Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosim o kontrolu notebooku

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Swifty14
Návštěvník
Návštěvník
Příspěvky: 3
Registrován: 13 lis 2022 19:08

Prosim o kontrolu notebooku

#1 Příspěvek od Swifty14 »

Dobrý večer, chcem Vás poprosiť o kontrolu notebooku.
Prikladám log z FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-11-2022
Ran by PC (administrator) on DESKTOP-5KFCUQI (HP OMEN by HP Laptop 15-dc0xxx) (13-11-2022 19:11:32)
Running from C:\Users\PC\Desktop
Loaded Profiles: PC
Platform: Microsoft Windows 10 Home Version 21H2 19044.2251 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files\LGHUB\lghub.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(cmd.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe
(Discord Inc. -> Discord Inc.) C:\Users\PC\AppData\Local\Discord\app-1.0.9007\Discord.exe <6>
(DriverStore\FileRepository\cui_dc_comp.inf_amd64_1c77f1231c19bc72\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dc_comp.inf_amd64_1c77f1231c19bc72\igfxEM.exe
(explorer.exe ->) () [File not signed] C:\Program Files (x86)\Glorious Model D Software\OemDrv.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <77>
(explorer.exe ->) (Charles Milette) C:\Program Files\WindowsApps\28017CharlesMilette.TranslucentTB_2021.5.0.0_x64__v826wp6bftszj\TranslucentTB.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <3>
(explorer.exe ->) (ResolveDevOps Limited -> ResolveDevOps Limited) C:\Users\PC\AppData\Roaming\ProductAuthenticationService\pas.exe
(explorer.exe ->) (Sam G) C:\Program Files\WindowsApps\32669SamG.ModernFlyouts_0.9.3.0_x64__pcy8vm99wrpcg\ModernFlyoutsHost.exe
(explorer.exe ->) (Softdeluxe) [File not signed] D:\Nový priečinok\fdm.exe
(explorer.exe ->) (Spotify AB -> Spotify Ltd) C:\Users\PC\AppData\Roaming\Spotify\Spotify.exe <6>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Safer-Networking Limited -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Conexant Systems LLC -> Conexant Systems LLC.) C:\Windows\System32\CxAudioSvc.exe
(services.exe ->) (Conexant Systems LLC -> Synaptics Incorporated.) C:\Windows\System32\SynAudSrv.exe
(services.exe ->) (DTS, Inc. -> ) C:\Windows\System32\DTS\PC\APO3x\DTSAPO3Service.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_970b3aa928c32e35\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f0454c515430e99a\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f0454c515430e99a\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f0454c515430e99a\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f0454c515430e99a\x64\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_3e1a713e1f6bc37c\x64\OmenCap\OmenCap.exe
(services.exe ->) (Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_82b77f8c4618e2d0\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dc_comp.inf_amd64_1c77f1231c19bc72\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dc_base.inf_amd64_04dfefe2ba7fe997\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dc_base.inf_amd64_04dfefe2ba7fe997\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_6ca78a08b838e305\RstMwService.exe
(services.exe ->) (Intel(R) System Usage Report -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_7.70.13002.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_7.70.13002.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_7ad51eaed51fa716\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (Safer-Networking Limited -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(services.exe ->) (Safer-Networking Limited -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(services.exe ->) (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(sihost.exe ->) (HP Inc.) C:\Program Files\WindowsApps\33C30B79.HyperXNGenuity_5.14.0.0_x64__0a78dr3hq0pvt\Assets\Native\NGenuity2Helper.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [878368 2019-05-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [212184 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3071192 2022-08-17] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-09-27] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (No File)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5204968 2021-11-16] (Safer-Networking Limited -> Safer-Networking Ltd.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\Run: [Steam] => c:\program files (x86)\steam\steam.exe [4234088 2022-10-19] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38789456 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\Run: [Discord] => C:\Users\PC\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\PC\AppData\Local\Microsoft\Teams\Update.exe [2453704 2021-03-28] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\Run: [ProductAuthenticationService] => C:\Users\PC\AppData\Roaming\ProductAuthenticationService\pas.exe [1004072 2021-03-29] (ResolveDevOps Limited -> ResolveDevOps Limited) <==== ATTENTION
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\Run: [SteamServerBrowser] => C:\Users\PC\AppData\Roaming\SteamServerBrowser\SteamServerBrowser.exe [289304 2021-04-27] (Lyrha Software Technologies Inc. -> )
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody7\Bloody7\Bloody7.exe [19903800 2021-07-27] (A FOUR TECH CO., LTD. -> )
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\Run: [Salad] => "C:\Program Files\Salad\Salad.exe" (No File)
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\Run: [Overwolf] => D:\Overwolf\OverwolfLauncher.exe -overwolfsilent (No File)
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\Run: [electron.app.SquadOV] => C:\Users\PC\AppData\Local\Programs\squadov_client_ui\SquadOV.exe --hidden (No File)
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\Run: [Medal] => C:\Users\PC\AppData\Local\Medal\update.exe [1901144 2022-03-25] (Ferox Games B.V. -> )
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [152025856 2022-10-28] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\Run: [Free Download Manager] => D:\Nový priečinok\fdm.exe [5654016 2022-08-18] (Softdeluxe) [File not signed]
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\Run: [Spotify] => C:\Users\PC\AppData\Roaming\Spotify\Spotify.exe [20232568 2022-11-12] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\MountPoints2: {71e01f76-1491-11ec-89ae-983b8f6c6479} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\MountPoints2: {71e021d4-1491-11ec-89ae-983b8f6c6479} - "E:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\HP1020PrintProc: C:\Windows\System32\spool\prtprocs\x64\pphp1020.dll [65024 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HPLJ1020LM: C:\Windows\system32\zlhp1020.dll [192512 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\107.0.5304.107\Installer\chrmstp.exe [2022-11-11] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\107.1.45.123\Installer\chrmstp.exe [2022-11-11] (Brave Software, Inc. -> Brave Software, Inc.)
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2021-09-29]
ShortcutTarget: Rainmeter.lnk -> D:\Rainmeter.exe (No File)
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ThrottleStop – odkaz.lnk [2021-03-24]
ShortcutTarget: ThrottleStop – odkaz.lnk -> C:\ThrottleStop_9.3\ThrottleStop.exe (TechPowerUp LLC -> uWebb Software)
BootExecute: autocheck autochk * sdnclean64.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0852C903-B1E7-44A9-BD41-8A48A0255961} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342080 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {1ED9A6F7-B527-4137-B067-2F27F2F69E22} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-05-24] (Avast Software s.r.o. -> Avast Software)
Task: {2E8AD2B9-DB5A-455C-9618-54EC8FFA6A07} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646344 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {3B919DCB-C795-422C-AF63-3BEFEDCB2C88} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4936920 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
Task: {46C4F992-DD40-456B-9E11-5C41E32C7E25} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [930960 2022-05-11] (HP Inc. -> HP Inc.)
Task: {56A27047-4681-47CD-9BC3-486007410385} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-10-20] (Piriform Software Ltd -> Piriform)
Task: {5865F3B5-9FDA-4F9C-A860-6D21ED851ED4} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore{EDD0C207-1C45-448F-8A0F-4E4ECB69DD7B} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174968 2022-11-11] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {629EA3CF-1711-4C38-9712-4C730A7E4C83} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [3978504 2021-07-29] (Easeware Technology Limited -> Easeware)
Task: {65AB8FA1-6B06-41E2-B0B8-10C1C2F0BD56} - System32\Tasks\Overwolf Updater Task => D:\Overwolf\OverwolfUpdater.exe /RunningFrom Schedule (No File)
Task: {6929F85E-B085-44A8-A40D-940A4B5ECF98} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA{EA44E20C-BCDE-4902-AD25-405816F84DE1} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174968 2022-11-11] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {6A43A4D8-8C5C-460C-9774-E7BCC5149B2A} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3074176 2021-04-15] (Intel(R) System Usage Report -> Intel Corporation)
Task: {72D074A7-B24D-4DAF-B269-D4229B1C5DBB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-27] (Google LLC -> Google LLC)
Task: {81269C2F-A2B1-4E1A-8273-C772ACB1887F} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {8D7D18C0-8D99-45EE-9653-7154ABB53DF8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136304 2021-03-30] (HP Inc. -> HP Inc.)
Task: {9659A028-5AD1-4939-A931-ADD2067CC32F} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {9D4C2D71-F72C-4967-98E5-2FE34B418E60} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [6093928 2021-12-20] (Safer-Networking Limited -> Safer-Networking Ltd.)
Task: {A1898B5B-DB2C-412C-8C43-DB21C68A805F} - System32\Tasks\LightStudioHelper => C:\Program Files\HP\LightStudioHelper\LightStudioHelper.exe [26248 2021-03-27] (HP Inc. -> HP Inc.)
Task: {A1EC9422-EAF5-49FE-9A34-0C94E64D1040} - System32\Tasks\ParkControl => C:\Program Files\ParkControl\parkcontrol.exe [542976 2021-11-21] (Bitsum Technologies (Bitsum LLC) -> Bitsum LLC)
Task: {ABCE889C-5E1C-473D-8648-AF2F55E201C6} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {B219C4D4-CEE2-439B-B211-99682FD7F244} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater – Install HPSA => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [930960 2022-05-11] (HP Inc. -> HP Inc.)
Task: {B976CEBE-9B60-446B-904B-CB73B45BBD4F} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe --cistrayUI (No File)
Task: {C88A1DD2-C01B-4E15-BD06-5D37EBAEC240} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-27] (Google LLC -> Google LLC)
Task: {C9C67DB9-BD0E-41C8-948F-A7AB9D63BF5C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [5629064 2021-11-23] (Safer-Networking Limited -> Safer-Networking Ltd.)
Task: {D3C5A8E5-DAFA-4006-81F7-6A0414038198} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "dd8a3f9a-bc4d-4b4a-8d8f-5e1ad638d84b" --version "6.05.10110" --silent
Task: {D9371033-FF28-44E6-A4FF-AF75502BF6AD} - System32\Tasks\CCleanerSkipUAC - PC => C:\Program Files\CCleaner\CCleaner.exe [32472400 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {DA4CA902-16A7-42AE-BFA9-C2C0029A90E0} - System32\Tasks\ThrottleStop => C:\ThrottleStop_9.3\ThrottleStop.exe [3903904 2021-03-24] (TechPowerUp LLC -> uWebb Software)
Task: {E102283B-72E0-4EE2-B9CF-B52D6F0245DC} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3074176 2021-04-15] (Intel(R) System Usage Report -> Intel Corporation)
Task: {E42C9CB3-175F-4DBE-AD37-0127D2126399} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {E6A72E18-A14E-4A18-B8B3-F949E92DCDB4} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {F2A9DFA4-243C-4653-8FB8-8EA6B36CE88E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [5363552 2021-11-16] (Safer-Networking Limited -> Safer-Networking Ltd.)
Task: {F4B2E43C-8975-483D-BB3F-140C24A2DE8A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {FA71D4FB-0CF5-4007-8828-DFA3FC543F17} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1654272 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {FC35017C-536F-497A-BEB5-5E87FBCA57FE} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-01] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {FDC44496-80F0-4888-83FD-5513FF95188F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906752 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\Windows\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 217.23.254.124 217.23.254.125
Tcpip\..\Interfaces\{2264d6bb-b2cd-4762-a0ff-1ee88b5dc1fa}: [DhcpNameServer] 217.23.254.124 217.23.254.125

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\PC\AppData\Local\Microsoft\Edge\User Data\Default [2022-11-13]

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.311.2 -> C:\Program Files\Java\jre1.8.0_311\bin\dtplugin\npDeployJava1.dll [2021-12-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.311.2 -> C:\Program Files\Java\jre1.8.0_311\bin\plugin2\npjp2.dll [2021-12-04] (Oracle America, Inc. -> Oracle Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default [2022-11-13]
CHR Notifications: Default -> hxxps://meet.google.com
CHR Session Restore: Default -> is enabled.
CHR Extension: (McAfee® WebAdvisor) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2022-09-01]
CHR Extension: (Flash Player +) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnipglnbhfacfmefbgiiodalehbcgcbm [2022-03-09]
CHR Extension: (Return YouTube Dislike) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebbhagfogifgggkldgodflihgfeippi [2022-09-23]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-27]
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-11-08]
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-11-13]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2022-11-13]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-08]
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2 [2022-11-13]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2022-11-13]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-11-13]
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\System Profile [2022-11-13]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

Brave:
=======
BRA Profile: C:\Users\PC\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2022-11-11]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8539152 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [592600 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [592600 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-06-01] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8885112 2022-05-18] (BattlEye Innovations e.K. -> )
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174968 2022-11-11] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174968 2022-11-11] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 dcsvc; C:\Windows\system32\dcsvc.dll [785408 2022-11-09] (Microsoft Windows -> Microsoft Corporation)
R2 DTSAPO3Service; C:\Windows\System32\DTS\PC\APO3x\DTSAPO3Service.exe [207472 2019-05-23] (DTS, Inc. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2022-06-25] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [584680 2022-08-01] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 FACEITService; D:\FACEIT AC\faceitservice.exe [26209168 2022-08-29] (FACE IT LIMITED -> )
R2 HPAppHelperCap; C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f0454c515430e99a\x64\AppHelperCap.exe [786888 2022-09-28] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f0454c515430e99a\x64\DiagsCap.exe [785896 2022-09-28] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f0454c515430e99a\x64\NetworkCap.exe [782296 2022-09-28] (HP Inc. -> HP Inc.)
R2 HPOmenCap; C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_3e1a713e1f6bc37c\x64\OmenCap\OmenCap.exe [775168 2022-09-02] (HP Inc. -> HP Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-11-26] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f0454c515430e99a\x64\SysInfoCap.exe [786392 2022-09-28] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_970b3aa928c32e35\x64\TouchpointAnalyticsClientService.exe [493680 2022-09-28] (HP Inc. -> HP Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2021-06-03] (Huawei Technologies Co., Ltd. -> ) [File not signed]
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10097408 2022-10-28] (Logitech Inc -> Logitech, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8879024 2022-11-13] (Malwarebytes Inc. -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [860640 2022-11-11] (McAfee, LLC -> McAfee, LLC)
S3 Rockstar Service; D:\GTAV\RockstarService.exe [2718048 2022-09-28] (Rockstar Games, Inc. -> Rockstar Games)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2782080 2021-11-16] (Safer-Networking Limited -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4605312 2021-11-16] (Safer-Networking Limited -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [940976 2019-09-04] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10450928 2022-08-17] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 BraveElevationService; "C:\Program Files\BraveSoftware\Brave-Browser\Application\107.1.45.123\elevation_service.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_7ad51eaed51fa716\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_7ad51eaed51fa716\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S3 OverwolfUpdater; "D:\Overwolf\OverwolfUpdater.exe" /RunningFrom SCM [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [42304 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [238152 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [390096 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [306128 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [105936 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [25576 2022-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [48512 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [276520 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [564304 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [114464 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [90008 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [862936 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [672272 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [221944 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [327896 2022-11-01] (Avast Software s.r.o. -> AVAST Software)
S3 atvi-brynhildr; C:\ProgramData\Battle.net_components\brynhildr_odin\brynhildr.sys [2355952 2021-12-16] (Activision Publishing Inc -> Activision Blizzard, Inc.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2022-11-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18944 2021-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 FACEIT; C:\Windows\System32\Drivers\FACEIT.sys [16576040 2022-08-29] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 HPCustomCapDriver; C:\Windows\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.)
R3 HPOmenCustomCapDriver; C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapdriver.inf_amd64_326f2e1d16385daf\x64\hpomencustomcapdriver.sys [33464 2018-12-19] (HP Inc. -> HP Inc.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2021-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
R3 logi_joy_bus_enum; C:\Windows\system32\drivers\logi_joy_bus_enum.sys [44880 2022-09-24] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\Windows\system32\drivers\logi_joy_vir_hid.sys [32080 2022-09-24] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\Windows\system32\drivers\logi_joy_xlcore.sys [73040 2022-09-24] (Logitech Inc -> Logitech)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2022-11-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2022-11-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [193992 2022-11-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [75216 2022-11-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2022-11-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [181992 2022-11-13] (Malwarebytes Inc. -> Malwarebytes)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S0 Spybot3ELAM; C:\Windows\System32\drivers\Spybot3ELAM.sys [19904 2019-06-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Windows (R) Win 7 DDK provider)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [8746536 2022-08-17] (Riot Games, Inc. -> Riot Games, Inc.)
R3 ViGEmBus; C:\Windows\System32\DriverStore\FileRepository\vigembus.inf_amd64_8a927fc43d8a7838\x64\ViGEmBus.sys [91432 2020-04-21] (HP Inc. -> Benjamin Hoeglinger-Stelzer)
R3 VOICEMOD_Driver; C:\Windows\system32\drivers\vmdrv.sys [48136 2021-05-13] (Voicemod Sociedad Limitada -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
S3 ThrottleStop; \??\C:\Users\PC\AppData\Local\Temp\ThrottleStop.sys [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: DcSvc -> C:\Windows\system32\dcsvc.dll (Microsoft Corporation)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-11-13 19:11 - 2022-11-13 19:12 - 000038360 _____ C:\Users\PC\Desktop\FRST.txt
2022-11-13 19:04 - 2022-11-13 19:11 - 000000000 ____D C:\FRST
2022-11-13 19:04 - 2022-11-13 19:04 - 002375168 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2022-11-13 18:47 - 2022-11-13 18:47 - 000239544 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2022-11-13 18:47 - 2022-11-13 18:47 - 000223176 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2022-11-13 18:47 - 2022-11-13 18:47 - 000193992 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2022-11-13 18:47 - 2022-11-13 18:47 - 000181992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2022-11-13 18:47 - 2022-11-13 18:47 - 000158640 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2022-11-13 18:47 - 2022-11-13 18:47 - 000075216 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2022-11-13 18:47 - 2022-11-13 18:47 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-11-13 18:47 - 2022-11-13 18:47 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-11-13 18:47 - 2022-11-13 18:47 - 000000000 ____D C:\Users\PC\AppData\Local\mbam
2022-11-13 18:47 - 2022-11-13 18:46 - 000021480 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2022-11-13 18:46 - 2022-11-13 18:46 - 002632256 _____ (Malwarebytes) C:\Users\PC\Downloads\MBSetup-1A79B652-37335.37335.exe
2022-11-13 18:46 - 2022-11-13 18:46 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-11-13 18:46 - 2022-11-13 18:46 - 000000000 ____D C:\Program Files\Malwarebytes
2022-11-13 15:21 - 2022-11-13 17:59 - 000000000 ____D C:\Users\PC\Desktop\Scammer
2022-11-13 15:18 - 2022-11-13 15:18 - 000057354 _____ C:\Users\PC\Downloads\SpotX-Win-main.zip
2022-11-12 20:16 - 2022-11-12 20:16 - 006009856 _____ C:\Users\PC\Downloads\154LSK_pred_4_2008.ppt
2022-11-12 20:16 - 2022-11-12 20:16 - 000855250 _____ C:\Users\PC\Downloads\INF14.pptx
2022-11-11 21:18 - 2022-11-11 21:18 - 000000000 ____D C:\Windows\system32\Tasks\Safer-Networking
2022-11-11 20:43 - 2022-11-11 21:16 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2022-11-11 20:43 - 2022-11-11 20:43 - 000001464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2022-11-11 20:43 - 2022-11-11 20:43 - 000001452 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2022-11-11 20:43 - 2022-11-11 20:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2022-11-11 20:43 - 2019-06-21 07:34 - 000019904 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\Spybot3ELAM.sys
2022-11-11 20:43 - 2018-02-06 18:04 - 000032168 _____ (Safer-Networking Ltd.) C:\Windows\system32\sdnclean64.exe
2022-11-11 20:42 - 2022-11-13 18:21 - 000003484 _____ C:\Windows\system32\Tasks\BraveSoftwareUpdateTaskMachineUA{EA44E20C-BCDE-4902-AD25-405816F84DE1}
2022-11-11 20:42 - 2022-11-13 18:21 - 000003260 _____ C:\Windows\system32\Tasks\BraveSoftwareUpdateTaskMachineCore{EDD0C207-1C45-448F-8A0F-4E4ECB69DD7B}
2022-11-11 20:42 - 2022-11-13 14:53 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2022-11-11 20:42 - 2022-11-11 20:42 - 000002452 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2022-11-11 20:42 - 2022-11-11 20:42 - 000000000 ____D C:\Users\PC\AppData\Local\BraveSoftware
2022-11-11 20:42 - 2022-11-11 20:42 - 000000000 ____D C:\Program Files\BraveSoftware
2022-11-11 20:42 - 2022-11-11 20:42 - 000000000 ____D C:\Program Files (x86)\BraveSoftware
2022-11-11 20:41 - 2022-11-11 20:41 - 065427184 _____ (Safer-Networking Ltd. ) C:\Users\PC\Downloads\spybotsd-2.9.82.0.exe
2022-11-11 06:59 - 2022-11-13 18:35 - 000000000 ____D C:\Users\PC\AppData\Roaming\Spotify
2022-11-11 06:59 - 2022-11-13 15:21 - 000000000 ____D C:\Users\PC\AppData\Local\Spotify
2022-11-11 06:59 - 2022-11-11 06:59 - 000923096 _____ (Spotify Ltd) C:\Users\PC\Downloads\SpotifySetup (1).exe
2022-11-11 06:59 - 2022-11-11 06:59 - 000001835 _____ C:\Users\PC\Desktop\Spotify.lnk
2022-11-11 06:59 - 2022-11-11 06:59 - 000001821 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2022-11-10 19:33 - 2022-11-10 19:33 - 000000000 ___HD C:\$WinREAgent
2022-11-09 20:42 - 2022-11-09 20:42 - 000688128 _____ C:\Windows\system32\FsNVSDeviceSource.dll
2022-11-09 20:42 - 2022-11-09 20:42 - 000073216 _____ C:\Windows\system32\nettraceex.dll
2022-11-09 20:42 - 2022-11-09 20:42 - 000012253 _____ C:\Windows\system32\DrtmAuthTxt.wim
2022-11-09 20:41 - 2022-11-09 20:41 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2022-11-09 20:40 - 2022-11-09 20:40 - 001554510 _____ C:\Users\PC\Downloads\Wurst-Client-v7.30-MC1.19.2.jar
2022-11-08 18:11 - 2022-11-08 18:11 - 000000000 ____D C:\Users\PC\AppData\Roaming\Python
2022-11-08 16:37 - 2022-11-08 16:37 - 000000000 ____D C:\Users\PC\AppData\Roaming\Fusion360
2022-11-08 16:37 - 2022-11-08 16:37 - 000000000 ____D C:\Users\PC\AppData\Roaming\CadSoft
2022-11-08 16:33 - 2022-11-08 16:37 - 000000000 ____D C:\Users\PC\AppData\Roaming\Autodesk
2022-11-08 16:33 - 2022-11-08 16:33 - 000002665 _____ C:\Users\PC\Desktop\Autodesk Fusion 360.lnk
2022-11-08 16:33 - 2022-11-08 16:33 - 000000000 ____D C:\Users\PC\Documents\Fusion 360
2022-11-08 16:33 - 2022-11-08 16:33 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk
2022-11-08 16:33 - 2022-11-08 16:33 - 000000000 ____D C:\ProgramData\Autodesk
2022-11-08 16:28 - 2022-11-08 18:43 - 000000000 ____D C:\Users\PC\AppData\Local\Autodesk
2022-11-07 20:23 - 2022-11-13 18:21 - 000002878 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2022-11-07 20:23 - 2022-11-13 18:21 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2022-11-07 19:47 - 2022-11-07 20:12 - 000000000 ____D C:\Users\PC\AppData\Roaming\vscode-java-installer
2022-11-07 19:44 - 2022-11-07 21:55 - 000000000 ____D C:\Users\PC\AppData\Roaming\Code
2022-11-07 19:44 - 2022-11-07 19:44 - 000000000 ____D C:\Users\PC\.vscode
2022-11-07 19:42 - 2022-11-07 19:58 - 000000836 _____ C:\Users\PC\Desktop\Visual Studio Code.lnk
2022-11-07 19:42 - 2022-11-07 19:42 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2022-11-07 19:40 - 2022-11-07 19:40 - 000923096 _____ (Spotify Ltd) C:\Users\PC\Downloads\SpotifySetup.exe
2022-11-07 19:34 - 2022-11-07 19:34 - 000000000 ____D C:\Users\PC\.m2
2022-11-07 19:31 - 2022-11-07 19:31 - 000000000 ____D C:\Users\PC\Documents\NetBeansProjects
2022-11-07 19:30 - 2022-11-07 19:30 - 000000000 ____D C:\Users\PC\AppData\Roaming\NetBeans
2022-11-07 19:30 - 2022-11-07 19:30 - 000000000 ____D C:\Users\PC\AppData\Local\NetBeans
2022-11-07 19:27 - 2022-11-07 19:44 - 000000000 ____D C:\Users\PC\.nbi
2022-11-01 22:13 - 2022-11-01 22:13 - 000270552 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2022-11-01 22:13 - 2022-11-01 22:13 - 000221944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2022-10-29 19:09 - 2022-10-29 19:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2022-10-29 19:09 - 2022-10-29 19:09 - 000000000 ____D C:\Program Files\LGHUB
2022-10-22 20:26 - 2014-01-12 12:31 - 000000000 ____D C:\Users\PC\Downloads\THE ORPHANAGE v2
2022-10-22 20:23 - 2022-10-22 20:23 - 020373315 _____ C:\Users\PC\Downloads\The Orphanage Horror 1.7.2 REMO v2.rar
2022-10-22 20:15 - 2022-10-22 20:15 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2022-10-22 20:15 - 2022-10-22 20:15 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput
2022-10-17 19:35 - 2022-10-17 19:35 - 018298490 _____ C:\Users\PC\Downloads\§bBedlessFault§r - tokyo edit.zip
2022-10-17 19:35 - 2022-10-17 19:35 - 017981709 _____ C:\Users\PC\Downloads\§bBedlessFault§r - BuddhaTortoise edit.zip
2022-10-17 19:35 - 2022-10-17 19:35 - 017015992 _____ C:\Users\PC\Downloads\§bBedlessFault§r - Pvrpleflare edit.zip
2022-10-17 19:35 - 2022-10-17 19:35 - 016998279 _____ C:\Users\PC\Downloads\§bBedlessFault§r - daDurian edit.zip
2022-10-17 19:35 - 2022-10-17 19:35 - 016149791 _____ C:\Users\PC\Downloads\§bBedlessFault§r - SidNotAvenged edit.zip

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-11-13 18:53 - 2022-08-05 14:19 - 000000000 ____D C:\Users\PC\Downloads\modest-menu_v0.9.4
2022-11-13 18:51 - 2021-03-27 21:25 - 000000000 ____D C:\Users\PC\AppData\Roaming\discord
2022-11-13 18:47 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2022-11-13 18:39 - 2021-03-27 21:25 - 000000000 ____D C:\Users\PC\AppData\Local\Discord
2022-11-13 18:26 - 2020-11-18 23:28 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-11-13 18:25 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-11-13 18:21 - 2021-09-06 09:38 - 000002248 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - PC
2022-11-13 18:21 - 2021-04-06 09:42 - 000003152 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-13 18:21 - 2021-04-06 09:42 - 000002914 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-13 18:21 - 2021-04-06 09:41 - 000003398 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-13 18:21 - 2021-04-06 09:41 - 000002984 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-13 18:21 - 2021-04-06 09:41 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-13 18:21 - 2021-04-06 09:41 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-13 18:21 - 2021-04-06 09:41 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-13 18:21 - 2021-04-06 09:41 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-13 18:21 - 2021-04-06 09:41 - 000002744 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-11-13 18:21 - 2021-03-27 17:21 - 000002988 _____ C:\Windows\system32\Tasks\CCleaner Update
2022-11-13 18:21 - 2021-03-27 17:01 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2022-11-13 18:21 - 2021-03-27 16:56 - 000003386 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2022-11-13 18:21 - 2021-03-27 16:56 - 000003162 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2022-11-13 18:21 - 2020-11-19 00:31 - 000003560 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-11-13 18:21 - 2020-11-19 00:31 - 000003336 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-11-13 18:15 - 2021-03-27 16:56 - 000000000 ____D C:\Program Files (x86)\Google
2022-11-13 16:44 - 2021-09-28 18:43 - 000000000 ____D C:\Users\PC\Desktop\ŠKOLA
2022-11-13 15:32 - 2021-12-16 08:33 - 000051774 _____ C:\Windows\system32\perfh01B.dat
2022-11-13 15:32 - 2021-12-16 08:33 - 000012864 _____ C:\Windows\system32\perfc01B.dat
2022-11-13 15:32 - 2021-03-24 20:12 - 000885192 _____ C:\Windows\system32\PerfStringBackup.INI
2022-11-13 15:32 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2022-11-13 14:56 - 2021-03-27 17:21 - 000000000 ____D C:\Program Files\CCleaner
2022-11-13 14:56 - 2021-03-24 20:15 - 000000000 ____D C:\ProgramData\NVIDIA
2022-11-13 14:55 - 2021-06-29 09:31 - 000000001 _____ C:\Windows\vgkbootstatus.dat
2022-11-13 14:53 - 2022-08-23 13:31 - 000000000 ____D C:\Users\PC\AppData\Roaming\LGHUB
2022-11-13 14:53 - 2022-08-23 13:30 - 000000000 ____D C:\Users\PC\AppData\Local\LGHUB
2022-11-13 14:53 - 2021-03-24 20:12 - 000000000 __SHD C:\Users\PC\IntelGraphicsProfiles
2022-11-13 14:53 - 2021-03-24 19:44 - 000008192 ___SH C:\DumpStack.log.tmp
2022-11-13 14:53 - 2020-11-19 00:28 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-11-13 14:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2022-11-12 20:16 - 2020-11-19 00:31 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-11-12 20:16 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-11-12 20:16 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2022-11-11 22:59 - 2021-03-27 18:00 - 000000000 ____D C:\Users\PC\AppData\Local\CrashDumps
2022-11-11 21:20 - 2021-03-27 16:58 - 000000000 ____D C:\ProgramData\Avast Software
2022-11-11 21:19 - 2019-12-07 10:03 - 000786432 _____ C:\Windows\system32\config\BBI
2022-11-11 20:49 - 2021-06-29 09:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
2022-11-11 07:03 - 2020-11-18 23:28 - 000303608 _____ C:\Windows\system32\FNTCACHE.DAT
2022-11-11 07:01 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\UNP
2022-11-11 07:01 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2022-11-11 07:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-11-11 07:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2022-11-11 07:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2022-11-11 07:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2022-11-11 07:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2022-11-11 06:53 - 2021-03-27 16:56 - 000002259 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-11-10 21:46 - 2021-03-27 19:00 - 000000000 ____D C:\Users\PC\AppData\Roaming\.minecraft
2022-11-09 20:45 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2022-11-09 20:41 - 2020-11-19 00:31 - 003014656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2022-11-09 20:30 - 2021-03-24 20:08 - 000000000 ____D C:\Windows\system32\MRT
2022-11-09 20:29 - 2021-03-24 20:08 - 146960040 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-11-08 16:59 - 2021-03-24 20:40 - 000000000 ____D C:\Users\PC\AppData\Local\D3DSCache
2022-11-07 21:50 - 2021-03-27 17:11 - 000000000 ____D C:\Program Files (x86)\Steam
2022-11-07 21:34 - 2021-03-24 20:08 - 000000000 ____D C:\Users\PC\AppData\Local\PlaceholderTileLogoFolder
2022-11-07 21:34 - 2021-03-24 19:47 - 000000000 ____D C:\Users\PC\AppData\Local\Packages
2022-11-07 21:34 - 2020-11-19 00:33 - 000000000 ____D C:\ProgramData\Packages
2022-11-07 20:28 - 2021-11-11 13:48 - 000000000 ____D C:\Users\PC\Desktop\GAMES
2022-11-07 19:49 - 2021-08-30 08:42 - 000000000 ____D C:\Users\PC\.cache
2022-11-07 19:44 - 2021-03-24 19:47 - 000000000 ____D C:\Users\PC
2022-11-05 18:53 - 2021-03-27 17:05 - 000000000 ____D C:\Users\PC\AppData\Roaming\lunarclient
2022-11-01 22:13 - 2021-03-27 17:01 - 000862936 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2022-11-01 22:13 - 2021-03-27 17:01 - 000672272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2022-11-01 22:13 - 2021-03-27 17:01 - 000564304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2022-11-01 22:13 - 2021-03-27 17:01 - 000390096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2022-11-01 22:13 - 2021-03-27 17:01 - 000327896 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2022-11-01 22:13 - 2021-03-27 17:01 - 000306128 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2022-11-01 22:13 - 2021-03-27 17:01 - 000276520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2022-11-01 22:13 - 2021-03-27 17:01 - 000238152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2022-11-01 22:13 - 2021-03-27 17:01 - 000114464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2022-11-01 22:13 - 2021-03-27 17:01 - 000105936 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2022-11-01 22:13 - 2021-03-27 17:01 - 000090008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2022-11-01 22:13 - 2021-03-27 17:01 - 000048512 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2022-11-01 22:13 - 2021-03-27 17:01 - 000042304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2022-11-01 22:13 - 2021-03-27 17:01 - 000003990 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2022-10-30 21:23 - 2021-11-02 12:45 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2022-10-28 14:13 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\LiveKernelReports
2022-10-28 14:02 - 2021-03-28 11:16 - 000000000 ____D C:\ProgramData\Package Cache
2022-10-28 11:33 - 2021-03-27 18:46 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-10-23 17:28 - 2021-04-28 10:39 - 000000000 ____D C:\Users\PC\AppData\Local\ElevatedDiagnostics
2022-10-22 20:15 - 2021-11-20 17:45 - 000153048 _____ (Microsoft Corporation) C:\Windows\system32\gamelaunchhelper.dll
2022-10-22 20:15 - 2021-11-02 18:15 - 002815456 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2022-10-22 20:15 - 2021-11-02 18:15 - 000452048 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2022-10-22 20:15 - 2021-11-02 18:15 - 000243168 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy.dll
2022-10-22 20:15 - 2021-11-02 18:15 - 000198096 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
2022-10-22 20:15 - 2021-11-02 18:15 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll

==================== Files in the root of some directories ========

2021-03-28 19:04 - 2021-03-28 19:04 - 000000068 _____ () C:\Users\PC\AppData\Roaming\changzhi_leidian.data
2021-09-06 09:26 - 2021-09-06 09:26 - 000000128 _____ () C:\Users\PC\AppData\Roaming\changzhi_leidianmac.data
2022-03-25 19:08 - 2022-03-25 19:08 - 001322873 _____ () C:\Users\PC\AppData\Roaming\VideoPad.dmp
2022-05-28 20:26 - 2022-05-28 20:26 - 000000866 _____ () C:\Users\PC\AppData\Local\recently-used.xbel
2021-09-05 17:51 - 2021-09-05 17:51 - 000000017 _____ () C:\Users\PC\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Addition.rar
(25.66 KiB) Staženo 24 x

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosim o kontrolu notebooku

#2 Příspěvek od Rudy »

Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-09-27] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\Run: [ProductAuthenticationService] => C:\Users\PC\AppData\Roaming\ProductAuthenticationService\pas.exe [1004072 2021-03-29] (ResolveDevOps Limited -> ResolveDevOps Limited) <==== ATTENTION
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\Run: [Salad] => "C:\Program Files\Salad\Salad.exe" (No File)
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\Run: [Overwolf] => D:\Overwolf\OverwolfLauncher.exe -overwolfsilent (No File)
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\Run: [electron.app.SquadOV] => C:\Users\PC\AppData\Local\Programs\squadov_client_ui\SquadOV.exe --hidden (No File)
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\MountPoints2: {71e01f76-1491-11ec-89ae-983b8f6c6479} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\MountPoints2: {71e021d4-1491-11ec-89ae-983b8f6c6479} - "E:\HiSuiteDownLoader.exe"
ShortcutTarget: Rainmeter.lnk -> D:\Rainmeter.exe (No File)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {65AB8FA1-6B06-41E2-B0B8-10C1C2F0BD56} - System32\Tasks\Overwolf Updater Task => D:\Overwolf\OverwolfUpdater.exe /RunningFrom Schedule (No File)
Task: {72D074A7-B24D-4DAF-B269-D4229B1C5DBB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-27] (Google LLC -> Google LLC)
Task: {B976CEBE-9B60-446B-904B-CB73B45BBD4F} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe --cistrayUI (No File)
Task: {E42C9CB3-175F-4DBE-AD37-0127D2126399} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {E6A72E18-A14E-4A18-B8B3-F949E92DCDB4} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {C88A1DD2-C01B-4E15-BD06-5D37EBAEC240} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-27] (Google LLC -> Google LLC)
S3 ThrottleStop; \??\C:\Users\PC\AppData\Local\Temp\ThrottleStop.sys [X] <==== ATTENTION
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\Windows\tracing:? [16]
AlternateDataStreams: C:\ProgramData\mntemp:8EAD8B3507 [4282]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [4282]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk:21661D084B [4282]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [4282]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FACEIT AC.lnk:550995E265 [4282]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.24.lnk:880C9F1679 [4282]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk:F20EF51E1F [4282]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk:F208FC6732 [4282]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [6810]
FirewallRules: [TCP Query User{5986F4C9-BF41-4B12-BB6D-11111678E4B1}C:\users\pc\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\pc\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{9E8501EB-57D0-4C9C-BD83-DCFCD993F269}C:\users\pc\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\pc\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{DA86AD72-88DC-4169-BED6-6CC89C8517D0}D:\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [UDP Query User{137C25B1-C568-4D8B-A744-63956E12998C}D:\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [TCP Query User{A0F1BA4A-4F23-4D65-8AF7-23FFF57B2855}D:\call of duty - black ops\blackops.exe] => (Allow) D:\call of duty - black ops\blackops.exe => No File
FirewallRules: [UDP Query User{D1C13958-D2F1-4FA6-A6D7-799D8012915C}D:\call of duty - black ops\blackops.exe] => (Allow) D:\call of duty - black ops\blackops.exe => No File
FirewallRules: [{1509021e-952a-4222-925b-e9ef2e35da46}] => (Allow) C:\Program Files\ldplayerbox\LdVBoxHeadless.exe => No File
FirewallRules: [{1E0EE64E-909A-4681-A680-85CF328345BC}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => No File
FirewallRules: [TCP Query User{0B9618CE-9AE9-4972-8C27-F6F818043472}C:\users\pc\appdata\local\vghd\bin\vghd.exe] => (Allow) C:\users\pc\appdata\local\vghd\bin\vghd.exe => No File
FirewallRules: [UDP Query User{14DB72FD-F01E-4C7D-BE78-9ED10F914B0C}C:\users\pc\appdata\local\vghd\bin\vghd.exe] => (Allow) C:\users\pc\appdata\local\vghd\bin\vghd.exe => No File
FirewallRules: [{141FBB48-833F-4E9F-ACBB-61098233CEA2}] => (Allow) D:\Overwolf\0.184.0.35\OverwolfBrowser.exe => No File
FirewallRules: [{BC9BB575-4FD0-4343-82F8-68FEDAB902F2}] => (Allow) D:\Overwolf\0.184.0.35\OverwolfBrowser.exe => No File
FirewallRules: [{EB2693AC-6F73-4E81-9E5B-BC6E84DF241A}] => (Block) D:\Overwolf\0.184.0.35\OverwolfBrowser.exe => No File
FirewallRules: [{5C48C7D6-36C2-4908-81EA-13BFD0D9F6BB}] => (Block) D:\Overwolf\0.184.0.35\OverwolfBrowser.exe => No File
FirewallRules: [{0670FED8-3489-4009-9FBA-754A472D995F}] => (Allow) D:\Overwolf\0.185.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{47E21C8A-C5E3-47EB-88DD-256BA2274690}] => (Allow) D:\Overwolf\0.185.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{DA6F9692-0866-461F-8A86-2FDA9898CEC9}] => (Block) D:\Overwolf\0.185.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{8CCB671E-19F6-48C6-A59F-9EBEB40D6531}] => (Block) D:\Overwolf\0.185.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{9D99E0B3-A2A9-4036-B281-1B988BCA4FCF}] => (Allow) D:\WatchDogs\bin\Watch_Dogs.exe => No File
FirewallRules: [{9F5B31BD-F852-4F9E-A6AC-C6F0F46B6D24}] => (Allow) D:\WatchDogs\bin\Watch_Dogs.exe => No File
FirewallRules: [TCP Query User{D4F1D848-0539-421C-A301-D5CE5C0768BA}C:\users\pc\appdata\local\programs\allstar\allstar desktop application.exe] => (Allow) C:\users\pc\appdata\local\programs\allstar\allstar desktop application.exe => No File
FirewallRules: [UDP Query User{CD3299B8-5515-494D-8C1C-70ED42250164}C:\users\pc\appdata\local\programs\allstar\allstar desktop application.exe] => (Allow) C:\users\pc\appdata\local\programs\allstar\allstar desktop application.exe => No File
FirewallRules: [TCP Query User{35D12D6B-9C42-4243-AC53-42A4DF444EDC}C:\users\pc\appdata\local\temp\rar$exa0.679\fnaf forgotten pizzeria.exe] => (Allow) C:\users\pc\appdata\local\temp\rar$exa0.679\fnaf forgotten pizzeria.exe => No File
FirewallRules: [UDP Query User{75252765-4A7B-42C0-9D30-12BC38F0D293}C:\users\pc\appdata\local\temp\rar$exa0.679\fnaf forgotten pizzeria.exe] => (Allow) C:\users\pc\appdata\local\temp\rar$exa0.679\fnaf forgotten pizzeria.exe => No File
FirewallRules: [TCP Query User{B8D6D6D2-D23F-4274-982E-FF633C47B538}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe => No File
FirewallRules: [UDP Query User{897E455F-4AE9-4986-862F-8976E2841F47}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe => No File
FirewallRules: [TCP Query User{366E3984-F6D6-449C-897A-350D5D9C622D}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [UDP Query User{78BE0FF5-1524-4058-8BCC-F98B71596A40}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [TCP Query User{97B3C35E-E396-40A1-8910-CE25CB6E13FA}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [UDP Query User{9B2D62DF-5AEE-4B19-A9C1-1AD8C936CB8D}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [TCP Query User{0A8154D5-7FE5-4FB5-A6DA-B04F089C1EFF}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser => No File
FirewallRules: [UDP Query User{2970E84F-3E8D-42A1-83B1-B2A06750047B}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser => No File
FirewallRules: [TCP Query User{B0192293-99B2-4696-9DA8-E64AC169BE35}C:\users\pc\appdata\local\medal\app-4.1000.0\medal.exe] => (Allow) C:\users\pc\appdata\local\medal\app-4.1000.0\medal.exe => No File
FirewallRules: [UDP Query User{58B871B9-FDFD-419C-90C7-D66035344BA0}C:\users\pc\appdata\local\medal\app-4.1000.0\medal.exe] => (Allow) C:\users\pc\appdata\local\medal\app-4.1000.0\medal.exe => No File
FirewallRules: [TCP Query User{CF60911A-E1A5-45A3-B938-E1145136F1F9}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [UDP Query User{E6D9EF68-1545-4069-9B75-E20412A45836}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [TCP Query User{3D03A8DA-625C-44CB-B264-087BA38A9AD9}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [UDP Query User{1CA9DE41-516F-4694-8A0A-DAAE07D3E666}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [TCP Query User{6DDA3E65-6636-4F04-B173-E2CB9A48CF0F}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe => No File
FirewallRules: [UDP Query User{1D9A3C8B-3378-48A4-A306-DB4D1335B26D}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe => No File
FirewallRules: [TCP Query User{95AB5A75-6E7A-4ACF-AE8D-4B4D022980BE}C:\users\pc\appdata\local\temp\rar$exa0.881\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe] => (Allow) C:\users\pc\appdata\local\temp\rar$exa0.881\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe => No File
FirewallRules: [UDP Query User{EB053A19-12D0-4348-8828-CE727F8CE8FC}C:\users\pc\appdata\local\temp\rar$exa0.881\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe] => (Allow) C:\users\pc\appdata\local\temp\rar$exa0.881\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe => No File
FirewallRules: [TCP Query User{83F5AE87-8DAC-4403-9103-C05F9C069538}C:\users\pc\appdata\local\temp\rar$exa0.816\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe] => (Allow) C:\users\pc\appdata\local\temp\rar$exa0.816\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe => No File
FirewallRules: [UDP Query User{3A703689-0A21-48F5-943D-319A3A59C706}C:\users\pc\appdata\local\temp\rar$exa0.816\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe] => (Allow) C:\users\pc\appdata\local\temp\rar$exa0.816\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe => No File
FirewallRules: [TCP Query User{DC4A6C3F-E170-4D2B-9748-5C4697671306}C:\users\pc\appdata\local\temp\rar$exa0.960\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe] => (Allow) C:\users\pc\appdata\local\temp\rar$exa0.960\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe => No File
FirewallRules: [UDP Query User{A0964DC6-BE57-4EDA-9897-1873F6C4833B}C:\users\pc\appdata\local\temp\rar$exa0.960\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe] => (Allow) C:\users\pc\appdata\local\temp\rar$exa0.960\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe => No File
FirewallRules: [TCP Query User{4266122A-D462-4F5F-AC34-0EC18DED9DFF}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe => No File
FirewallRules: [UDP Query User{0B6D3A67-43B4-4741-97C0-616F9641304E}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe => No File
FirewallRules: [{07233AD6-369E-4935-B5D4-8984A7731E2F}] => (Allow) D:\DAVINČI\ElementsPanelDaemon.exe => No File

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Swifty14
Návštěvník
Návštěvník
Příspěvky: 3
Registrován: 13 lis 2022 19:08

Re: Prosim o kontrolu notebooku

#3 Příspěvek od Swifty14 »

Fix result of Farbar Recovery Scan Tool (x64) Version: 12-11-2022
Ran by PC (13-11-2022 20:45:42) Run:1
Running from C:\Users\PC\Desktop
Loaded Profiles: PC
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-09-27] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\Run: [ProductAuthenticationService] => C:\Users\PC\AppData\Roaming\ProductAuthenticationService\pas.exe [1004072 2021-03-29] (ResolveDevOps Limited -> ResolveDevOps Limited) <==== ATTENTION
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\Run: [Salad] => "C:\Program Files\Salad\Salad.exe" (No File)
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\Run: [Overwolf] => D:\Overwolf\OverwolfLauncher.exe -overwolfsilent (No File)
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\Run: [electron.app.SquadOV] => C:\Users\PC\AppData\Local\Programs\squadov_client_ui\SquadOV.exe --hidden (No File)
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\MountPoints2: {71e01f76-1491-11ec-89ae-983b8f6c6479} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\...\MountPoints2: {71e021d4-1491-11ec-89ae-983b8f6c6479} - "E:\HiSuiteDownLoader.exe"
ShortcutTarget: Rainmeter.lnk -> D:\Rainmeter.exe (No File)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {65AB8FA1-6B06-41E2-B0B8-10C1C2F0BD56} - System32\Tasks\Overwolf Updater Task => D:\Overwolf\OverwolfUpdater.exe /RunningFrom Schedule (No File)
Task: {72D074A7-B24D-4DAF-B269-D4229B1C5DBB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-27] (Google LLC -> Google LLC)
Task: {B976CEBE-9B60-446B-904B-CB73B45BBD4F} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe --cistrayUI (No File)
Task: {E42C9CB3-175F-4DBE-AD37-0127D2126399} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {E6A72E18-A14E-4A18-B8B3-F949E92DCDB4} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {C88A1DD2-C01B-4E15-BD06-5D37EBAEC240} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-03-27] (Google LLC -> Google LLC)
S3 ThrottleStop; \??\C:\Users\PC\AppData\Local\Temp\ThrottleStop.sys [X] <==== ATTENTION
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\Windows\tracing:? [16]
AlternateDataStreams: C:\ProgramData\mntemp:8EAD8B3507 [4282]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [4282]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk:21661D084B [4282]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [4282]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FACEIT AC.lnk:550995E265 [4282]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.24.lnk:880C9F1679 [4282]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk:F20EF51E1F [4282]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk:F208FC6732 [4282]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [6810]
FirewallRules: [TCP Query User{5986F4C9-BF41-4B12-BB6D-11111678E4B1}C:\users\pc\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\pc\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{9E8501EB-57D0-4C9C-BD83-DCFCD993F269}C:\users\pc\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe] => (Allow) C:\users\pc\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{DA86AD72-88DC-4169-BED6-6CC89C8517D0}D:\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [UDP Query User{137C25B1-C568-4D8B-A744-63956E12998C}D:\call of duty modern warfare\modernwarfare.exe] => (Allow) D:\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [TCP Query User{A0F1BA4A-4F23-4D65-8AF7-23FFF57B2855}D:\call of duty - black ops\blackops.exe] => (Allow) D:\call of duty - black ops\blackops.exe => No File
FirewallRules: [UDP Query User{D1C13958-D2F1-4FA6-A6D7-799D8012915C}D:\call of duty - black ops\blackops.exe] => (Allow) D:\call of duty - black ops\blackops.exe => No File
FirewallRules: [{1509021e-952a-4222-925b-e9ef2e35da46}] => (Allow) C:\Program Files\ldplayerbox\LdVBoxHeadless.exe => No File
FirewallRules: [{1E0EE64E-909A-4681-A680-85CF328345BC}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => No File
FirewallRules: [TCP Query User{0B9618CE-9AE9-4972-8C27-F6F818043472}C:\users\pc\appdata\local\vghd\bin\vghd.exe] => (Allow) C:\users\pc\appdata\local\vghd\bin\vghd.exe => No File
FirewallRules: [UDP Query User{14DB72FD-F01E-4C7D-BE78-9ED10F914B0C}C:\users\pc\appdata\local\vghd\bin\vghd.exe] => (Allow) C:\users\pc\appdata\local\vghd\bin\vghd.exe => No File
FirewallRules: [{141FBB48-833F-4E9F-ACBB-61098233CEA2}] => (Allow) D:\Overwolf\0.184.0.35\OverwolfBrowser.exe => No File
FirewallRules: [{BC9BB575-4FD0-4343-82F8-68FEDAB902F2}] => (Allow) D:\Overwolf\0.184.0.35\OverwolfBrowser.exe => No File
FirewallRules: [{EB2693AC-6F73-4E81-9E5B-BC6E84DF241A}] => (Block) D:\Overwolf\0.184.0.35\OverwolfBrowser.exe => No File
FirewallRules: [{5C48C7D6-36C2-4908-81EA-13BFD0D9F6BB}] => (Block) D:\Overwolf\0.184.0.35\OverwolfBrowser.exe => No File
FirewallRules: [{0670FED8-3489-4009-9FBA-754A472D995F}] => (Allow) D:\Overwolf\0.185.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{47E21C8A-C5E3-47EB-88DD-256BA2274690}] => (Allow) D:\Overwolf\0.185.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{DA6F9692-0866-461F-8A86-2FDA9898CEC9}] => (Block) D:\Overwolf\0.185.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{8CCB671E-19F6-48C6-A59F-9EBEB40D6531}] => (Block) D:\Overwolf\0.185.0.12\OverwolfBrowser.exe => No File
FirewallRules: [{9D99E0B3-A2A9-4036-B281-1B988BCA4FCF}] => (Allow) D:\WatchDogs\bin\Watch_Dogs.exe => No File
FirewallRules: [{9F5B31BD-F852-4F9E-A6AC-C6F0F46B6D24}] => (Allow) D:\WatchDogs\bin\Watch_Dogs.exe => No File
FirewallRules: [TCP Query User{D4F1D848-0539-421C-A301-D5CE5C0768BA}C:\users\pc\appdata\local\programs\allstar\allstar desktop application.exe] => (Allow) C:\users\pc\appdata\local\programs\allstar\allstar desktop application.exe => No File
FirewallRules: [UDP Query User{CD3299B8-5515-494D-8C1C-70ED42250164}C:\users\pc\appdata\local\programs\allstar\allstar desktop application.exe] => (Allow) C:\users\pc\appdata\local\programs\allstar\allstar desktop application.exe => No File
FirewallRules: [TCP Query User{35D12D6B-9C42-4243-AC53-42A4DF444EDC}C:\users\pc\appdata\local\temp\rar$exa0.679\fnaf forgotten pizzeria.exe] => (Allow) C:\users\pc\appdata\local\temp\rar$exa0.679\fnaf forgotten pizzeria.exe => No File
FirewallRules: [UDP Query User{75252765-4A7B-42C0-9D30-12BC38F0D293}C:\users\pc\appdata\local\temp\rar$exa0.679\fnaf forgotten pizzeria.exe] => (Allow) C:\users\pc\appdata\local\temp\rar$exa0.679\fnaf forgotten pizzeria.exe => No File
FirewallRules: [TCP Query User{B8D6D6D2-D23F-4274-982E-FF633C47B538}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe => No File
FirewallRules: [UDP Query User{897E455F-4AE9-4986-862F-8976E2841F47}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe => No File
FirewallRules: [TCP Query User{366E3984-F6D6-449C-897A-350D5D9C622D}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [UDP Query User{78BE0FF5-1524-4058-8BCC-F98B71596A40}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe => No File
FirewallRules: [TCP Query User{97B3C35E-E396-40A1-8910-CE25CB6E13FA}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [UDP Query User{9B2D62DF-5AEE-4B19-A9C1-1AD8C936CB8D}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [TCP Query User{0A8154D5-7FE5-4FB5-A6DA-B04F089C1EFF}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser => No File
FirewallRules: [UDP Query User{2970E84F-3E8D-42A1-83B1-B2A06750047B}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser => No File
FirewallRules: [TCP Query User{B0192293-99B2-4696-9DA8-E64AC169BE35}C:\users\pc\appdata\local\medal\app-4.1000.0\medal.exe] => (Allow) C:\users\pc\appdata\local\medal\app-4.1000.0\medal.exe => No File
FirewallRules: [UDP Query User{58B871B9-FDFD-419C-90C7-D66035344BA0}C:\users\pc\appdata\local\medal\app-4.1000.0\medal.exe] => (Allow) C:\users\pc\appdata\local\medal\app-4.1000.0\medal.exe => No File
FirewallRules: [TCP Query User{CF60911A-E1A5-45A3-B938-E1145136F1F9}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [UDP Query User{E6D9EF68-1545-4069-9B75-E20412A45836}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Block) D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe => No File
FirewallRules: [TCP Query User{3D03A8DA-625C-44CB-B264-087BA38A9AD9}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [UDP Query User{1CA9DE41-516F-4694-8A0A-DAAE07D3E666}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe => No File
FirewallRules: [TCP Query User{6DDA3E65-6636-4F04-B173-E2CB9A48CF0F}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe => No File
FirewallRules: [UDP Query User{1D9A3C8B-3378-48A4-A306-DB4D1335B26D}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe => No File
FirewallRules: [TCP Query User{95AB5A75-6E7A-4ACF-AE8D-4B4D022980BE}C:\users\pc\appdata\local\temp\rar$exa0.881\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe] => (Allow) C:\users\pc\appdata\local\temp\rar$exa0.881\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe => No File
FirewallRules: [UDP Query User{EB053A19-12D0-4348-8828-CE727F8CE8FC}C:\users\pc\appdata\local\temp\rar$exa0.881\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe] => (Allow) C:\users\pc\appdata\local\temp\rar$exa0.881\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe => No File
FirewallRules: [TCP Query User{83F5AE87-8DAC-4403-9103-C05F9C069538}C:\users\pc\appdata\local\temp\rar$exa0.816\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe] => (Allow) C:\users\pc\appdata\local\temp\rar$exa0.816\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe => No File
FirewallRules: [UDP Query User{3A703689-0A21-48F5-943D-319A3A59C706}C:\users\pc\appdata\local\temp\rar$exa0.816\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe] => (Allow) C:\users\pc\appdata\local\temp\rar$exa0.816\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe => No File
FirewallRules: [TCP Query User{DC4A6C3F-E170-4D2B-9748-5C4697671306}C:\users\pc\appdata\local\temp\rar$exa0.960\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe] => (Allow) C:\users\pc\appdata\local\temp\rar$exa0.960\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe => No File
FirewallRules: [UDP Query User{A0964DC6-BE57-4EDA-9897-1873F6C4833B}C:\users\pc\appdata\local\temp\rar$exa0.960\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe] => (Allow) C:\users\pc\appdata\local\temp\rar$exa0.960\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe => No File
FirewallRules: [TCP Query User{4266122A-D462-4F5F-AC34-0EC18DED9DFF}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe => No File
FirewallRules: [UDP Query User{0B6D3A67-43B4-4741-97C0-616F9641304E}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe] => (Allow) C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe => No File
FirewallRules: [{07233AD6-369E-4935-B5D4-8984A7731E2F}] => (Allow) D:\DAVINČI\ElementsPanelDaemon.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
"HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\Software\Microsoft\Windows\CurrentVersion\Run\\ProductAuthenticationService" => removed successfully
"HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Salad" => removed successfully
"HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Overwolf" => removed successfully
"HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\Software\Microsoft\Windows\CurrentVersion\Run\\electron.app.SquadOV" => removed successfully
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{71e01f76-1491-11ec-89ae-983b8f6c6479} => removed successfully
HKU\S-1-5-21-4216822756-2788997128-3535864154-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{71e021d4-1491-11ec-89ae-983b8f6c6479} => removed successfully
"D:\Rainmeter.exe" => not found
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{65AB8FA1-6B06-41E2-B0B8-10C1C2F0BD56}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{65AB8FA1-6B06-41E2-B0B8-10C1C2F0BD56}" => removed successfully
C:\Windows\System32\Tasks\Overwolf Updater Task => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Overwolf Updater Task" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{72D074A7-B24D-4DAF-B269-D4229B1C5DBB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{72D074A7-B24D-4DAF-B269-D4229B1C5DBB}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B976CEBE-9B60-446B-904B-CB73B45BBD4F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B976CEBE-9B60-446B-904B-CB73B45BBD4F}" => removed successfully
C:\Windows\System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E42C9CB3-175F-4DBE-AD37-0127D2126399}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E42C9CB3-175F-4DBE-AD37-0127D2126399}" => removed successfully
C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E6A72E18-A14E-4A18-B8B3-F949E92DCDB4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E6A72E18-A14E-4A18-B8B3-F949E92DCDB4}" => removed successfully
C:\Windows\System32\Tasks\USER_ESRV_SVC_QUEENCREEK => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\USER_ESRV_SVC_QUEENCREEK" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C88A1DD2-C01B-4E15-BD06-5D37EBAEC240}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C88A1DD2-C01B-4E15-BD06-5D37EBAEC240}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKLM\System\CurrentControlSet\Services\ThrottleStop => removed successfully
ThrottleStop => service removed successfully
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
C:\Windows\tracing => ":?" ADS removed successfully
C:\ProgramData\mntemp => ":8EAD8B3507" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini => ":B1DA6C571C" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk => ":21661D084B" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk => ":BE32D07BC5" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FACEIT AC.lnk => ":550995E265" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.24.lnk => ":880C9F1679" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk => ":F20EF51E1F" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk => ":F208FC6732" ADS removed successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5986F4C9-BF41-4B12-BB6D-11111678E4B1}C:\users\pc\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9E8501EB-57D0-4C9C-BD83-DCFCD993F269}C:\users\pc\.lunarclient\jre\zulu16.30.15-ca-fx-jre16.0.1-win_x64\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DA86AD72-88DC-4169-BED6-6CC89C8517D0}D:\call of duty modern warfare\modernwarfare.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{137C25B1-C568-4D8B-A744-63956E12998C}D:\call of duty modern warfare\modernwarfare.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A0F1BA4A-4F23-4D65-8AF7-23FFF57B2855}D:\call of duty - black ops\blackops.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D1C13958-D2F1-4FA6-A6D7-799D8012915C}D:\call of duty - black ops\blackops.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1509021e-952a-4222-925b-e9ef2e35da46}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1E0EE64E-909A-4681-A680-85CF328345BC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0B9618CE-9AE9-4972-8C27-F6F818043472}C:\users\pc\appdata\local\vghd\bin\vghd.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{14DB72FD-F01E-4C7D-BE78-9ED10F914B0C}C:\users\pc\appdata\local\vghd\bin\vghd.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{141FBB48-833F-4E9F-ACBB-61098233CEA2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BC9BB575-4FD0-4343-82F8-68FEDAB902F2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EB2693AC-6F73-4E81-9E5B-BC6E84DF241A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5C48C7D6-36C2-4908-81EA-13BFD0D9F6BB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0670FED8-3489-4009-9FBA-754A472D995F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{47E21C8A-C5E3-47EB-88DD-256BA2274690}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DA6F9692-0866-461F-8A86-2FDA9898CEC9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8CCB671E-19F6-48C6-A59F-9EBEB40D6531}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9D99E0B3-A2A9-4036-B281-1B988BCA4FCF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9F5B31BD-F852-4F9E-A6AC-C6F0F46B6D24}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{D4F1D848-0539-421C-A301-D5CE5C0768BA}C:\users\pc\appdata\local\programs\allstar\allstar desktop application.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{CD3299B8-5515-494D-8C1C-70ED42250164}C:\users\pc\appdata\local\programs\allstar\allstar desktop application.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{35D12D6B-9C42-4243-AC53-42A4DF444EDC}C:\users\pc\appdata\local\temp\rar$exa0.679\fnaf forgotten pizzeria.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{75252765-4A7B-42C0-9D30-12BC38F0D293}C:\users\pc\appdata\local\temp\rar$exa0.679\fnaf forgotten pizzeria.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B8D6D6D2-D23F-4274-982E-FF633C47B538}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{897E455F-4AE9-4986-862F-8976E2841F47}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{366E3984-F6D6-449C-897A-350D5D9C622D}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{78BE0FF5-1524-4058-8BCC-F98B71596A40}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2189_gtaprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{97B3C35E-E396-40A1-8910-CE25CB6E13FA}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{9B2D62DF-5AEE-4B19-A9C1-1AD8C936CB8D}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0A8154D5-7FE5-4FB5-A6DA-B04F089C1EFF}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2970E84F-3E8D-42A1-83B1-B2A06750047B}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_chromebrowser" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B0192293-99B2-4696-9DA8-E64AC169BE35}C:\users\pc\appdata\local\medal\app-4.1000.0\medal.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{58B871B9-FDFD-419C-90C7-D66035344BA0}C:\users\pc\appdata\local\medal\app-4.1000.0\medal.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CF60911A-E1A5-45A3-B938-E1145136F1F9}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E6D9EF68-1545-4069-9B75-E20412A45836}D:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{3D03A8DA-625C-44CB-B264-087BA38A9AD9}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1CA9DE41-516F-4694-8A0A-DAAE07D3E666}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2372_gtaprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6DDA3E65-6636-4F04-B173-E2CB9A48CF0F}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1D9A3C8B-3378-48A4-A306-DB4D1335B26D}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2545_gtaprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{95AB5A75-6E7A-4ACF-AE8D-4B4D022980BE}C:\users\pc\appdata\local\temp\rar$exa0.881\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{EB053A19-12D0-4348-8828-CE727F8CE8FC}C:\users\pc\appdata\local\temp\rar$exa0.881\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{83F5AE87-8DAC-4403-9103-C05F9C069538}C:\users\pc\appdata\local\temp\rar$exa0.816\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3A703689-0A21-48F5-943D-319A3A59C706}C:\users\pc\appdata\local\temp\rar$exa0.816\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DC4A6C3F-E170-4D2B-9748-5C4697671306}C:\users\pc\appdata\local\temp\rar$exa0.960\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A0964DC6-BE57-4EDA-9897-1873F6C4833B}C:\users\pc\appdata\local\temp\rar$exa0.960\inside.the.backrooms\inside.the.backrooms\inside the backrooms.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4266122A-D462-4F5F-AC34-0EC18DED9DFF}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0B6D3A67-43B4-4741-97C0-616F9641304E}C:\users\pc\appdata\local\fivem\fivem.app\data\cache\subprocess\fivem_b2699_gtaprocess.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{07233AD6-369E-4935-B5D4-8984A7731E2F}" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 32583162 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 1382481793 B
Windows/system/drivers => 3529646 B
Edge => 0 B
Chrome => 847685966 B
Brave => 1688288 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 537452 B
NetworkService => 537452 B
PC => 196164803 B

RecycleBin => 30709024 B
EmptyTemp: => 2.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:47:25 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosim o kontrolu notebooku

#4 Příspěvek od Rudy »

Smazáno, log je již OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Swifty14
Návštěvník
Návštěvník
Příspěvky: 3
Registrován: 13 lis 2022 19:08

Re: Prosim o kontrolu notebooku

#5 Příspěvek od Swifty14 »

Ďakujem veľmi pekne za pomoc

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosim o kontrolu notebooku

#6 Příspěvek od Rudy »

Nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno