Čas spuštění chybující aplikace: 0x01d88d3b96634aed
Cesta k chybující aplikaci: C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_b7ebf8cfcf460a6c\x64\AppHelperCap.exe
Cesta k chybujícímu modulu: C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_b7ebf8cfcf460a6c\x64\AppHelperCap.exe
ID zprávy: 0f9f28e6-00c2-4d52-8977-1ab81d577118
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (06/17/2022 05:55:18 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program HPBackgroundProcess.exe verze 1.0.0.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 3260
Čas spuštění: 01d87f34c8f6edc4
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53228.0_x64__v10z8vjag6ke6\win32\HPBackgroundProcess.exe
ID hlášení: 4fff67cd-bd45-4e07-b1a3-8eb7d9bb5c7e
Úplný název balíčku s chybou: AD2F1837.myHP_1.10.53228.0_x64__v10z8vjag6ke6
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (06/16/2022 12:29:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Playboy2003.exe, verze: 0.0.0.0, časové razítko: 0x2a425e19
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1706, časové razítko: 0x40a40d01
Kód výjimky: 0x0eedfade
Posun chyby: 0x0012c3a2
ID chybujícího procesu: 0x2948
Čas spuštění chybující aplikace: 0x01d8816bfd8be406
Cesta k chybující aplikaci: C:\Users\hemmp\AppData\Local\Temp\Rar$EXa19096.3525\Playboy2003.exe
Cesta k chybujícímu modulu: C:\windows\System32\KERNELBASE.dll
ID zprávy: 46010ea1-0f94-4917-a271-043e04708ebe
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (06/16/2022 12:26:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Playboy2003.exe, verze: 0.0.0.0, časové razítko: 0x2a425e19
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1706, časové razítko: 0x40a40d01
Kód výjimky: 0x0eedfade
Posun chyby: 0x0012c3a2
ID chybujícího procesu: 0x49f8
Čas spuštění chybující aplikace: 0x01d8816b78afba69
Cesta k chybující aplikaci: C:\Users\hemmp\AppData\Local\Temp\Rar$EXa19096.29996\Playboy2003.exe
Cesta k chybujícímu modulu: C:\windows\System32\KERNELBASE.dll
ID zprávy: 2c1c6c9e-ed58-49a1-bfb7-0734285678d5
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (06/16/2022 12:25:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Playboy2003.exe, verze: 0.0.0.0, časové razítko: 0x2a425e19
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1706, časové razítko: 0x40a40d01
Kód výjimky: 0x0eedfade
Posun chyby: 0x0012c3a2
ID chybujícího procesu: 0x4b00
Čas spuštění chybující aplikace: 0x01d8816b5f74d9e9
Cesta k chybující aplikaci: C:\Users\hemmp\AppData\Local\Temp\Rar$EXa19072.27091\Playboy 2003\Playboy2003.exe
Cesta k chybujícímu modulu: C:\windows\System32\KERNELBASE.dll
ID zprávy: e9a16146-e430-4859-8e62-307dc343274e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (06/16/2022 12:20:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Playboy2003.exe, verze: 0.0.0.0, časové razítko: 0x2a425e19
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1706, časové razítko: 0x40a40d01
Kód výjimky: 0x0eedfade
Posun chyby: 0x0012c3a2
ID chybujícího procesu: 0x3844
Čas spuštění chybující aplikace: 0x01d8816aa38f0bb8
Cesta k chybující aplikaci: C:\Users\hemmp\AppData\Local\Temp\Rar$EXa19072.45030\Playboy 2003\Playboy2003.exe
Cesta k chybujícímu modulu: C:\windows\System32\KERNELBASE.dll
ID zprávy: bc6cf3ca-6e5a-4323-a0fc-9f333890300a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (06/14/2022 01:28:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Playboy2003.exe, verze: 0.0.0.0, časové razítko: 0x2a425e19
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1706, časové razítko: 0x40a40d01
Kód výjimky: 0x0eedfade
Posun chyby: 0x0012c3a2
ID chybujícího procesu: 0x3ae0
Čas spuštění chybující aplikace: 0x01d87f7d483db9a7
Cesta k chybující aplikaci: C:\Users\hemmp\AppData\Local\Temp\Rar$EXa11356.5651\Playboy2003.exe
Cesta k chybujícímu modulu: C:\windows\System32\KERNELBASE.dll
ID zprávy: fdc74b38-4420-4668-80a3-46076fbc7774
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (07/06/2022 10:59:23 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-J664RDVR)
Description: Server {D18705BE-FC2F-44C8-AEFF-1CD49AEA8FC1} se v daném časovém limitu neregistroval u služby DCOM.
Error: (07/06/2022 10:57:23 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-J664RDVR)
Description: Server {D18705BE-FC2F-44C8-AEFF-1CD49AEA8FC1} se v daném časovém limitu neregistroval u služby DCOM.
Error: (07/04/2022 06:13:41 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Error: (07/04/2022 02:23:44 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: Vzájemné ověření mezi místním adaptérem Bluetooth a zařízením s adresou adaptéru Bluetooth (e4:19:c1:f9:86:1b) se nezdařilo.
Error: (07/04/2022 02:20:09 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: Vzájemné ověření mezi místním adaptérem Bluetooth a zařízením s adresou adaptéru Bluetooth (e4:19:c1:f9:86:1b) se nezdařilo.
Error: (07/01/2022 03:12:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP App Helper HSA Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.
Error: (06/18/2022 05:58:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba AppXSvc závisí na službě StateRepository, která neuspěla při spuštění v důsledku následující chyby:
Operace byla dokončena úspěšně.
Error: (06/18/2022 05:57:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Audiosrv neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.
Windows Defender:
================
Date: 2022-06-14 00:48:27
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUADlManager:Win32/Seznam
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\hemmp\Downloads\Playboy2003.exe; webfile:_C:\Users\hemmp\Downloads\Playboy2003.exe|https://dl.slunecnice.cz/lista/win/p/Pl ... 0005545216
Původ detekce: Internet
Typ detekce: Konkrétní
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: LAPTOP-J664RDVR\hemmp
Název procesu: C:\Program Files\Google\Chrome\Application\chrome.exe
Verze bezpečnostních informací: AV: 1.367.1486.0, AS: 1.367.1486.0, NIS: 1.367.1486.0
Verze modulu: AM: 1.1.19200.6, NIS: 1.1.19200.6
Date: 2022-06-14 00:46:48
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUADlManager:Win32/Seznam
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\hemmp\Downloads\Playboy2003.exe; webfile:_C:\Users\hemmp\Downloads\Playboy2003.exe|https://dl.slunecnice.cz/lista/win/p/Pl ... 0005545216
Původ detekce: Internet
Typ detekce: Konkrétní
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: LAPTOP-J664RDVR\hemmp
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.367.1486.0, AS: 1.367.1486.0, NIS: 1.367.1486.0
Verze modulu: AM: 1.1.19200.6, NIS: 1.1.19200.6
Date: 2022-06-11 21:30:37
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {6992B980-8CE1-4521-A9D4-D4972E59DC6F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-06-08 16:25:32
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F9F4F6E7-8A82-4021-AB7A-BAB2569D730F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-06-07 14:32:18
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {8847A2FB-339C-4936-BFAF-BF606A724721}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
CodeIntegrity:
===============
Date: 2022-07-08 15:06:40
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2022-07-08 15:06:40
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: AMI F.25 03/09/2022
Motherboard: HP 86C9
Processor: Intel(R) Core(TM) i5-1035G1 CPU @ 1.00GHz
Percentage of memory in use: 88%
Total physical RAM: 7880.73 MB
Available physical RAM: 937.99 MB
Total Virtual: 21148.64 MB
Available Virtual: 5635.7 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:476.13 GB) (Free:9.5 GB) (Model: INTEL SSDPEKNW512G8H) NTFS
\\?\Volume{22a01628-5552-4fed-9d1e-13fa4b38ba4b}\ (Windows RE tools) (Fixed) (Total:0.53 GB) (Free:0.06 GB) NTFS
\\?\Volume{f4a1a17b-8888-4179-a21e-cfaa9518f537}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 67B16628)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-07-2022
Ran by hemmp (administrator) on LAPTOP-J664RDVR (HP HP Laptop 15s-fq1xxx) (08-07-2022 15:04:00)
Running from C:\Users\hemmp\AppData\Local\Temp\nsy9616.tmp
Loaded Profiles: hemmp
Platform: Microsoft Windows 10 Home Version 21H2 19044.1766 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe <4>
(C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe ->) (Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpnd\expressvpnd.exe
(C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe ->) (GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe <2>
(C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe ->) (GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GOG Galaxy Notifications Renderer.exe
(C:\Program Files\AVG\Antivirus\AVGSvc.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe <2>
(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\WindowsApps\AD2F1837.myHP_6.52219.341.0_x64__v10z8vjag6ke6\win32\DesktopExtension.exe ->) (HP Inc.) C:\Program Files\WindowsApps\AD2F1837.myHP_6.52219.341.0_x64__v10z8vjag6ke6\win32\HPAudioSwitch.exe
(C:\Users\hemmp\Downloads\FRST64.exe ->) (Seznam.cz, a.s. -> ) C:\Users\hemmp\AppData\Local\Temp\nsy9616.tmp\listicka.exe
(cmd.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MSC\MfeBrowserHost.exe
(cmd.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe
(Discord Inc. -> Discord Inc.) C:\Users\hemmp\AppData\Local\Discord\app-1.0.9005\Discord.exe <6>
(DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxCUIServiceN.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxEMN.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(explorer.exe ->) (GOG Sp. z o.o. -> GOG.com) C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <45>
(explorer.exe ->) (HP Inc.) C:\Program Files\WindowsApps\AD2F1837.myHP_6.52219.341.0_x64__v10z8vjag6ke6\win32\DesktopExtension.exe
(explorer.exe ->) (Internet Info, s.r.o. -> ) C:\Users\hemmp\Downloads\FRST64.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (win.rar GmbH -> Alexander Roshal) C:\Program Files\WinRAR\WinRAR.exe
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationService.exe
(GOG Sp. z o.o. -> GOG.com) C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
(HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.2.15.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(services.exe ->) (Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_29c6c876bdaf5af9\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_b7ebf8cfcf460a6c\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_b7ebf8cfcf460a6c\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_b7ebf8cfcf460a6c\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_b7ebf8cfcf460a6c\x64\SysInfoCap.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ba273d0ffb93e225\RstMwService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0b214be229a13e84\jhi_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_21306a77b30fd6e0\esif_uf.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b8e01d9e8716d2a7\igfxCUIServiceN.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_54b736e5be5b50b2\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_0067181d6d0f8476\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\CSP\4.6.104.0\McCSPServiceHost.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <3>
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_21_4\mcapexe.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(sihost.exe ->) (McAfee LLC.) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\Win32\mcafee-security-ft.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(svchost.exe ->) (HP Inc.) C:\Program Files\WindowsApps\AD2F1837.myHP_6.52219.341.0_x64__v10z8vjag6ke6\HP.MyHP.exe
(svchost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (McAfee LLC.) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.exe
(svchost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MQS\QcShm.exe
(svchost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\VUL\McVulCtr.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1737_none_7dec0d8c7ca729de\TiWorker.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\windows\System32\RtkAudUService64.exe [1138976 2020-08-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [249712 2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [465120 2020-08-20] (Express Vpn LLC -> ExpressVPN)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [1058512 2018-12-18] (DivX, LLC. -> DivX, LLC)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3792546399-3355871787-48867317-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [525312 2021-08-06] (HP Inc.) [File not signed]
HKU\S-1-5-21-3792546399-3355871787-48867317-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-3792546399-3355871787-48867317-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14074968 2022-06-05] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-3792546399-3355871787-48867317-1001\...\Run: [Discord] => C:\Users\hemmp\AppData\Local\Discord\Update.exe [1512096 2021-05-24] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3792546399-3355871787-48867317-1001\...\Run: [MicrosoftEdgeAutoLaunch_7F36051C283E0CF78DB6FF6826A4EF4A] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3601824 2022-07-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3792546399-3355871787-48867317-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\hemmp\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-3792546399-3355871787-48867317-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\hemmp\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-3792546399-3355871787-48867317-1001\...\RunOnce: [Delete Cached Update Binary] => C:\windows\system32\cmd.exe /q /c del /q "C:\Users\hemmp\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3792546399-3355871787-48867317-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\windows\system32\cmd.exe /q /c del /q "C:\Users\hemmp\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3792546399-3355871787-48867317-1001\...\RunOnce: [Uninstall 22.111.0522.0002] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\hemmp\AppData\Local\Microsoft\OneDrive\22.111.0522.0002" (No File)
HKU\S-1-5-21-3792546399-3355871787-48867317-1001\...\MountPoints2: {497cddae-3fbd-11ec-a534-1418c377c86e} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3792546399-3355871787-48867317-1001\...\MountPoints2: {68a93f73-9384-11ec-a54c-1418c377c86e} - "D:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\103.0.5060.114\Installer\chrmstp.exe [2022-07-05] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0CDEFB30-1AF5-4F8C-9FC3-B787C664C54C} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [4962160 2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
"C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" could not be unlocked. <==== ATTENTION
Task: {11D0AC55-0C44-425E-9486-E4B835EF7FEA} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {1FCCF53C-28C3-4FF6-A3E7-2360B292B5A3} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1032448 2021-08-02] (McAfee, LLC -> McAfee, LLC)
Task: {2055D609-0563-48B3-A35B-151033709FF5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-08-18] (Google LLC -> Google LLC)
Task: {2345EA82-A433-474E-A2E0-585F186BAABB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [411280 2022-05-31] (HP Inc. -> HP Inc.)
Task: {3B69A0E1-1BEC-4F28-AE36-F12460350893} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2287472 2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {6CB03E39-7034-4FCF-80A0-B59D8CB78949} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice
Task: {748F9E41-5483-46F6-9AB2-F34B18AD97A0} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4549112 2022-04-01] (McAfee, LLC -> McAfee, LLC)
Task: {76C611A1-1675-44AF-973F-9E21AFD9C257} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144800 2022-07-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {9E87CA16-C356-45DA-8CAC-B23972266580} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144800 2022-07-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {B29CF1F4-0960-4B29-AA2A-809EB351AD22} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [67472 2022-07-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {CC945D25-4B9A-466F-B3DC-417340D70ADA} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23374288 2022-07-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {D0138E92-86DB-4A08-81DF-0D062C1EAE0D} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [68568 2017-08-02] (DivX, LLC -> DivX, LLC)
Task: {D57ED56D-E505-48D1-BA7B-B2E713E1C99A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-08-18] (Google LLC -> Google LLC)
Task: {EF3BFC06-618F-409E-B037-0245D8165A55} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.7.104\DADUpdater.exe [4089168 2022-02-08] (McAfee, LLC -> McAfee, LLC)
Task: {EF616530-E744-4090-A089-A4B7DAA44238} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [757944 2021-05-06] (McAfee, LLC -> McAfee, LLC)
Task: {F449D259-3751-47EB-B9B2-7131B7B328DD} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644472 2019-06-21] (HP Inc. -> HP Inc.)
Task: {F692589D-492C-48FD-B23E-59B587E72374} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23374288 2022-07-03] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{ac6afac6-f443-473d-b368-87def6d84791}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\hemmp\AppData\Local\Microsoft\Edge\User Data\Default [2022-07-07]
Edge Notifications: Default -> hxxps://optolov.ru
Edge HomePage: Default -> hxxp://google.com/
FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2021-08-22] (McAfee, LLC -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2021-08-22] (McAfee, LLC -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-04] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\hemmp\AppData\Local\Google\Chrome\User Data\Default [2022-07-08]
CHR HomePage: Default -> hxxp://www.nempe.cz/
CHR Extension: (McAfee® WebAdvisor) - C:\Users\hemmp\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2022-06-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\hemmp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-22]
CHR Extension: (FormApps Extension) - C:\Users\hemmp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2021-08-18]
CHR Extension: (Grammarly: Grammar Checker and Writing App) - C:\Users\hemmp\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2022-07-01]
CHR Extension: (Kitten) - C:\Users\hemmp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbfbdnbihgeniefagfpfgbfolmgnkmd [2022-04-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\hemmp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-18]
CHR Profile: C:\Users\hemmp\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-12-24]
CHR Profile: C:\Users\hemmp\AppData\Local\Google\Chrome\User Data\System Profile [2021-12-15]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 0032081656673931mcinstcleanup; C:\ProgramData\McInstTemp0032081656673931\McInst.exe [872896 2021-08-22] (McAfee, LLC -> McAfee, LLC)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [612720 2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [612720 2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [8469160 2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [109480 2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12111312 2022-07-03] (Microsoft Corporation -> Microsoft Corporation)
R2 ExpressVPNService; C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe [437472 2020-08-20] (Express Vpn LLC -> ExpressVPN)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2275928 2022-06-05] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7166552 2022-04-28] (GOG Sp. z o.o. -> GOG.com)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [905080 2020-03-18] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_b7ebf8cfcf460a6c\x64\AppHelperCap.exe [765016 2022-05-26] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_b7ebf8cfcf460a6c\x64\DiagsCap.exe [763480 2022-05-26] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_b7ebf8cfcf460a6c\x64\NetworkCap.exe [760408 2022-05-26] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_b7ebf8cfcf460a6c\x64\SysInfoCap.exe [763976 2022-05-26] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_29c6c876bdaf5af9\x64\TouchpointAnalyticsClientService.exe [489696 2022-05-26] (HP Inc. -> HP Inc.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [808728 2022-06-30] (McAfee, LLC -> McAfee, LLC)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_21_4\McApExe.exe [789752 2021-08-22] (McAfee, LLC -> McAfee, LLC)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [589592 2020-06-24] (McAfee, LLC -> McAfee, LLC)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\4.6.104.0\\McCSPServiceHost.exe [2825792 2021-08-13] (McAfee, LLC -> McAfee, LLC)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [652232 2021-05-11] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [652232 2021-05-11] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [652232 2021-05-11] (McAfee, Inc. -> McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1671760 2021-08-10] (McAfee, LLC -> McAfee, LLC)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [4288832 2021-08-13] (McAfee, LLC -> McAfee, LLC)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AmUStor; C:\windows\system32\drivers\AmUStorU.sys [135296 2020-07-16] (Alcorlink Corp. -> )
R0 avgArDisk; C:\windows\System32\drivers\avgArDisk.sys [39064 2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\windows\System32\drivers\avgArPot.sys [232800 2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\windows\System32\drivers\avgbidsdriver.sys [382680 2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\windows\System32\drivers\avgbidsh.sys [255208 2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\windows\System32\drivers\avgbuniv.sys [102624 2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\windows\System32\drivers\avgElam.sys [25040 2022-06-27] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\windows\System32\drivers\avgKbd.sys [45224 2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgMonFlt; C:\windows\System32\drivers\avgMonFlt.sys [271744 2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\windows\System32\drivers\avgNetHub.sys [549112 2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\windows\System32\drivers\avgRdr2.sys [111192 2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\windows\System32\drivers\avgRvrt.sys [86256 2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\windows\System32\drivers\avgSnx.sys [857600 2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\windows\System32\drivers\avgSP.sys [662288 2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\windows\System32\drivers\avgStm.sys [218736 2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\windows\System32\drivers\avgVmm.sys [322064 2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 cfwids; C:\windows\System32\drivers\cfwids.sys [80400 2021-05-19] (McAfee, Inc. -> McAfee, LLC)
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\expressvpnsplittunnel.sys [37024 2020-08-20] (ExprsVPN LLC -> ExpressVPN)
R3 HPCustomCapDriver; C:\windows\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.)
S3 iaLPSS2_GPIO2_ICL; C:\windows\System32\DriverStore\FileRepository\ialpss2_gpio2_icl.inf_amd64_90beccc7e046abab\iaLPSS2_GPIO2_ICL.sys [132872 2020-06-29] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_ICL; C:\windows\System32\DriverStore\FileRepository\ialpss2_i2c_icl.inf_amd64_c8c0638291b9b209\iaLPSS2_I2C_ICL.sys [200456 2020-06-29] (Intel Corporation -> Intel Corporation)
S3 iaLPSS2_SPI_ICL; C:\windows\System32\DriverStore\FileRepository\ialpss2_spi_icl.inf_amd64_66a759065dfa6f64\iaLPSS2_SPI_ICL.sys [160024 2020-06-29] (Intel Corporation -> Intel Corporation)
S3 iaLPSS2_UART2_ICL; C:\windows\System32\DriverStore\FileRepository\ialpss2_uart2_icl.inf_amd64_b535659b9405201a\iaLPSS2_UART2_ICL.sys [312600 2020-06-29] (Intel Corporation -> Intel Corporation)
R3 mfeaack; C:\windows\System32\drivers\mfeaack.sys [550944 2021-05-19] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\windows\System32\drivers\mfeavfk.sys [390664 2021-05-19] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\windows\System32\drivers\mfeelamk.sys [85952 2021-05-19] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\windows\System32\drivers\mfefirek.sys [527368 2021-05-19] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\windows\System32\drivers\mfehidk.sys [1037320 2021-05-19] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\windows\System32\DRIVERS\mfencbdc.sys [590032 2021-04-16] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\windows\System32\DRIVERS\mfencrk.sys [120512 2021-04-16] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\windows\System32\drivers\mfeplk.sys [121352 2021-05-19] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\windows\System32\drivers\mfewfpk.sys [257552 2021-05-19] (McAfee, Inc. -> McAfee, LLC)
R3 tapexpressvpn; C:\windows\System32\drivers\tapexpressvpn.sys [52904 2020-08-20] (ExprsVPN LLC -> The OpenVPN Project)
S3 WdBoot; C:\windows\system32\drivers\wd\WdBoot.sys [49600 2022-04-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\wd\WdFilter.sys [443664 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\windows\System32\drivers\WirelessButtonDriver64.sys [37280 2021-11-23] (HP Inc. -> HP)
S3 mfeavfk01; \Device\mfeavfk01.sys [X]
S3 MpKslc5b2b263; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{96C462A1-346C-4B27-ABB1-45361EE293B3}\MpKslDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-07-08 15:04 - 2022-07-08 15:04 - 000000000 ____D C:\Program Files (x86)\Seznam.cz
2022-07-08 15:03 - 2022-07-08 15:04 - 000000000 ____D C:\Users\hemmp\AppData\Roaming\Seznam.cz
2022-07-08 15:03 - 2022-07-08 15:04 - 000000000 ____D C:\FRST
2022-07-08 15:02 - 2022-07-08 15:02 - 002369024 _____ (Farbar) C:\Users\hemmp\Downloads\FRST64 (1).exe
2022-07-08 14:53 - 2022-07-08 14:53 - 000000000 ___HD C:\$AV_AVG
2022-07-08 14:52 - 2022-07-08 14:53 - 013227192 _____ C:\Users\hemmp\Downloads\FRST64.exe
2022-07-08 12:58 - 2022-07-08 12:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2022-07-07 13:17 - 2022-07-07 13:17 - 000000000 ____D C:\Users\hemmp\Downloads\Jo Nesbo - Netopýr
2022-07-05 23:40 - 2022-07-05 23:40 - 000000000 ____D C:\Program Files (x86)\I-Doser Premium
2022-07-05 23:39 - 2022-07-05 23:39 - 000000000 ____D C:\Program Files (x86)\I-Doser
2022-07-05 23:27 - 2022-07-05 23:40 - 000000000 ____D C:\Users\hemmp\Documents\Dose Files
2022-07-03 14:31 - 2022-07-03 14:31 - 000000000 ____D C:\Users\hemmp\Downloads\Stephen King Temná věž - Pistolník
2022-07-03 12:41 - 2022-07-03 13:29 - 873778673 _____ C:\Users\hemmp\Downloads\Malý princ- nezkrácená verze, Pavel Vacek a Kateřina Liďáková AUDIOKNIHA .flac
2022-07-01 13:12 - 2022-07-01 13:12 - 000000000 ____D C:\ProgramData\McInstTemp0032081656673931
2022-06-27 14:59 - 2022-06-27 14:59 - 000025040 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgElam.sys
2022-06-25 14:03 - 2022-06-25 15:31 - 1606196828 _____ C:\Users\hemmp\Downloads\Control 2007 Drama Ian Curtis,Joy Division CZ Titulky.avi
2022-06-22 23:02 - 2022-07-07 13:05 - 000000000 ____D C:\windows\system32\Tasks\AVAST Software
2022-06-21 20:30 - 2022-06-21 20:31 - 000000000 ____D C:\Users\hemmp\Desktop\Alpy 2022
2022-06-17 05:22 - 2022-06-17 05:22 - 002260480 _____ C:\windows\system32\TextInputMethodFormatter.dll
2022-06-17 05:22 - 2022-06-17 05:22 - 001333760 _____ C:\windows\SysWOW64\TextInputMethodFormatter.dll
2022-06-17 05:22 - 2022-06-17 05:22 - 000232288 _____ C:\windows\system32\containerdevicemanagement.dll
2022-06-17 05:22 - 2022-06-17 05:22 - 000104448 _____ C:\windows\system32\nettraceex.dll
2022-06-17 05:22 - 2022-06-17 05:22 - 000011787 _____ C:\windows\system32\DrtmAuthTxt.wim
2022-06-17 05:04 - 2022-06-17 05:04 - 000000000 ___HD C:\$WinREAgent
2022-06-16 16:24 - 2022-06-16 16:24 - 000000000 ____D C:\windows\system32\gf2engine
2022-06-16 12:54 - 2022-06-16 12:54 - 000000000 ____D C:\Users\hemmp\AppData\Local\AVG
2022-06-16 12:29 - 2022-06-16 12:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2022-06-16 12:29 - 2022-06-16 12:29 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2022-06-16 12:29 - 2015-12-18 12:00 - 000755200 _____ C:\windows\system32\xvidcore.dll
2022-06-16 12:29 - 2015-12-18 12:00 - 000674816 _____ C:\windows\SysWOW64\xvidcore.dll
2022-06-16 12:29 - 2015-12-18 12:00 - 000309248 _____ C:\windows\system32\xvidvfw.dll
2022-06-16 12:29 - 2015-12-18 12:00 - 000282112 _____ C:\windows\SysWOW64\xvidvfw.dll
2022-06-16 12:29 - 2015-10-24 19:00 - 000112128 _____ C:\windows\SysWOW64\ff_vfw.dll
2022-06-16 12:29 - 2015-02-28 18:22 - 003571200 _____ (x264vfw project) C:\windows\system32\x264vfw64.dll
2022-06-16 12:29 - 2015-02-28 18:21 - 003591680 _____ (x264vfw project) C:\windows\SysWOW64\x264vfw.dll
2022-06-16 12:29 - 2012-07-21 13:55 - 000180736 _____ (fccHandler) C:\windows\system32\ac3acm.acm
2022-06-16 12:29 - 2012-07-21 13:54 - 000122880 _____ (fccHandler) C:\windows\SysWOW64\ac3acm.acm
2022-06-16 12:29 - 2011-12-07 20:37 - 000148992 _____ ( ) C:\windows\system32\lagarith.dll
2022-06-16 12:29 - 2011-12-07 20:32 - 000216064 _____ ( ) C:\windows\SysWOW64\lagarith.dll
2022-06-16 12:25 - 2022-07-04 18:32 - 000000000 ____D C:\Users\hemmp\AppData\Local\CrashDumps
2022-06-16 12:24 - 2022-07-07 13:05 - 000003250 _____ C:\windows\system32\Tasks\Antivirus Emergency Update
2022-06-16 12:24 - 2022-07-07 13:05 - 000002772 _____ C:\windows\system32\Tasks\DivXUpdate
2022-06-16 12:24 - 2022-06-16 12:24 - 000382680 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgbidsdriver.sys
2022-06-16 12:24 - 2022-06-16 12:24 - 000322064 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgVmm.sys
2022-06-16 12:24 - 2022-06-16 12:24 - 000002078 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG AntiVirus FREE.lnk
2022-06-16 12:24 - 2022-06-16 12:24 - 000002066 _____ C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk
2022-06-16 12:24 - 2022-06-16 12:24 - 000000000 ____D C:\windows\system32\Tasks\AVG
2022-06-16 12:24 - 2022-06-16 12:24 - 000000000 ____D C:\Users\hemmp\AppData\Roaming\AVG
2022-06-16 12:24 - 2022-06-16 12:23 - 000857600 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgSnx.sys
2022-06-16 12:24 - 2022-06-16 12:23 - 000662288 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgSP.sys
2022-06-16 12:24 - 2022-06-16 12:23 - 000549112 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgNetHub.sys
2022-06-16 12:24 - 2022-06-16 12:23 - 000271744 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgMonFlt.sys
2022-06-16 12:24 - 2022-06-16 12:23 - 000269168 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\avgBoot.exe
2022-06-16 12:24 - 2022-06-16 12:23 - 000255208 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgbidsh.sys
2022-06-16 12:24 - 2022-06-16 12:23 - 000232800 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgArPot.sys
2022-06-16 12:24 - 2022-06-16 12:23 - 000218736 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgStm.sys
2022-06-16 12:24 - 2022-06-16 12:23 - 000111192 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgRdr2.sys
2022-06-16 12:24 - 2022-06-16 12:23 - 000102624 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgbuniv.sys
2022-06-16 12:24 - 2022-06-16 12:23 - 000086256 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgRvrt.sys
2022-06-16 12:24 - 2022-06-16 12:23 - 000045224 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgKbd.sys
2022-06-16 12:24 - 2022-06-16 12:23 - 000039064 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgArDisk.sys
2022-06-16 12:23 - 2022-06-18 17:59 - 000000000 ____D C:\Users\hemmp\AppData\Roaming\DivX
2022-06-16 12:23 - 2022-06-16 12:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2022-06-16 12:23 - 2022-06-16 12:23 - 000000000 ____D C:\Program Files\Common Files\AVG
2022-06-16 12:23 - 2022-06-16 12:23 - 000000000 ____D C:\Program Files\AVG
2022-06-16 12:22 - 2022-06-20 00:40 - 000000000 ____D C:\ProgramData\AVG
2022-06-16 12:22 - 2022-06-16 12:24 - 000000000 ____D C:\ProgramData\DivX
2022-06-16 12:22 - 2022-06-16 12:24 - 000000000 ____D C:\Program Files (x86)\DivX
2022-06-16 12:22 - 2022-06-16 12:22 - 004076208 _____ (DivX, LLC) C:\Users\hemmp\Downloads\DivXInstaller.exe
2022-06-14 01:24 - 2022-06-14 01:24 - 012951327 _____ C:\Users\hemmp\Downloads\freehra_playboy2003.rar
2022-06-11 22:43 - 2022-06-11 22:43 - 000587013 _____ C:\Users\hemmp\Downloads\eTicket_3906.pdf
2022-06-11 20:47 - 2022-06-11 21:23 - 665786243 _____ C:\Users\hemmp\Downloads\DNA Says Love You E12 END HARDSUB.mp4
2022-06-09 23:48 - 2022-06-10 00:24 - 663868237 _____ C:\Users\hemmp\Downloads\DNA Says Love You E11 HARDSUB (1).mp4
2022-06-09 23:07 - 2022-06-09 23:48 - 663868237 _____ C:\Users\hemmp\Downloads\DNA Says Love You E11 HARDSUB.mp4
2022-06-09 17:06 - 2022-06-09 17:42 - 664470213 _____ C:\Users\hemmp\Downloads\DNA Says Love You E10 HARDSUB.mp4
2022-06-09 16:28 - 2022-06-09 17:04 - 665413833 _____ C:\Users\hemmp\Downloads\DNA Says Love You E09 HARDSUB.mp4
2022-06-09 11:16 - 2022-06-09 11:52 - 663854816 _____ C:\Users\hemmp\Downloads\DNA Says Love You E08 HARDSUB.mp4
2022-06-09 09:22 - 2022-06-09 09:59 - 683085298 _____ C:\Users\hemmp\Downloads\DNA Says Love You E07 HARDSUB.mp4
2022-06-09 08:13 - 2022-06-09 08:50 - 683692646 _____ C:\Users\hemmp\Downloads\DNA Says Love You E06 HARDSUB.mp4
2022-06-08 19:14 - 2022-06-08 19:51 - 683493961 _____ C:\Users\hemmp\Downloads\DNA Says Love You E05 HARDSUB.mp4
2022-06-08 18:16 - 2022-06-08 18:54 - 683176152 _____ C:\Users\hemmp\Downloads\DNA Says Love You E04 HARDSUB.mp4
2022-06-08 16:15 - 2022-06-08 16:53 - 687820300 _____ C:\Users\hemmp\Downloads\DNA Says Love You E03 HARDSUB.mp4
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-07-08 15:04 - 2021-08-18 11:57 - 000000000 ____D C:\Program Files (x86)\Google
2022-07-08 14:44 - 2021-08-09 22:40 - 000000000 ____D C:\Users\hemmp\AppData\Roaming\discord
2022-07-08 14:42 - 2021-08-09 22:40 - 000000000 ____D C:\Users\hemmp\AppData\Local\Discord
2022-07-08 14:35 - 2020-05-06 10:58 - 000000000 ____D C:\windows\system32\SleepStudy
2022-07-08 14:35 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-07-07 23:52 - 2019-12-07 11:14 - 000000000 ____D C:\windows\AppReadiness
2022-07-07 23:51 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-07-07 23:24 - 2020-12-02 03:39 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-07-07 23:24 - 2020-12-02 03:39 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-07-07 13:05 - 2021-12-11 19:20 - 000003058 _____ C:\windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3792546399-3355871787-48867317-1001
2022-07-07 13:05 - 2021-08-18 11:57 - 000003402 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
2022-07-07 13:05 - 2021-08-18 11:57 - 000003178 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore
2022-07-07 13:05 - 2021-08-02 19:58 - 000002854 _____ C:\windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3792546399-3355871787-48867317-1001
2022-07-07 13:05 - 2021-05-14 10:46 - 000002850 _____ C:\windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3792546399-3355871787-48867317-500
2022-07-07 13:05 - 2021-05-14 10:32 - 000002662 _____ C:\windows\system32\Tasks\McAfeeLogon
2022-07-07 13:05 - 2021-05-14 10:31 - 000002646 _____ C:\windows\system32\Tasks\McAfee Remediation (Prepare)
2022-07-07 13:05 - 2020-12-02 03:47 - 000002766 _____ C:\windows\system32\Tasks\HPAudioSwitch
2022-07-07 13:05 - 2020-12-02 03:38 - 000003568 _____ C:\windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-07-07 13:05 - 2020-12-02 03:38 - 000003344 _____ C:\windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-07-07 04:07 - 2021-08-06 19:08 - 000000000 ____D C:\Users\hemmp\Documents\The Witcher 3
2022-07-05 03:05 - 2021-08-18 11:58 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-07-05 03:05 - 2021-08-18 11:58 - 000002213 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-07-04 20:58 - 2020-12-02 12:19 - 000748614 _____ C:\windows\system32\perfh005.dat
2022-07-04 20:58 - 2020-12-02 12:19 - 000161152 _____ C:\windows\system32\perfc005.dat
2022-07-04 20:58 - 2020-05-06 11:03 - 001833340 _____ C:\windows\system32\PerfStringBackup.INI
2022-07-04 20:58 - 2019-12-07 11:13 - 000000000 ____D C:\windows\INF
2022-07-04 18:16 - 2020-12-02 03:48 - 000000000 ____D C:\Program Files\Microsoft Office
2022-07-02 11:43 - 2021-08-29 18:17 - 000021036 _____ C:\Users\hemmp\Documents\Nový textový dokument.txt
2022-07-01 13:12 - 2021-05-14 10:31 - 000000000 ____D C:\Program Files (x86)\McAfee
2022-06-25 12:40 - 2021-05-14 10:22 - 000000000 ____D C:\ProgramData\Packages
2022-06-25 11:40 - 2021-08-02 19:58 - 000000000 ___RD C:\Users\hemmp\OneDrive
2022-06-25 11:40 - 2021-05-14 11:03 - 000002384 _____ C:\Users\hemmp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-06-23 13:42 - 2021-05-14 11:09 - 000000000 __SHD C:\Users\hemmp\IntelGraphicsProfiles
2022-06-20 00:40 - 2021-05-14 11:03 - 000000000 ____D C:\Users\hemmp
2022-06-20 00:40 - 2020-12-02 03:38 - 000000000 ____D C:\Intel
2022-06-20 00:40 - 2020-05-06 10:58 - 000008192 ___SH C:\DumpStack.log.tmp
2022-06-20 00:40 - 2020-05-06 10:58 - 000000006 ____H C:\windows\Tasks\SA.DAT
2022-06-20 00:40 - 2019-12-07 11:14 - 000000000 ____D C:\windows\ServiceState
2022-06-20 00:40 - 2019-12-07 11:03 - 000786432 _____ C:\windows\system32\config\BBI
2022-06-19 05:34 - 2019-12-07 11:03 - 000000000 ____D C:\windows\CbsTemp
2022-06-18 17:58 - 2020-05-06 10:58 - 000551128 _____ C:\windows\system32\FNTCACHE.DAT
2022-06-18 17:57 - 2021-05-14 20:15 - 000000000 ____D C:\windows\HoloShell
2022-06-18 17:57 - 2019-12-07 11:14 - 000000000 ___RD C:\windows\ImmersiveControlPanel
2022-06-18 17:57 - 2019-12-07 11:14 - 000000000 ____D C:\windows\SysWOW64\lv-LV
2022-06-18 17:57 - 2019-12-07 11:14 - 000000000 ____D C:\windows\SysWOW64\lt-LT
2022-06-18 17:57 - 2019-12-07 11:14 - 000000000 ____D C:\windows\SysWOW64\et-EE
2022-06-18 17:57 - 2019-12-07 11:14 - 000000000 ____D C:\windows\SysWOW64\es-MX
2022-06-18 17:57 - 2019-12-07 11:14 - 000000000 ____D C:\windows\SysWOW64\Dism
2022-06-18 17:57 - 2019-12-07 11:14 - 000000000 ____D C:\windows\SystemResources
2022-06-18 17:57 - 2019-12-07 11:14 - 000000000 ____D C:\windows\system32\ShellExperiences
2022-06-18 17:57 - 2019-12-07 11:14 - 000000000 ____D C:\windows\system32\oobe
2022-06-18 17:57 - 2019-12-07 11:14 - 000000000 ____D C:\windows\system32\lv-LV
2022-06-18 17:57 - 2019-12-07 11:14 - 000000000 ____D C:\windows\system32\lt-LT
2022-06-18 17:57 - 2019-12-07 11:14 - 000000000 ____D C:\windows\system32\et-EE
2022-06-18 17:57 - 2019-12-07 11:14 - 000000000 ____D C:\windows\system32\es-MX
2022-06-18 17:57 - 2019-12-07 11:14 - 000000000 ____D C:\windows\system32\Dism
2022-06-18 17:57 - 2019-12-07 11:14 - 000000000 ____D C:\windows\system32\DDFs
2022-06-18 17:57 - 2019-12-07 11:14 - 000000000 ____D C:\windows\bcastdvr
2022-06-18 17:57 - 2019-12-07 11:03 - 000000000 ____D C:\windows\servicing
2022-06-17 05:21 - 2020-05-06 11:01 - 002877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintConfig.dll
2022-06-17 04:59 - 2021-08-06 15:12 - 000000000 ____D C:\windows\system32\MRT
2022-06-17 04:55 - 2021-08-06 15:12 - 145918784 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2022-06-16 12:24 - 2019-12-07 11:14 - 000000000 ___HD C:\windows\ELAMBKUP
2022-06-13 16:49 - 2019-12-07 11:03 - 000032768 _____ C:\windows\system32\config\ELAM
2022-06-09 07:09 - 2021-08-09 22:40 - 000002234 _____ C:\Users\hemmp\Desktop\Discord.lnk
2022-06-09 07:09 - 2021-08-02 20:16 - 000000000 ____D C:\windows\system32\Tasks\Hewlett-Packard
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-07-2022
Ran by hemmp (08-07-2022 15:06:37)
Running from C:\Users\hemmp\AppData\Local\Temp\nsy9616.tmp
Microsoft Windows 10 Home Version 21H2 19044.1766 (X64) (2021-05-14 09:00:00)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3792546399-3355871787-48867317-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3792546399-3355871787-48867317-503 - Limited - Disabled)
Guest (S-1-5-21-3792546399-3355871787-48867317-501 - Limited - Disabled)
hemmp (S-1-5-21-3792546399-3355871787-48867317-1001 - Administrator - Enabled) => C:\Users\hemmp
WDAGUtilityAccount (S-1-5-21-3792546399-3355871787-48867317-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Disabled - Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
FW: McAfee Firewall (Disabled) {A57E80C3-3899-292F-ECD6-209A91801C57}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AVG AntiVirus FREE (HKLM\...\AVG Antivirus) (Version: 22.5.3235 - AVG Technologies)
Basemental Drugs (HKU\S-1-5-21-3792546399-3355871787-48867317-1001\...\{AE33B5C0-AA1E-4984-BF9E-7434A5C8E7E5}}_is1) (Version: 7.13.142 - Basemental GameMods)
Basemental Gangs (HKU\S-1-5-21-3792546399-3355871787-48867317-1001\...\{0CC0B732-CF1A-44E2-8590-07244DDBA53E}}_is1) (Version: 6.18.55 - Basemental GameMods)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.76.1091 - AB Team, d.o.o.)
Discord (HKU\S-1-5-21-3792546399-3355871787-48867317-1001\...\Discord) (Version: 0.0.310 - Discord Inc.)
DivX Setup (HKLM\...\DivX Setup) (Version: 10.8.9.0 - DivX, LLC)
ExpressVPN (HKLM-x32\...\{E5B9C3E5-889C-4F22-A959-F4B8468D8835}) (Version: 7.12.1.4 - ExpressVPN) Hidden
ExpressVPN (HKLM-x32\...\{ebd248cd-b3ef-4e14-b91a-d626fa5c392a}) (Version: 7.12.1.4 - ExpressVPN)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 103.0.5060.114 - Google LLC)
HP Audio Switch (HKLM-x32\...\{3A5141D4-47DB-4302-9B1C-272BE585BC8A}) (Version: 1.0.179.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.17.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
I-Doser 4.50 (HKLM-x32\...\I-Doser 4.50) (Version: - )
K-Lite Mega Codec Pack 11.9.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.9.0 - KLCP)
KMPlayer 64X (remove only) (HKLM\...\KMPlayer 64X) (Version: 2022.2.25.13 - PandoraTV)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0 R37 - McAfee, LLC)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.15225.20288 - Microsoft Corporation)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.15225.20288 - Microsoft Corporation)
Microsoft 365 - sk-sk (HKLM\...\O365HomePremRetail - sk-sk) (Version: 16.0.15225.20288 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 103.0.1264.49 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 103.0.1264.44 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3792546399-3355871787-48867317-1001\...\OneDriveSetup.exe) (Version: 22.121.0605.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29016 (HKLM-x32\...\{40d3fee2-b257-46c2-bdc0-cb1088d97327}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.27.29016 (HKLM-x32\...\{1aaa01ad-3069-4288-9c6f-37a140a8f6c7}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.27.29016 (HKLM\...\{F07B1E25-5670-4556-9C7F-5A1966C83269}) (Version: 14.27.29016 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.27.29016 (HKLM\...\{E493B8F4-E300-43EC-95D0-BDF3711297EA}) (Version: 14.27.29016 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.27.29016 (HKLM-x32\...\{5CD4E357-9ED6-42AC-B654-F1FC21DD60C9}) (Version: 14.27.29016 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.27.29016 (HKLM-x32\...\{E2C131AD-D30F-4D67-ACE9-B3D485E84DA8}) (Version: 14.27.29016 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15330.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15330.20196 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13127.20616 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13127.20616 - Microsoft Corporation) Hidden
Seznam Software (HKU\S-1-5-21-3792546399-3355871787-48867317-1001\...\SeznamInstall) (Version: 2.1.35 - Seznam.cz)
The Sims 3 Ultimate Collection verze 1.67.2 (HKLM-x32\...\The Sims 3 Ultimate Collection_is1) (Version: 1.67.2 - EA Games)
The Sims 4 (HKLM-x32\...\The Sims 4_is1) (Version: - )
The Witcher 3: Wild Hunt - Game of the Year Edition (HKLM-x32\...\1495134320_is1) (Version: 1.32 - GOG.com)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.00 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.726 - McAfee, LLC)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Packages:
=========
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2815.0_x64__343d40qqvtj1t [2022-01-30] (Amazon.com)
AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.51091.0_x64__8wekyb3d8bbwe [2022-05-17] (Microsoft Corporation)
Booking.com EMEA: Big savings on hotels in 96,000 destinations worldwide -> C:\Program Files\WindowsApps\PricelinePartnerNetwork.Booking.comEMEABigsavingso_2.0.5.0_x64__mgae2k3ys4ra0 [2022-01-30] (Priceline Partner Network)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.8.0_x64__xbfy0k16fey96 [2022-03-23] (Dropbox Inc.)
Energy Star -> C:\Program Files\WindowsApps\AD2F1837.HPInc.EnergyStar_1.2.0.0_x64__v10z8vjag6ke6 [2021-05-14] (HP Inc.)
HP Audio Center -> C:\Program Files\WindowsApps\AD2F1837.HPAudioCenter_1.15.226.0_x64__v10z8vjag6ke6 [2021-05-14] (HP Inc.)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_1.8.1.0_x64__v10z8vjag6ke6 [2022-03-10] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.0.42.0_x64__v10z8vjag6ke6 [2022-01-30] (HP Inc.)
HP QuickDrop -> C:\Program Files\WindowsApps\AD2F1837.HPQuickDrop_2.5.10203.0_x64__v10z8vjag6ke6 [2022-06-04] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_136.1.269.0_x64__v10z8vjag6ke6 [2022-04-27] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.18.43.0_x64__v10z8vjag6ke6 [2022-07-01] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.2.15.0_x64__v10z8vjag6ke6 [2022-01-23] (HP Inc.)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1026.0_x64__8j3eq9eme6ctt [2022-04-04] (INTEL CORP)
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy [2022-01-30] (McAfee LLC.)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.5310.0_x64__8wekyb3d8bbwe [2022-06-07] (Microsoft Studios) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_52.10620.425.0_x64__8wekyb3d8bbwe [2022-07-05] (Microsoft Corporation)
myHP -> C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53228.0_x64__v10z8vjag6ke6 [2022-06-17] (0)
myHP -> C:\Program Files\WindowsApps\AD2F1837.myHP_6.52219.341.0_x64__v10z8vjag6ke6 [2022-06-17] (HP Inc.) [Startup Task]
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt [2022-04-20] (INTEL CORP) [Startup Task]
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.4.4.0_x64__kx24dqmazqk8j [2022-01-30] (Random Salad Games LLC)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0 [2022-06-25] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\windows\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_b840211aa1b1b9ff\OptaneShellExt.dll [2020-10-21] (Intel(R) Rapid Storage Technology -> )
ShellIconOverlayIdentifiers: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ShellIconOverlayIdentifiers-x32: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [DivXShellExtensionItem] -> {48A8A3B0-57E8-4F2B-A49D-19E02B92377B} => C:\Program Files (x86)\Common Files\DivX Shared\DivXShellExtension64.dll [2018-10-09] (DivX, LLC -> DivX, LLC)
ContextMenuHandlers1: [DivXShellExtensionItem64] -> {6B49A276-0DBA-43F4-BC96-A841AD11B40B} => C:\Program Files (x86)\Common Files\DivX Shared\DivXShellExtension64.dll [2018-10-09] (DivX, LLC -> DivX, LLC)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2021-08-22] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\windows\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_b840211aa1b1b9ff\OptaneShellExt.dll [2020-10-21] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2022-06-16] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2021-08-22] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.LAGS] => C:\windows\system32\lagarith.dll [148992 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\windows\system32\x264vfw64.dll [3571200 2015-02-28] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\windows\system32\xvidvfw.dll [309248 2015-12-18] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3591680 2015-02-28] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [282112 2015-12-18] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Trials.lnk -> C:\Program Files (x86)\Online Services\Adobe\WizLink.exe () -> hxxp://js.redirect.hp.com/jumpstation?type=103&RedeemCode=XWG8TK9Ra8EZ3XZx%2bwmd30DKk67n3jpft%2fpCWyY56PBmMS3gJE1mlN4wWb9WB1ycC0%2bBYHGPxF3k2WyW3dO7zbPNLRT663cWZantFwavwlNa6g52OSApBIAHZeCF%2bK2Xtmiyaa20Q8EklEVoMy1DwyOiXO%2f6pPYL%2fymzL6DCzcE%3d
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass.lnk -> C:\Program Files (x86)\Online Services\LastPass\WizLink.exe () -> hxxp://js.redirect.hp.com/jumpstation?bd=lastpass&c=*&locale=*&pf=*&s=*&tp=edge
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Utomik - Play over 1000 games.lnk -> C:\Program Files (x86)\Online Services\Utomik\WizLink.exe () -> hxxps://www.utomik.com/hp_desktop
==================== Loaded Modules (Whitelisted) =============
2020-12-02 03:42 - 2020-12-02 03:42 - 001165824 _____ () [File not signed] C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\e_sqlite3.dll
2022-06-21 16:50 - 2022-06-21 16:50 - 000138240 _____ () [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\4a3769626565d5b38994a350ecd077f7\Interop.IWshRuntimeLibrary.ni.dll
2022-06-21 16:49 - 2022-06-21 16:49 - 000134656 _____ (hardcodet.net) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\e8c0202b75b88f80a49b29ee7dd59c05\Hardcodet.Wpf.TaskbarNotification.ni.dll
2021-05-14 10:29 - 2021-05-14 10:29 - 000014336 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.2.15.0_x64__v10z8vjag6ke6\SystemEventUtility\NativeRpcClient.DLL
2022-04-20 15:19 - 2022-04-20 15:19 - 042859520 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\IGCC.dll
2022-06-21 16:50 - 2022-06-21 16:50 - 001701888 _____ (Mark Heath & Contributors) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\NAudio\0346d007fe845aca86073384bc6faa0d\NAudio.ni.dll
2021-11-14 21:09 - 2021-11-14 21:09 - 016742912 _____ (McAfee LLC) [File not signed] C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.dll
2022-06-21 16:50 - 2022-06-21 16:50 - 003060736 _____ (Newtonsoft) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\ffa925098478e9512799d9bdb2fcb126\Newtonsoft.Json.ni.dll
2022-06-21 16:49 - 2022-06-21 16:49 - 000793088 _____ (The Apache Software Foundation) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\log4net\5ce59cbc54a4f8e4c7cca616c9ee2d63\log4net.ni.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\avgSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
SearchScopes: HKLM -> {436D9B53-4B31-4945-ACF7-1A4B569C7902} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {436D9B53-4B31-4945-ACF7-1A4B569C7902} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-3792546399-3355871787-48867317-1001 -> {436D9B53-4B31-4945-ACF7-1A4B569C7902} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2022-06-17] (McAfee, LLC -> McAfee, LLC)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2022-05-31] (HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-07-04] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2022-06-17] (McAfee, LLC -> McAfee, LLC)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2022-05-31] (HP Inc. -> HP Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-07-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-07-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-07-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-07-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-07-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-07-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-07-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-07-04] (Microsoft Corporation -> Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2021-08-22] (McAfee, LLC -> McAfee, LLC)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2021-08-22] (McAfee, LLC -> McAfee, LLC)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2021-09-22 12:53 - 000002192 _____ C:\windows\system32\drivers\etc\hosts
109.94.209.70 fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 fitgirlrepack.games # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 www.fitgirlrepack.games # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repack.net # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site
109.94.209.70 fitgirlpack.site # Fake FitGirl site
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3792546399-3355871787-48867317-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\hemmp\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{F45DC0AC-E979-44BB-B9F9-BBAE2B56CDC3}] => (Allow) C:\Program Files (x86)\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{24B82088-66C6-4575-BD15-519ECE877125}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{173FB6C9-9CC0-4640-A52A-3943CE0AC795}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [TCP Query User{A0237CA3-05C3-4EA6-9EB2-A11A7F55BD87}C:\games\the sims 4\game\bin\ts4_x64.exe] => (Block) C:\games\the sims 4\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [UDP Query User{ABC4854C-34D2-4C46-B197-A6345D90E1DD}C:\games\the sims 4\game\bin\ts4_x64.exe] => (Block) C:\games\the sims 4\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{39E56E28-50F3-44FC-9D34-34DBBC47BFDF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{08A41440-A3B2-483A-94F9-DF071DF46122}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{8C4338E4-F894-4D76-864B-808F344336F8}] => (Block) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{A161B331-E713-4B56-85D4-B3A9DCA3060D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{01188F80-5EBA-40F7-874E-2649A781AAB0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1E275531-643E-4526-B971-181491D90E63}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5ABE7A44-38EF-4D1D-A5F7-B112388DF916}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{36FA3FF1-6B8A-4236-A264-E1E90557DCC9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B1578B02-C193-4D94-B27F-543D965CCD2A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{88C3641F-E360-4787-910B-C3AAFB7DA987}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{66A804B4-658F-4579-AD93-65D332D62F87}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3F555B30-4F54-456F-B272-E0FB0A24CC04}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{79387ED4-6D1E-44A8-AE6F-DACB31205611}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{483FAE29-75BE-4B94-ACF8-A56DE8E7D6D9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1DDC012D-5EC3-4208-A082-D3A191459DBC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{74054E4C-B0C3-49F7-A03B-45D3E4738074}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\103.0.1264.44\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CF8648A7-E8AA-471F-8342-705272AE474E}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
05-07-2022 19:32:31 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (07/04/2022 06:32:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GalaxyOverlay.exe, verze: 2.0.8.28, časové razítko: 0x62665951
Název chybujícího modulu: VCRUNTIME140.dll, verze: 14.29.30135.0, časové razítko: 0x612d902b
Kód výjimky: 0xc0000005
Posun chyby: 0x000032ae
ID chybujícího procesu: 0x7cb0
Čas spuštění chybující aplikace: 0x01d88fc3a2002831
Cesta k chybující aplikaci: C:\ProgramData\GOG.com\Galaxy\redists\overlay\GalaxyOverlay.exe
Cesta k chybujícímu modulu: C:\windows\SYSTEM32\VCRUNTIME140.dll
ID zprávy: 1d1bb7f0-2713-4419-854b-64954e13e6c2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/01/2022 03:12:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AppHelperCap.exe, verze: 1.44.3002.0, časové razítko: 0x628e7924
Název chybujícího modulu: AppHelperCap.exe, verze: 1.44.3002.0, časové razítko: 0x628e7924
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000001c6c8
ID chybujícího procesu: 0x3f30
Čas spuštění chybující aplikace: 0x01d88d3b96634aed
Cesta k chybující aplikaci: C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_b7ebf8cfcf460a6c\x64\AppHelperCap.exe
Cesta k chybujícímu modulu: C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_b7ebf8cfcf460a6c\x64\AppHelperCap.exe
ID zprávy: 0f9f28e6-00c2-4d52-8977-1ab81d577118
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (06/17/2022 05:55:18 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program HPBackgroundProcess.exe verze 1.0.0.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 3260
Čas spuštění: 01d87f34c8f6edc4
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53228.0_x64__v10z8vjag6ke6\win32\HPBackgroundProcess.exe
ID hlášení: 4fff67cd-bd45-4e07-b1a3-8eb7d9bb5c7e
Úplný název balíčku s chybou: AD2F1837.myHP_1.10.53228.0_x64__v10z8vjag6ke6
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (06/16/2022 12:29:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Playboy2003.exe, verze: 0.0.0.0, časové razítko: 0x2a425e19
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1706, časové razítko: 0x40a40d01
Kód výjimky: 0x0eedfade
Posun chyby: 0x0012c3a2
ID chybujícího procesu: 0x2948
Čas spuštění chybující aplikace: 0x01d8816bfd8be406
Cesta k chybující aplikaci: C:\Users\hemmp\AppData\Local\Temp\Rar$EXa19096.3525\Playboy2003.exe
Cesta k chybujícímu modulu: C:\windows\System32\KERNELBASE.dll
ID zprávy: 46010ea1-0f94-4917-a271-043e04708ebe
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (06/16/2022 12:26:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Playboy2003.exe, verze: 0.0.0.0, časové razítko: 0x2a425e19
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1706, časové razítko: 0x40a40d01
Kód výjimky: 0x0eedfade
Posun chyby: 0x0012c3a2
ID chybujícího procesu: 0x49f8
Čas spuštění chybující aplikace: 0x01d8816b78afba69
Cesta k chybující aplikaci: C:\Users\hemmp\AppData\Local\Temp\Rar$EXa19096.29996\Playboy2003.exe
Cesta k chybujícímu modulu: C:\windows\System32\KERNELBASE.dll
ID zprávy: 2c1c6c9e-ed58-49a1-bfb7-0734285678d5
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (06/16/2022 12:25:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Playboy2003.exe, verze: 0.0.0.0, časové razítko: 0x2a425e19
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1706, časové razítko: 0x40a40d01
Kód výjimky: 0x0eedfade
Posun chyby: 0x0012c3a2
ID chybujícího procesu: 0x4b00
Čas spuštění chybující aplikace: 0x01d8816b5f74d9e9
Cesta k chybující aplikaci: C:\Users\hemmp\AppData\Local\Temp\Rar$EXa19072.27091\Playboy 2003\Playboy2003.exe
Cesta k chybujícímu modulu: C:\windows\System32\KERNELBASE.dll
ID zprávy: e9a16146-e430-4859-8e62-307dc343274e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (06/16/2022 12:20:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Playboy2003.exe, verze: 0.0.0.0, časové razítko: 0x2a425e19
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1706, časové razítko: 0x40a40d01
Kód výjimky: 0x0eedfade
Posun chyby: 0x0012c3a2
ID chybujícího procesu: 0x3844
Čas spuštění chybující aplikace: 0x01d8816aa38f0bb8
Cesta k chybující aplikaci: C:\Users\hemmp\AppData\Local\Temp\Rar$EXa19072.45030\Playboy 2003\Playboy2003.exe
Cesta k chybujícímu modulu: C:\windows\System32\KERNELBASE.dll
ID zprávy: bc6cf3ca-6e5a-4323-a0fc-9f333890300a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (06/14/2022 01:28:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Playboy2003.exe, verze: 0.0.0.0, časové razítko: 0x2a425e19
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1706, časové razítko: 0x40a40d01
Kód výjimky: 0x0eedfade
Posun chyby: 0x0012c3a2
ID chybujícího procesu: 0x3ae0
Čas spuštění chybující aplikace: 0x01d87f7d483db9a7
Cesta k chybující aplikaci: C:\Users\hemmp\AppData\Local\Temp\Rar$EXa11356.5651\Playboy2003.exe
Cesta k chybujícímu modulu: C:\windows\System32\KERNELBASE.dll
ID zprávy: fdc74b38-4420-4668-80a3-46076fbc7774
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (07/06/2022 10:59:23 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-J664RDVR)
Description: Server {D18705BE-FC2F-44C8-AEFF-1CD49AEA8FC1} se v daném časovém limitu neregistroval u služby DCOM.
Error: (07/06/2022 10:57:23 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-J664RDVR)
Description: Server {D18705BE-FC2F-44C8-AEFF-1CD49AEA8FC1} se v daném časovém limitu neregistroval u služby DCOM.
Error: (07/04/2022 06:13:41 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Error: (07/04/2022 02:23:44 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: Vzájemné ověření mezi místním adaptérem Bluetooth a zařízením s adresou adaptéru Bluetooth (e4:19:c1:f9:86:1b) se nezdařilo.
Error: (07/04/2022 02:20:09 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: Vzájemné ověření mezi místním adaptérem Bluetooth a zařízením s adresou adaptéru Bluetooth (e4:19:c1:f9:86:1b) se nezdařilo.
Error: (07/01/2022 03:12:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP App Helper HSA Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.
Error: (06/18/2022 05:58:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba AppXSvc závisí na službě StateRepository, která neuspěla při spuštění v důsledku následující chyby:
Operace byla dokončena úspěšně.
Error: (06/18/2022 05:57:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Audiosrv neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.
Windows Defender:
================
Date: 2022-06-14 00:48:27
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUADlManager:Win32/Seznam
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\hemmp\Downloads\Playboy2003.exe; webfile:_C:\Users\hemmp\Downloads\Playboy2003.exe|https://dl.slunecnice.cz/lista/win/p/Pl ... 0005545216
Původ detekce: Internet
Typ detekce: Konkrétní
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: LAPTOP-J664RDVR\hemmp
Název procesu: C:\Program Files\Google\Chrome\Application\chrome.exe
Verze bezpečnostních informací: AV: 1.367.1486.0, AS: 1.367.1486.0, NIS: 1.367.1486.0
Verze modulu: AM: 1.1.19200.6, NIS: 1.1.19200.6
Date: 2022-06-14 00:46:48
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUADlManager:Win32/Seznam
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\hemmp\Downloads\Playboy2003.exe; webfile:_C:\Users\hemmp\Downloads\Playboy2003.exe|https://dl.slunecnice.cz/lista/win/p/Pl ... 0005545216
Původ detekce: Internet
Typ detekce: Konkrétní
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: LAPTOP-J664RDVR\hemmp
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.367.1486.0, AS: 1.367.1486.0, NIS: 1.367.1486.0
Verze modulu: AM: 1.1.19200.6, NIS: 1.1.19200.6
Date: 2022-06-11 21:30:37
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {6992B980-8CE1-4521-A9D4-D4972E59DC6F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-06-08 16:25:32
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F9F4F6E7-8A82-4021-AB7A-BAB2569D730F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-06-07 14:32:18
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {8847A2FB-339C-4936-BFAF-BF606A724721}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
CodeIntegrity:
===============
Date: 2022-07-08 15:06:40
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2022-07-08 15:06:40
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: AMI F.25 03/09/2022
Motherboard: HP 86C9
Processor: Intel(R) Core(TM) i5-1035G1 CPU @ 1.00GHz
Percentage of memory in use: 88%
Total physical RAM: 7880.73 MB
Available physical RAM: 937.99 MB
Total Virtual: 21148.64 MB
Available Virtual: 5635.7 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:476.13 GB) (Free:9.5 GB) (Model: INTEL SSDPEKNW512G8H) NTFS
\\?\Volume{22a01628-5552-4fed-9d1e-13fa4b38ba4b}\ (Windows RE tools) (Fixed) (Total:0.53 GB) (Free:0.06 GB) NTFS
\\?\Volume{f4a1a17b-8888-4179-a21e-cfaa9518f537}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 67B16628)
Partition: GPT.
==================== End of Addition.txt =======================