Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

preventivka

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Uživatelský avatar
BacilX
Návštěvník
Návštěvník
Příspěvky: 65
Registrován: 19 zář 2007 11:12

preventivka

#1 Příspěvek od BacilX »

poprosil bych o kontrolu...díky

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-12-2022
Ran by Admin (administrator) on TRILINE (ATComputers TRILINE PROFI I108) (11-12-2022 10:18:43)
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin & Robin
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <5>
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe <2>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7204568 2013-11-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [215960 2022-11-23] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [117248 2018-04-13] (pdfforge GmbH) [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0D88FC2E-0B2B-45CE-BCEC-68E42B4F1092} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {143F148D-D37A-4306-B62A-FD65B5C85C9C} - System32\Tasks\AdobeAAMUpdater-1.0-triline-Admin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled (No File)
Task: {27C1C341-3185-4754-90F1-745CF5D1F604} - System32\Tasks\AdobeGCInvoker-1.0-triline-Admin => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {32497A94-DF03-4A04-996E-5FDD5F981B63} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe Scan -ScheduleJob -RestrictPrivileges (No File)
Task: {3660A6BA-3B58-463F-B54A-A9FA3CB0431E} - System32\Tasks\update-S-1-5-21-2485784249-3341709608-829223016-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {40DE306A-AD32-415E-B2BB-E5AB154693A6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-10-20] (Piriform Software Ltd -> Piriform)
Task: {44FA95C2-5D1B-40C7-87AB-D7D0C77E6F43} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {49B7041C-0AD3-4524-AD2E-DA1D0E9B5BE9} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "68981db3-f7de-42cf-8bab-3d52cda81a34" --version "6.05.10110" --silent
Task: {61F37A62-92A4-4DAB-A56D-C6B9DB35C2E0} - System32\Tasks\JumpingBytes\PureSyncJobs\manga => C:\Program Files (x86)\Jumping Bytes\PureSync\PureSync.exe -> "C:\Users\Public\Jumping Bytes\PureSync\manga.psy" sched sync synctype:4
Task: {7D3673B5-405B-411E-BA93-4B82971098AF} - System32\Tasks\CCleanerSkipUAC - Admin => C:\Program Files\CCleaner\CCleaner.exe [32472400 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {8A45F4D7-DAA6-4F5D-AFDE-6692BE2F0A84} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-05-24] (Avast Software s.r.o. -> Avast Software)
Task: {8D8D18A6-ECBD-4FC1-AB19-63AA7621CAB9} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [1174016 2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Task: {8E6760C5-778C-4C28-BEEC-4118D5F2BD7A} - System32\Tasks\JumpingBytes\PureSyncElvAdmin => C:\Program Files (x86)\Jumping Bytes\PureSync\PureSyncHelper.exe exit (No File)
Task: {CC1F0AAF-CAA5-42D8-B0B1-05655C0CD5F8} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {DB2AF32B-D74D-44C0-BD06-DB7155DAA976} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4951448 2022-11-23] (Avast Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\Windows\Tasks\update-S-1-5-21-2485784249-3341709608-829223016-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{15601C4F-0785-412A-BDC7-0069DA945582}: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ecbl4qpk.default-release-2 [not found] <==== ATTENTION
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\j4l194wh.default-release-1 [not found] <==== ATTENTION
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5lbax33j.default-release [not found] <==== ATTENTION
FF DefaultProfile: imtd495u.default
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\imtd495u.default [2022-12-11]
FF DownloadDir: C:\Users\Admin\Desktop\stažené soubory
FF Homepage: Mozilla\Firefox\Profiles\imtd495u.default -> hxxps://www.seznam.cz/
FF NetworkProxy: Mozilla\Firefox\Profiles\imtd495u.default -> no_proxies_on", "192.168.0.1"
FF Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\imtd495u.default\Extensions\firefox@ghostery.com.xpi [2022-07-18]
FF Extension: (To Google Translate) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\imtd495u.default\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2021-07-21]
FF Extension: (uBlock Origin) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\imtd495u.default\Extensions\uBlock0@raymondhill.net.xpi [2022-10-30]
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\gdtmth1s.default-release-3 [2022-10-30]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Inc.)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8552856 2022-11-23] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [596888 2022-11-23] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [596888 2022-11-23] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-31] (Avast Software s.r.o. -> AVAST Software)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1185616 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [31376 2022-11-23] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [229720 2022-11-23] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [391264 2022-11-23] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [297832 2022-11-23] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [95960 2022-11-23] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [39648 2022-11-23] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [268480 2022-11-23] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [105760 2022-11-23] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [80384 2022-11-23] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [852000 2022-11-23] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [688336 2022-11-23] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [210632 2022-11-23] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [318464 2022-11-23] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech -> Logitech Inc.)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [381608 2015-06-06] (Disc Soft Ltd -> Duplex Secure Ltd.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-11 10:18 - 2022-12-11 10:19 - 000013524 _____ C:\Users\Admin\Desktop\FRST.txt
2022-12-11 10:18 - 2022-12-11 10:19 - 000000000 ____D C:\FRST
2022-12-11 10:17 - 2022-12-11 10:17 - 002375680 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2022-12-03 21:32 - 2022-12-03 21:32 - 000001749 _____ C:\Users\Robin\Desktop\Age of Wonders III.lnk
2022-12-02 16:52 - 2022-12-02 16:52 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2022-12-01 16:15 - 2022-12-04 08:32 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-11-23 15:43 - 2022-11-23 15:43 - 000273816 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2022-11-23 15:43 - 2022-11-23 15:43 - 000210632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-11 10:18 - 2016-12-14 20:22 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Mozilla
2022-12-11 10:17 - 2021-08-11 17:25 - 000000000 ____D C:\Users\Robin\AppData\LocalLow\Mozilla
2022-12-11 08:56 - 2022-10-30 08:56 - 000003356 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2022-12-11 08:56 - 2022-10-30 08:56 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2022-12-11 08:56 - 2015-12-21 11:50 - 000000000 ____D C:\Program Files\CCleaner
2022-12-11 08:46 - 2009-07-14 05:45 - 000028336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2022-12-11 08:46 - 2009-07-14 05:45 - 000028336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2022-12-11 08:28 - 2021-06-01 14:20 - 000000000 ____D C:\Users\Robin\AppData\Local\Avast Software
2022-12-11 08:02 - 2010-11-21 10:27 - 000670334 _____ C:\Windows\system32\perfh005.dat
2022-12-11 08:02 - 2010-11-21 10:27 - 000141946 _____ C:\Windows\system32\perfc005.dat
2022-12-11 08:02 - 2009-07-14 06:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2022-12-11 08:02 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2022-12-11 07:58 - 2017-12-16 13:21 - 000000000 ____D C:\ProgramData\AVAST Software
2022-12-11 07:58 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-12-10 23:01 - 2022-10-30 08:56 - 000002806 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Admin
2022-12-10 23:01 - 2021-07-20 13:55 - 000003244 _____ C:\Windows\system32\Tasks\SidebarExecute
2022-12-10 23:01 - 2019-07-12 07:22 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2022-12-10 23:01 - 2017-12-06 16:11 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2022-12-10 23:01 - 2015-05-18 20:16 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2022-12-10 21:16 - 2019-03-24 10:35 - 000000000 ____D C:\Users\Robin\AppData\Local\CrashDumps
2022-12-10 20:23 - 2020-12-19 11:19 - 000087552 _____ C:\Users\Robin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2022-12-06 22:10 - 2021-03-07 18:27 - 000000000 ____D C:\Users\Robin\AppData\Roaming\PhotoScape
2022-12-06 20:00 - 2021-08-02 15:21 - 000000000 ____D C:\Users\Robin\AppData\Roaming\XnConvert
2022-12-04 08:32 - 2014-02-26 16:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-12-04 00:06 - 2014-03-15 22:25 - 000000000 ____D C:\Users\Robin\Documents\My Games
2022-12-03 21:29 - 2014-02-26 18:52 - 000000000 ____D C:\Hry
2022-12-03 11:59 - 2014-03-04 21:31 - 000000000 ____D C:\Program Files (x86)\JDownloader v2.0
2022-12-03 09:20 - 2014-02-26 16:48 - 000000000 ____D C:\ProgramData\Mozilla
2022-11-23 15:43 - 2020-10-16 10:05 - 000268480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2022-11-23 15:43 - 2019-01-14 15:57 - 000391264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2022-11-23 15:43 - 2019-01-06 18:38 - 000297832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2022-11-23 15:43 - 2019-01-06 18:38 - 000095960 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2022-11-23 15:43 - 2019-01-06 18:38 - 000031376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2022-11-23 15:43 - 2018-10-21 06:57 - 000039648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2022-11-23 15:43 - 2017-12-16 13:22 - 000852000 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2022-11-23 15:43 - 2017-12-16 13:22 - 000688336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2022-11-23 15:43 - 2017-12-16 13:22 - 000318464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2022-11-23 15:43 - 2017-12-16 13:22 - 000229720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2022-11-23 15:43 - 2017-12-16 13:22 - 000105760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2022-11-23 15:43 - 2017-12-16 13:22 - 000080384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2022-11-23 15:43 - 2017-08-12 09:16 - 000003910 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2022-11-21 15:35 - 2022-09-11 07:53 - 000000000 ____D C:\Users\Robin\AppData\Roaming\com.adobe.dunamis
2022-11-18 11:00 - 2022-10-14 10:40 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk

==================== Files in the root of some directories ========

2020-12-23 11:21 - 2020-12-23 11:22 - 000000071 _____ () C:\Users\Admin\AppData\Roaming\~SiMPLEX.ini
2021-01-20 19:56 - 2021-01-20 19:56 - 000000003 _____ () C:\Users\Admin\AppData\Local\updater.log
2021-01-20 19:56 - 2021-01-20 19:58 - 000000059 _____ () C:\Users\Admin\AppData\Local\UserProducts.xml

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2022-12-03 13:59
==================== End of FRST.txt ========================



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-12-2022
Ran by Admin (11-12-2022 10:19:25)
Running from C:\Users\Admin\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X64) (2014-02-25 13:28:52)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Admin (S-1-5-21-2485784249-3341709608-829223016-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-2485784249-3341709608-829223016-500 - Administrator - Disabled)
Guest (S-1-5-21-2485784249-3341709608-829223016-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2485784249-3341709608-829223016-1003 - Limited - Enabled)
Robin (S-1-5-21-2485784249-3341709608-829223016-1004 - Limited - Enabled) => C:\Users\Robin

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 22.003.20282 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601032}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Advanced JPEG Compressor 2011 (HKLM-x32\...\Advanced JPEG Compressor_is1) (Version: 2011 - WinSoftMagic Inc.)
Age of Wonders III Collection verze 1.705 (HKLM-x32\...\{701C72A2-9434-482F-9BFE-BF3C467FBCA7}_is1) (Version: 1.705 - )
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Ant Renamer (HKLM-x32\...\Ant Renamer 2_is1) (Version: 2.12.0 - Ant Software)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 22.11.6041 - Avast Software)
CCleaner (HKLM\...\CCleaner) (Version: 6.05 - Piriform)
Craft the World - Abandoned Mines (HKLM-x32\...\1130077526_is1) (Version: 1.9.001_1 - GOG.com)
Craft the World - Bosses & Monsters (HKLM-x32\...\2040933519_is1) (Version: 1.9.001_1 - GOG.com)
Craft The World - Dig with Friends (HKLM-x32\...\1212603702_is1) (Version: 1.9.001_1 - GOG.com)
Craft The World - Grottoes (HKLM-x32\...\1278271221_is1) (Version: 1.9.001_1 - GOG.com)
Craft the World - Heart of Evil (HKLM-x32\...\1830909639_is1) (Version: 1.9.001_1 - GOG.com)
Craft The World - Heroes (HKLM-x32\...\1877675332_is1) (Version: 1.9.001_1 - GOG.com)
Craft The World - Lonely Mountain (HKLM-x32\...\2088154398_is1) (Version: 1.9.001_1 - GOG.com)
Craft The World - Sisters in Arms (HKLM-x32\...\1604919931_is1) (Version: 1.9.001_1 - GOG.com)
Craft The World - Temples of 4 Elements (HKLM-x32\...\2099273954_is1) (Version: 1.9.001_1 - GOG.com)
Craft The World (HKLM-x32\...\1443622961_is1) (Version: 1.9.001_1 - GOG.com)
Darkest Dungeon Ancestral Edition (HKLM-x32\...\Darkest Dungeon Ancestral Edition_is1) (Version: - )
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Divinity: Original Sin 2 - Definitive Edition (HKLM-x32\...\1584823040_is1) (Version: 3.6.117.3735 - GOG.com)
Divinity: Original Sin 2 - Sir Lora (HKLM-x32\...\1326441817_is1) (Version: 3.6.117.3735 - GOG.com)
Fallout3_CZ_1.0.0.15_patch (HKU\S-1-5-21-2485784249-3341709608-829223016-1004\...\{A403D710-B87F-11DD-6784-0F41E62818BE}) (Version: 1.0.0.15 - Cenega Czech)
FormatFactory 3.3.1.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.1.0 - Format Factory)
Graveyard Keeper Better Save Soul (HKLM-x32\...\Graveyard Keeper Better Save Soul_is1) (Version: - )
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
LAV Filters 0.75.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.75.1 - Hendrik Leppkes)
Logitech Gaming Software (HKLM\...\{690285C2-2481-44FB-8402-162EA970A6DD}) (Version: 8.30.28 - Logitech Inc.) Hidden
Logitech Gaming Software 8.57 (HKLM\...\Logitech Gaming Software) (Version: 8.57.145 - Logitech Inc.)
Microsoft .NET Core Host - 3.1.31 (x64) (HKLM\...\{97ECD882-397F-4825-B7FB-1B9DF76B7DD9}) (Version: 24.124.31813 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.31 (x64) (HKLM\...\{4CF84AED-891D-4ECD-93FB-94B58A43F454}) (Version: 24.124.31813 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.31 (x64) (HKLM\...\{337A821B-2ED5-42BC-8699-238B600CBB73}) (Version: 24.124.31813 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 (CSY) (HKLM\...\{39DC4515-B8C1-3AD9-AA88-D7C8A333612F}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{16735AF7-1D8D-3681-94A5-C578A61EC832}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
Microsoft Office Access MUI (Czech) 2007 (HKLM-x32\...\{90120000-0015-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Excel MUI (Czech) 2007 (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (Czech) 2007 (HKLM-x32\...\{90120000-00BA-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2007 (HKLM-x32\...\{90120000-0044-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (HKLM\...\{90120000-002A-0000-1000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2007 (HKLM-x32\...\{90120000-00A1-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2007 (HKLM-x32\...\{90120000-001A-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2007 (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Czech) 2007 (HKLM-x32\...\{90120000-001F-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2007 (HKLM-x32\...\{90120000-001F-041B-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2007 (HKLM-x32\...\{90120000-002C-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}) (Version: - Microsoft) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}) (Version: - Microsoft) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version: - Microsoft) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}) (Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (Czech) 2007 (HKLM-x32\...\{90120000-0019-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2007 (HKLM\...\{90120000-002A-0405-1000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2007 (HKLM-x32\...\{90120000-006E-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2007 (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{659502b7-dea8-4adc-99c4-64f141a83c2d}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30037 (HKLM-x32\...\{4b2f3795-f407-415e-88d5-8c8ab322909d}) (Version: 14.29.30037.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 x86 Additional Runtime - 14.14.26429 (HKLM-x32\...\{6F0267F3-7467-350D-A8C8-33B72E3658D8}) (Version: 14.14.26429 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.14.26429 (HKLM-x32\...\{7753EC39-3039-3629-98BE-447C5D869C09}) (Version: 14.14.26429 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30037 (HKLM\...\{529D20E8-132A-4F1A-A25F-9211B8C943AC}) (Version: 14.29.30037 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30037 (HKLM\...\{C874FB5A-1C85-460A-A4A9-CBCC3FAE7880}) (Version: 14.29.30037 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.31 (x64) (HKLM\...\{F3479C10-2CEA-4C17-8C49-5AD92965254D}) (Version: 24.124.31813 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.31 (x64) (HKLM-x32\...\{2c0fd312-a570-439d-8831-42fe66080acc}) (Version: 3.1.31.31813 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 107.0.1 (x64 cs)) (Version: 107.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 89.0.2 - Mozilla)
Mozilla Thunderbird (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 91.13.1 (x86 cs)) (Version: 91.13.1 - Mozilla)
nGlide 1.05 (HKLM-x32\...\nGlide) (Version: 1.05 - Zeus Software)
NVIDIA Ovladač 3D Vision 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.13.7500 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Paradox Launcher v2 (HKLM\...\{A92DB5D9-A24D-4678-9F91-B4FA6D895718}) (Version: 2.0.4.0 - Paradox Interactive)
PatchCleaner (HKLM-x32\...\{727DA176-50BB-452C-8DB5-96EE0A573ED4}) (Version: 1.4.20 - HomeDev)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.2.0 - pdfforge GmbH)
PhotoImpact X3 (HKLM-x32\...\InstallShield_{15803703-25FA-4C01-A062-3F4A59937E87}) (Version: 13.0 - Corel)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
PotPlayer (HKLM-x32\...\PotPlayer) (Version: 221102 - Kakao Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Shareaza 2.7.10.2 (HKLM\...\Shareaza_is1) (Version: 2.7.10.2 - Shareaza Development Team)
SlimDX Runtime .NET 4.0 x86 (January 2012) (HKLM-x32\...\{7EBD0E43-6AC0-4CA8-9990-00E50069AD29}) (Version: 2.0.13.43 - SlimDX Group)
Spellcross (DOSBox 0.74 emulace) (HKLM-x32\...\Spellcross (DOSBox 0.74 emulace)) (Version: - )
Stellaris Aquatics Species Pack (HKLM-x32\...\Stellaris Aquatics Species Pack_is1) (Version: - )
The Witcher 3 - Wild Hunt - Game of the Year Edition (HKLM-x32\...\1495134320_is1) (Version: 1.30.0.0 - GOG.com)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.00 - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
XnConvert 1.92.0 (HKLM\...\XnConvert_is1) (Version: 1.92.0 - Gougelet Pierre-e)
XnView 2.13 (HKLM-x32\...\XnView_is1) (Version: 2.13 - Gougelet Pierre-e)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2485784249-3341709608-829223016-1004_Classes\CLSID\{04CC76C7-1ED7-4CAE-9762-B8664ED008ED}\localserver32 -> C:\Program Files\Shareaza\MediaImageServices.exe (Shareaza Development Team) [File not signed]
CustomCLSID: HKU\S-1-5-21-2485784249-3341709608-829223016-1004_Classes\CLSID\{0EEA2A0F-AD1F-4555-9827-0DD9335611A4}\localserver32 -> C:\Program Files\Shareaza\WindowsThumbnail.exe (Shareaza Development Team) [File not signed]
CustomCLSID: HKU\S-1-5-21-2485784249-3341709608-829223016-1004_Classes\CLSID\{0F74BA53-C842-4CB5-B388-DD5663F62479}\InprocServer32 -> C:\Program Files\Shareaza\Preview.dll (Shareaza Development Team) [File not signed]
CustomCLSID: HKU\S-1-5-21-2485784249-3341709608-829223016-1004_Classes\CLSID\{18D11ED9-1264-48A1-9E14-20F2C633242B}\localserver32 -> C:\Program Files\Shareaza\Shareaza.exe (Shareaza Development Team) [File not signed]
CustomCLSID: HKU\S-1-5-21-2485784249-3341709608-829223016-1004_Classes\CLSID\{2EE9D739-7726-41cf-8F18-4B1B8763BC63}\InprocServer32 -> C:\Program Files\Shareaza\ImageViewer.dll (Shareaza Development Team) [File not signed]
CustomCLSID: HKU\S-1-5-21-2485784249-3341709608-829223016-1004_Classes\CLSID\{2F74AA28-2498-4805-911A-04C39858D529}\InprocServer32 -> C:\Program Files\Shareaza\ZIPBuilder.dll (Shareaza Development Team) [File not signed]
CustomCLSID: HKU\S-1-5-21-2485784249-3341709608-829223016-1004_Classes\CLSID\{30FC662A-D72A-4F79-B63A-ACD4FBFE68A3}\localserver32 -> C:\Program Files\Shareaza\Shareaza.exe (Shareaza Development Team) [File not signed]
CustomCLSID: HKU\S-1-5-21-2485784249-3341709608-829223016-1004_Classes\CLSID\{34791E02-51DC-4CF4-9E34-018166D91D0E}\localserver32 -> C:\Program Files\Shareaza\Shareaza.exe (Shareaza Development Team) [File not signed]
CustomCLSID: HKU\S-1-5-21-2485784249-3341709608-829223016-1004_Classes\CLSID\{3DC28AA6-A597-4E03-96DF-ADA19155B0BE}\localserver32 -> C:\Program Files\Shareaza\MediaPlayer.exe (Shareaza Development Team) [File not signed]
CustomCLSID: HKU\S-1-5-21-2485784249-3341709608-829223016-1004_Classes\CLSID\{570C197C-FE9C-4D1F-B6E0-EFA44D36399F}\localserver32 -> C:\Program Files\Shareaza\MediaLibraryBuilder.exe (Shareaza Development Team) [File not signed]
CustomCLSID: HKU\S-1-5-21-2485784249-3341709608-829223016-1004_Classes\CLSID\{61700EEC-D5D3-4793-BD1F-514896D67F44}\InprocServer32 -> C:\Program Files\Shareaza\RatDVDReader.dll (Shareaza Development Team) [File not signed]
CustomCLSID: HKU\S-1-5-21-2485784249-3341709608-829223016-1004_Classes\CLSID\{6C9E61BE-E58F-4AE1-A304-6FF1D183804C}\InprocServer32 -> C:\Program Files\Shareaza\GFLLibraryBuilder.dll (Shareaza Development Team) [File not signed]
CustomCLSID: HKU\S-1-5-21-2485784249-3341709608-829223016-1004_Classes\CLSID\{76F13243-9F62-4241-AC07-3B359BBE4EC5}\InprocServer32 -> C:\Program Files\Shareaza\VirusTotal.dll (Shareaza Development Team) [File not signed]
CustomCLSID: HKU\S-1-5-21-2485784249-3341709608-829223016-1004_Classes\CLSID\{76F13243-9F62-4241-AC07-3B359BBE4EC6}\InprocServer32 -> C:\Program Files\Shareaza\ShortURL.dll (Shareaza Development Team) [File not signed]
CustomCLSID: HKU\S-1-5-21-2485784249-3341709608-829223016-1004_Classes\CLSID\{A4F1E383-B493-4580-8DB6-5CC89CBAAC53}\InprocServer32 -> C:\Program Files\Shareaza\SkinScanSKS.dll (Shareaza Development Team) [File not signed]
CustomCLSID: HKU\S-1-5-21-2485784249-3341709608-829223016-1004_Classes\CLSID\{B69F80CD-FB15-45E8-B359-92A41CC571A7}\InprocServer32 -> C:\Program Files\Shareaza\7ZipBuilder.dll (Shareaza Development Team) [File not signed]
CustomCLSID: HKU\S-1-5-21-2485784249-3341709608-829223016-1004_Classes\CLSID\{B978F591-5137-4612-873A-DC2081BAD6CD}\InprocServer32 -> C:\Program Files\Shareaza\SWFPlugin.dll (Shareaza Development Team) [File not signed]
CustomCLSID: HKU\S-1-5-21-2485784249-3341709608-829223016-1004_Classes\CLSID\{D73ABD28-3A2A-4E36-AD6F-2AA8F011FBE3}\localserver32 -> C:\Program Files\Shareaza\Shareaza.exe (Shareaza Development Team) [File not signed]
CustomCLSID: HKU\S-1-5-21-2485784249-3341709608-829223016-1004_Classes\CLSID\{E1A67AE5-7041-4AE1-94F7-DE03EF759E27}\localserver32 -> C:\Program Files\Shareaza\Shareaza.exe (Shareaza Development Team) [File not signed]
CustomCLSID: HKU\S-1-5-21-2485784249-3341709608-829223016-1004_Classes\CLSID\{E9B2EF9B-4A0C-451E-801F-257861B87FAD}\localserver32 -> C:\Program Files\Shareaza\Shareaza.exe (Shareaza Development Team) [File not signed]
CustomCLSID: HKU\S-1-5-21-2485784249-3341709608-829223016-1004_Classes\CLSID\{E9F51B1E-DB0F-4EEE-9B36-46151994C715}\InprocServer32 -> C:\Program Files\Shareaza\DocumentReader.dll (Shareaza Development Team) [File not signed]
CustomCLSID: HKU\S-1-5-21-2485784249-3341709608-829223016-1004_Classes\CLSID\{F801DAD7-F08D-48EF-B0DF-6B120377E835}\InprocServer32 -> C:\Program Files\Shareaza\RARBuilder.dll (Shareaza Development Team) [File not signed]
CustomCLSID: HKU\S-1-5-21-2485784249-3341709608-829223016-1004_Classes\CLSID\{FC4D8F69-0B18-49BB-8AB7-87EB77AA1A9D}\InprocServer32 -> C:\Program Files\Shareaza\SWFPlugin.dll (Shareaza Development Team) [File not signed]
CustomCLSID: HKU\S-1-5-21-2485784249-3341709608-829223016-1004_Classes\CLSID\{FF5FCD00-2C20-49D8-84F6-888D2E2C95DA}\InprocServer32 -> C:\Program Files\Shareaza\GFLImageServices.dll (Shareaza Development Team) [File not signed]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-11-23] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-11-23] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1-x32: [AJC] -> {5071CDA5-D3E1-11D5-BFC0-005004A71005} => C:\Program Files (x86)\Advanced JPEG Compressor\ContextMenuExt.dll [2001-11-22] () [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-11-23] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-11-23] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2022-11-23] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [71680 2013-02-26] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2013-02-26] (Beepa P/L) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2003-03-18 22:23 - 2003-03-18 22:23 - 000024576 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\1029\mdmui.dll
2021-11-10 23:55 - 2021-11-10 23:55 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2022-12-11 07:58 - 2022-12-11 07:58 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\defs\22121100\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2021-11-10 23:55 - 2021-11-10 23:55 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2022-12-11 07:58 - 2022-12-11 07:58 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22121100\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2021-11-10 23:55 - 2021-11-10 23:55 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2022-12-11 07:58 - 2022-12-11 07:58 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\defs\22121100\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2021-11-10 23:55 - 2021-11-10 23:55 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2022-12-11 07:58 - 2022-12-11 07:58 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll] C:\Program Files\AVAST Software\Avast\defs\22121100\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2021-11-10 23:55 - 2021-11-10 23:55 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2022-12-11 07:58 - 2022-12-11 07:58 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\defs\22121100\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2021-11-10 23:55 - 2021-11-10 23:55 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2022-12-11 07:58 - 2022-12-11 07:58 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22121100\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2021-11-10 23:55 - 2021-11-10 23:55 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2022-12-11 07:58 - 2022-12-11 07:58 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22121100\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2022-12-11 07:58 - 2022-12-11 07:58 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22121100\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll
2022-12-11 07:58 - 2022-12-11 07:58 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22121100\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll
2021-11-10 23:55 - 2021-11-10 23:55 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2022-12-11 07:58 - 2022-12-11 07:58 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22121100\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2022-12-11 07:58 - 2022-12-11 07:58 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22121100\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll
2022-12-11 07:58 - 2022-12-11 07:58 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22121100\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll
2022-12-11 07:58 - 2022-12-11 07:58 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22121100\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll
2021-11-10 23:55 - 2021-11-10 23:55 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2022-12-11 07:58 - 2022-12-11 07:58 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22121100\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2021-11-10 23:55 - 2021-11-10 23:55 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2022-12-11 07:58 - 2022-12-11 07:58 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22121100\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2021-11-10 23:55 - 2021-11-10 23:55 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2022-12-11 07:58 - 2022-12-11 07:58 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22121100\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2022-12-11 07:58 - 2022-12-11 07:58 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22121100\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll
2022-12-11 07:58 - 2022-12-11 07:58 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\defs\22121100\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll
2022-12-11 07:58 - 2022-12-11 07:58 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\msvcp140.dll] C:\Program Files\AVAST Software\Avast\defs\22121100\avast.local_vc142.crt\MSVCP140.dll
2021-11-10 23:55 - 2021-11-10 23:55 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\ucrtbase.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\ucrtbase.DLL
2022-12-11 07:58 - 2022-12-11 07:58 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\ucrtbase.dll] C:\Program Files\AVAST Software\Avast\defs\22121100\avast.local_vc142.crt\ucrtbase.DLL
2021-11-10 23:55 - 2021-11-10 23:55 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\vcruntime140.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\VCRUNTIME140.dll
2022-12-11 07:58 - 2022-12-11 07:58 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\vcruntime140.dll] C:\Program Files\AVAST Software\Avast\defs\22121100\avast.local_vc142.crt\VCRUNTIME140.dll
2022-12-11 07:58 - 2022-12-11 07:58 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\vcruntime140_1.dll] C:\Program Files\AVAST Software\Avast\defs\22121100\avast.local_vc142.crt\VCRUNTIME140_1.dll
2018-04-13 19:06 - 2018-04-13 19:06 - 000117248 _____ (pdfforge GmbH) [File not signed] C:\Windows\System32\pdfcmon.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Admin\Downloads:Shareaza.GUID [16]
AlternateDataStreams: C:\Users\Robin\Downloads:Shareaza.GUID [16]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 11) (Whitelisted) ==========

HKU\S-1-5-21-2485784249-3341709608-829223016-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://nmd.msn.com
HKU\S-1-5-21-2485784249-3341709608-829223016-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://nmd.msn.com
HKU\S-1-5-21-2485784249-3341709608-829223016-1004\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.triline.cz
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2019-06-13 08:16 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files\dotnet\
HKU\S-1-5-21-2485784249-3341709608-829223016-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2485784249-3341709608-829223016-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: Disc Soft Lite Bus Service => 3

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [VirtualPC-In-UDP-1] => (Allow) C:\Windows\System32\vpc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) C:\Windows\System32\vpc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) C:\Windows\System32\vpc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{B49E75B1-A3B8-44ED-AE11-B46785FD2E67}] => (Allow) C:\Windows\System32\vpc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{EDE61EF5-D8FF-4FAE-B94D-C935A3344EB1}] => (Allow) C:\Windows\System32\vpc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{0A6187EB-8DC1-4C89-88D9-3E9928F6940F}] => (Allow) C:\Windows\System32\vpc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{04FBBF19-723A-49A9-AAAE-FA93DA9005C4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{74B21F8B-7609-4F49-9022-9B9197B09F4C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A5991C55-B6A8-460F-B8E7-E41EF986D8D0}] => (Block) C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech -> Logitech Inc.)
FirewallRules: [{D37F2FA0-711E-4A01-BD05-8DCD73EC9E95}] => (Block) C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech -> Logitech Inc.)
FirewallRules: [TCP Query User{24316309-A1F6-468B-B10A-EEB36BCC0F08}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{78ED4724-0F7A-4A6F-8FE4-0DAB928BD5F0}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{29CC7501-9030-44DC-B16D-E5266489C60F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EA322048-9FB3-4A42-B9AC-99A91E28237E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D7896EF1-9C27-4124-96F8-39635717B3FF}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech -> Logitech Inc.)
FirewallRules: [{46CF13F4-2BD8-4081-8F97-BF13859745E3}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech -> Logitech Inc.)
FirewallRules: [{9FC710FC-3CBA-41DA-ADB2-950EF7C0FE2B}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech -> Logitech Inc.)
FirewallRules: [{5C8CD737-8AF7-4D9D-AA37-F09E661E52E6}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech -> Logitech Inc.)
FirewallRules: [TCP Query User{3D336B23-9B4C-4844-B932-F44616F083E1}C:\program files (x86)\jdownloader v2.0\jdownloader2.exe] => (Allow) C:\program files (x86)\jdownloader v2.0\jdownloader2.exe (AppWork GmbH -> AppWork GmbH)
FirewallRules: [UDP Query User{D23197A2-1D5F-4111-94A0-91826E46E1F3}C:\program files (x86)\jdownloader v2.0\jdownloader2.exe] => (Allow) C:\program files (x86)\jdownloader v2.0\jdownloader2.exe (AppWork GmbH -> AppWork GmbH)
FirewallRules: [{9CEAC37D-CBD9-4A1C-A0F1-2D04EBF1CA17}] => (Block) C:\Program Files\Shareaza\Shareaza.exe (Shareaza Development Team) [File not signed]
FirewallRules: [{F82FC33E-8CD6-4738-AC2B-3F2986F9AB82}] => (Block) C:\Program Files\Shareaza\Shareaza.exe (Shareaza Development Team) [File not signed]
FirewallRules: [TCP Query User{1EF79CD8-B7D3-4D2B-A4EA-3612AE214118}C:\program files\shareaza\shareaza.exe] => (Allow) C:\program files\shareaza\shareaza.exe (Shareaza Development Team) [File not signed]
FirewallRules: [UDP Query User{94A7B34A-6184-4880-85D4-B0DE38B56AEF}C:\program files\shareaza\shareaza.exe] => (Allow) C:\program files\shareaza\shareaza.exe (Shareaza Development Team) [File not signed]
FirewallRules: [{1161AF83-5E82-456F-8406-87B5BAA6DD94}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{E5FFACE2-9173-44C0-AAE3-1FFE76909B26}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{8EEF0D6F-BE5D-4989-9D51-D7F6033C86CD}E:\hry\divinity - original sin 2\defed\bin\eocapp.exe] => (Block) E:\hry\divinity - original sin 2\defed\bin\eocapp.exe (Larian Studios Games Ltd. -> )
FirewallRules: [UDP Query User{887B7B99-81D4-4F09-A247-D257FE616B0B}E:\hry\divinity - original sin 2\defed\bin\eocapp.exe] => (Block) E:\hry\divinity - original sin 2\defed\bin\eocapp.exe (Larian Studios Games Ltd. -> )
FirewallRules: [TCP Query User{0B830085-D986-48F2-A5BD-5B0D6DD4A705}C:\hry\age of wonders iii collection\aow3.exe] => (Block) C:\hry\age of wonders iii collection\aow3.exe () [File not signed]
FirewallRules: [UDP Query User{A23A78C3-7EDC-4E1E-86AF-18CB1D3EF6E1}C:\hry\age of wonders iii collection\aow3.exe] => (Block) C:\hry\age of wonders iii collection\aow3.exe () [File not signed]

==================== Restore Points =========================

11-12-2022 10:06:28 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/11/2022 07:58:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/10/2022 09:16:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AoW3.exe, verze: 0.0.0.0, časové razítko: 0x5ab24ee6
Název chybujícího modulu: AoW3.exe, verze: 0.0.0.0, časové razítko: 0x5ab24ee6
Kód výjimky: 0xc0000005
Posun chyby: 0x000e056c
ID chybujícího procesu: 0xbfc
Čas spuštění chybující aplikace: 0x01d90cd3f6343ccb
Cesta k chybující aplikaci: C:\Hry\Age of Wonders III Collection\AoW3.exe
Cesta k chybujícímu modulu: C:\Hry\Age of Wonders III Collection\AoW3.exe
ID zprávy: 884829af-78c7-11ed-9df2-d43d7effa8c6

Error: (12/10/2022 09:13:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AoW3.exe, verze: 0.0.0.0, časové razítko: 0x5ab24ee6
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.24545, časové razítko: 0x5e0eb751
Kód výjimky: 0xc0000374
Posun chyby: 0x000ceaeb
ID chybujícího procesu: 0x17a0
Čas spuštění chybující aplikace: 0x01d90cd3addb3f91
Cesta k chybující aplikaci: C:\Hry\Age of Wonders III Collection\AoW3.exe
Cesta k chybujícímu modulu: C:\Windows\SysWOW64\ntdll.dll
ID zprávy: 27bfd8b0-78c7-11ed-9df2-d43d7effa8c6

Error: (12/09/2022 10:08:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AoW3.exe, verze: 0.0.0.0, časové razítko: 0x5ab24ee6
Název chybujícího modulu: MSVCR100.dll, verze: 10.0.40219.1, časové razítko: 0x4d5f0c22
Kód výjimky: 0xc0000005
Posun chyby: 0x000101d0
ID chybujícího procesu: 0x13d0
Čas spuštění chybující aplikace: 0x01d90bf94cde1d61
Cesta k chybující aplikaci: C:\Hry\Age of Wonders III Collection\AoW3.exe
Cesta k chybujícímu modulu: C:\Hry\Age of Wonders III Collection\MSVCR100.dll
ID zprávy: 9e914634-7805-11ed-9df2-d43d7effa8c6

Error: (12/09/2022 03:30:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/08/2022 03:24:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/07/2022 03:04:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/06/2022 03:31:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (12/11/2022 10:21:48 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/11/2022 07:58:02 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom

Error: (12/09/2022 03:30:08 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom

Error: (12/08/2022 03:24:26 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom

Error: (12/07/2022 05:13:44 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby lmhosts bylo dosaženo časového limitu (30000 ms).

Error: (12/07/2022 03:04:31 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom

Error: (12/06/2022 03:31:20 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom

Error: (12/05/2022 03:47:11 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom


==================== Memory info ===========================

BIOS: American Megatrends Inc. V1.1 01/20/2014
Motherboard: MSI H81M-P33 (MS-7817)
Processor: Intel(R) Core(TM) i3-4330 CPU @ 3.50GHz
Percentage of memory in use: 40%
Total physical RAM: 8136.02 MB
Available physical RAM: 4820.77 MB
Total Virtual: 13134.16 MB
Available Virtual: 9811.92 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:103 GB) (Free:21.99 GB) (Model: KINGSTON KINGSTON SV300S3 SCSI Disk Device) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (Data) (Fixed) (Total:931.51 GB) (Free:3.31 GB) (Model: ST1000DM ST1000DM003-1CH1 SCSI Disk Device) NTFS
Drive f: (Filmy) (Fixed) (Total:1863.01 GB) (Free:50.09 GB) (Model: WDC WD20EZRX-00D8PB0 SCSI Disk Device) NTFS

\\?\Volume{4e7be4a2-9b09-11e3-b7a6-d43d7effa8c6}\ (WinRE-ATC) (Fixed) (Total:8.79 GB) (Free:1.93 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 5A4EEB50)
Partition 1: (Active) - (Size=103 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=8.8 GB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 795381E7)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 45DB875B)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================
Vyrostl jsem v tak chudé rodině, že kdybych se nenarodil jako chlapeček, tak bych si neměl s čím hrát.

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15197
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: preventivka

#2 Příspěvek od JaRon »

ahoj,
citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>

Kód: Vybrat vše

Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {143F148D-D37A-4306-B62A-FD65B5C85C9C} - System32\Tasks\AdobeAAMUpdater-1.0-triline-Admin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled (No File)
Task: {32497A94-DF03-4A04-996E-5FDD5F981B63} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe Scan -ScheduleJob -RestrictPrivileges (No File)
Task: {8E6760C5-778C-4C28-BEEC-4118D5F2BD7A} - System32\Tasks\JumpingBytes\PureSyncElvAdmin => C:\Program Files (x86)\Jumping Bytes\PureSync\PureSyncHelper.exe exit (No File)
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ecbl4qpk.default-release-2 [not found] <==== ATTENTION
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\j4l194wh.default-release-1 [not found] <==== ATTENTION
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5lbax33j.default-release [not found] <==== ATTENTION
AlternateDataStreams: C:\Users\Admin\Downloads:Shareaza.GUID [16]
AlternateDataStreams: C:\Users\Robin\Downloads:Shareaza.GUID [16]



EmptyTemp:
Reboot:
End
•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST

:arrow: Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt

:arrow: Restart PC a dejte mi sem fixlog.txt
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Uživatelský avatar
BacilX
Návštěvník
Návštěvník
Příspěvky: 65
Registrován: 19 zář 2007 11:12

Re: preventivka

#3 Příspěvek od BacilX »

Fix result of Farbar Recovery Scan Tool (x64) Version: 11-12-2022
Ran by Admin (12-12-2022 23:18:38) Run:1
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin & Robin
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {143F148D-D37A-4306-B62A-FD65B5C85C9C} - System32\Tasks\AdobeAAMUpdater-1.0-triline-Admin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled (No File)
Task: {32497A94-DF03-4A04-996E-5FDD5F981B63} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe Scan -ScheduleJob -RestrictPrivileges (No File)
Task: {8E6760C5-778C-4C28-BEEC-4118D5F2BD7A} - System32\Tasks\JumpingBytes\PureSyncElvAdmin => C:\Program Files (x86)\Jumping Bytes\PureSync\PureSyncHelper.exe exit (No File)
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ecbl4qpk.default-release-2 [not found] <==== ATTENTION
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\j4l194wh.default-release-1 [not found] <==== ATTENTION
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5lbax33j.default-release [not found] <==== ATTENTION
AlternateDataStreams: C:\Users\Admin\Downloads:Shareaza.GUID [16]
AlternateDataStreams: C:\Users\Robin\Downloads:Shareaza.GUID [16]



EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{143F148D-D37A-4306-B62A-FD65B5C85C9C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{143F148D-D37A-4306-B62A-FD65B5C85C9C}" => removed successfully
C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-triline-Admin => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeAAMUpdater-1.0-triline-Admin" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{32497A94-DF03-4A04-996E-5FDD5F981B63}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{32497A94-DF03-4A04-996E-5FDD5F981B63}" => removed successfully
C:\Windows\System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8E6760C5-778C-4C28-BEEC-4118D5F2BD7A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8E6760C5-778C-4C28-BEEC-4118D5F2BD7A}" => removed successfully
C:\Windows\System32\Tasks\JumpingBytes\PureSyncElvAdmin => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\JumpingBytes\PureSyncElvAdmin" => removed successfully
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ecbl4qpk.default-release-2 => path removed successfully
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\j4l194wh.default-release-1 => path removed successfully
C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\5lbax33j.default-release => path removed successfully
C:\Users\Admin\Downloads => ":Shareaza.GUID" ADS could not remove.
C:\Users\Robin\Downloads => ":Shareaza.GUID" ADS could not remove.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 2962205 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => -77000908 B
Edge => 0 B
Firefox => 125101788 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 979955 B
LocalService => 979955 B
NetworkService => 979955 B
UpdatusUser => 979955 B
Admin => 4663390 B
Robin => 16335389 B

RecycleBin => 0 B
EmptyTemp: => 145.9 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 23:18:44 ====
Vyrostl jsem v tak chudé rodině, že kdybych se nenarodil jako chlapeček, tak bych si neměl s čím hrát.

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15197
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: preventivka

#4 Příspěvek od JaRon »

ak nie su problemy, hotovo :)
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Uživatelský avatar
BacilX
Návštěvník
Návštěvník
Příspěvky: 65
Registrován: 19 zář 2007 11:12

Re: preventivka

#5 Příspěvek od BacilX »

byla to jen preventivka, takže díky
Vyrostl jsem v tak chudé rodině, že kdybych se nenarodil jako chlapeček, tak bych si neměl s čím hrát.

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15197
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: preventivka

#6 Příspěvek od JaRon »

za malo :)
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Zamčeno