Dobrý deň,
prosím o preventívnu kontrolu na malware a víru
vopred ďakujem
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-12-2022
Ran by vmvla (administrator) on DESKTOP-VIJ0913 (Acer Nitro N50-620) (15-12-2022 11:37:23)
Running from C:\Users\vmvla\Desktop
Loaded Profiles: vmvla
Platform: Microsoft Windows 10 Home Version 21H2 19044.2251 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> AVAST Software) E:\avast\AvastUI.exe <4>
(Discord Inc. -> Discord Inc.) C:\Users\vmvla\AppData\Local\Discord\app-1.0.9008\Discord.exe <6>
(E:\avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) E:\avast\aswEngSrv.exe
(E:\steam\steam.exe ->) (Valve Corp. -> Valve Corporation) E:\steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <17>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Valve Corp. -> Valve Corporation) E:\steam\steam.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) E:\ccleaner\CCleaner64.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) E:\avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) E:\avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) E:\avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) E:\avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) E:\avast\wsc_proxy.exe
(services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) E:\origin\OriginWebHelperService.exe
(services.exe ->) (GoTrustID Inc -> GOTrustID Inc.) C:\Program Files\GoTrust ID Plugin\Bridge_Service.exe
(services.exe ->) (GOTrustID Inc.) [File not signed] C:\Program Files\GoTrust ID Plugin\GoTrust ID Plugin\GTFidoService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_68966115f2eef4e5\RstMwService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvae.inf_amd64_fdabed922efb6704\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3326348feda52885\RtkAudUService64.exe <2>
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22092.214.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_3326348feda52885\RtkAudUService64.exe [1232240 2021-01-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => E:\avast\AvLaunch.exe [215960 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3987471142-46148360-586981681-1001\...\Run: [Steam] => E:\steam\steam.exe [4245352 2022-12-01] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3987471142-46148360-586981681-1001\...\Run: [CCleaner Smart Cleaning] => E:\ccleaner\CCleaner64.exe [38650192 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3987471142-46148360-586981681-1001\...\Run: [EADM] => E:\origin\Origin.exe [3149608 2022-11-09] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-3987471142-46148360-586981681-1001\...\Run: [Discord] => C:\Users\vmvla\AppData\Local\Discord\Update.exe [1512616 2022-02-17] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3987471142-46148360-586981681-1001\...\Run: [MicrosoftEdgeAutoLaunch_984A42A6A5541654F1B7651BF0841622] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3877280 2022-12-08] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\108.0.19614.101\Installer\chrmstp.exe [2022-12-14] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\108.0.5359.100\Installer\chrmstp.exe [2022-12-14] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0323A2C1-7123-4CE6-9B04-7683A956A0A8} - System32\Tasks\Quick Access => C:\Program Files\Acer\Quick Access Service\QALauncher.exe [446624 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {0F2B7C25-AD51-459C-BD54-082C297F8038} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {1432CE57-D43C-4042-9379-BE24732C7B26} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41632 2021-12-30] (Acer Incorporated -> )
Task: {15A55603-A9AB-4AA5-AA32-156906209ACE} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {171144AD-E37E-4814-A3B7-12D8C56FBC36} - System32\Tasks\GoTrust ID Driver => C:\Program Files\GoTrust ID Plugin\Resource\GO-Trust_ID_Driver.exe [68192 2020-09-08] (GoTrustID Inc -> )
Task: {1CEA9E5B-FC0E-4278-8DF1-BC95D463814A} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3255752 2022-12-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {2708AEAB-2760-4AEC-8340-D8A10D86E32F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144256 2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {29122141-7B65-4B2E-9144-9C6FA44B19C9} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {2B0A9A32-E8E1-43D9-A5CF-0B5F22E9E838} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-05-25] (Avast Software s.r.o. -> Avast Software)
Task: {37493BC7-4301-4420-98DC-ECEF7976C453} - System32\Tasks\CCleaner Update => E:\ccleaner\CCUpdate.exe [684976 2022-11-09] (Piriform Software Ltd -> Piriform)
Task: {3ECC2BB2-21AA-4349-A77C-CE131A78CAB2} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-11-16] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {51E7A044-18EE-472A-AD58-E21644D1D6B0} - System32\Tasks\Avast Emergency Update => E:\avast\AvEmUpdate.exe [4954008 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
Task: {52AF9D38-0245-4E4A-8C08-FEF490A068BA} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649216 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {60D25F72-4A30-4B7C-B445-4EB4D354EE3E} - System32\Tasks\NortonLifeLock Trial Agent V2 => C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NLOKTrialAgentV2.exe /scheduled (No File)
Task: {63EA6428-3CFE-4242-B3B7-24660347CD13} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3255752 2022-12-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {691CBA2C-E380-46AC-AE42-9ADC06C59F34} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-07] (Google LLC -> Google LLC)
Task: {6C094F93-9BE0-4417-B40C-C2B611C10999} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2971808 2021-12-30] (Acer Incorporated -> )
Task: {6CEC9915-8433-4D40-B233-09B1D4B47A74} - System32\Tasks\NitroSense => C:\Program Files\Acer\NitroSense Service\PSLauncher.exe [593448 2020-04-16] (Acer Incorporated -> Acer Incorporated)
Task: {6D7C7D7E-238C-4259-B06F-06F0375F18D5} - System32\Tasks\CCleanerCrashReporting => E:\ccleaner\CCleanerBugReport.exe [4669264 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "E:\ccleaner\LOG" --programpath "E:\ccleaner" --configpath "E:\ccleaner\Setup" --guid "f31c9943-d57e-4fd8-995d-c70d21b2ce34" --version "6.06.10144" --silent
Task: {6F8632D5-A108-49C1-8C6E-0BCD510E8E18} - System32\Tasks\CCleanerSkipUAC - vmvla => E:\ccleaner\CCleaner.exe [32325456 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {78D57903-E551-406F-AD67-A5FEB63B14E2} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {7B825926-70CB-4A21-B0A1-C9628E1EDC26} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3341312 2021-12-09] (Nvidia Corporation -> NVIDIA Corporation)
Task: {7BA0F44E-44D6-4892-8798-B642A3F2952C} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [146816 2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {7FDE0365-9933-411B-AAFA-D3895D9E9ABA} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-14] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {8B9156E9-2615-4B66-B650-22894ADBF49A} - System32\Tasks\App Explorer => C:\Users\vmvla\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7823408 2022-01-26] (SweetLabs Inc. -> SweetLabs, Inc) <==== ATTENTION
Task: {9B1EA8F7-4593-4B3A-BB0A-A847C7C865FC} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [461472 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {9F399870-221E-42D2-BD7E-457E97147977} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26308528 2022-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {A05EFD17-64CC-4A50-9A6C-1E98CB3A79AB} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-14] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {A3A2817B-E4F4-4AE7-8F0F-039F91B94F8F} - System32\Tasks\DragonStart => C:\Program Files (x86)\Realtek\Dragon\Dragon.exe [1685800 2020-03-20] (Realtek Semiconductor Corp. -> )
Task: {A83A0182-6D6B-49A8-B44A-6BA7CAD0F34B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {A9CEB73B-5B99-46F2-AB46-6B1BEA92183D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144256 2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {AD9DA0E3-5C99-49E8-929B-0F18C18B025E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-07] (Google LLC -> Google LLC)
Task: {B09A055F-C8FA-4FF5-A66C-513022C8B64C} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [70792 2022-08-15] (Acer Incorporated -> )
Task: {C2066F47-F426-41E7-8064-46FBC51A232F} - System32\Tasks\Oem\wlanBrokerTask => C:\Program Files (x86)\Acer\ExpressVPN\wlanBroker.exe [18224 2021-03-12] (Acer Incorporated -> )
Task: {C5B4934E-C742-43F3-A2A0-9DD3B58E58B8} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4836512 2021-12-30] (Acer Incorporated -> )
Task: {C91C73F2-7BB0-4D62-9759-9AF9E38DB397} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {DA5D54F6-97DA-44F2-A590-4BB17400512B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26308528 2022-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {E345103E-C907-4DF4-AC2A-8565C4D98863} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\TriggerFramework.exe [268328 2020-08-07] (Acer Incorporated -> Acer Incorporated)
Task: {F6B3D4FE-88D2-4DE7-8313-CB055AF72D26} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {F74BB1F8-6540-46EF-8B25-EF1602691B34} - System32\Tasks\AcerCMUpdateTask2.1.20250 => C:\Program Files (x86)\Acer\Amundsen\2.1.20250\AWC.exe [153128 2020-09-02] (Acer Incorporated -> )
Task: {FF4DB380-0B0A-46D9-9E4B-C77E3697BF10} - System32\Tasks\UEIPInvitation => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UEIPOOBECheck.exe [2211368 2020-08-07] (Acer Incorporated -> Acer Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => E:\ccleaner\CCleanerBugReport.exe
Task: C:\Windows\Tasks\DragonStart.job => C:\Program Files (x86)\Realtek\Dragon\Dragon.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d4c1ba70-8024-4eef-824c-446c36595b1c}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge Profile: C:\Users\vmvla\AppData\Local\Microsoft\Edge\User Data\Default [2022-12-15]
FireFox:
========
FF DefaultProfile: g6k9w1r3.default
FF ProfilePath: C:\Users\vmvla\AppData\Roaming\Mozilla\Firefox\Profiles\g6k9w1r3.default [2022-02-05]
FF ProfilePath: C:\Users\vmvla\AppData\Roaming\Mozilla\Firefox\Profiles\u6oh12tu.default-release [2022-12-15]
FF Extension: (Amazon Assistant) - C:\Users\vmvla\AppData\Roaming\Mozilla\Firefox\Profiles\u6oh12tu.default-release\Extensions\abb-acer@amazon.com.xpi [2022-10-16] [UpdateUrl:hxxps://s3-us-west-2.amazonaws.com/ubp-ubpextension-us-prod/vendor-update/firefox/acer1/updates.json]
FF Extension: (Slovak (SK) Language Pack) - C:\Users\vmvla\AppData\Roaming\Mozilla\Firefox\Profiles\u6oh12tu.default-release\Extensions\langpack-sk@firefox.mozilla.org.xpi [2022-10-16]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\vmvla\AppData\Roaming\Mozilla\Firefox\Profiles\u6oh12tu.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2022-10-08]
FF Extension: (Amazon Assistant for Firefox) - C:\Program Files\Mozilla Firefox\distribution\extensions\abb-acer@amazon.com.xpi [2019-05-14] [UpdateUrl:hxxps://s3-us-west-2.amazonaws.com/ubp-ubpextension-us-prod/vendor-update/firefox/acer1/updates.json]
FF Extension: (Slovak (SK) Language Pack) - C:\Program Files\Mozilla Firefox\distribution\extensions\langpack-sk@firefox.mozilla.org.xpi [2020-09-15]
FF Extension: (Mozilla Partner Defaults) - C:\Program Files\Mozilla Firefox\distribution\extensions\partnerdefaults@mozilla.com [2022-10-16] [Legacy]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2022-12-14] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2022-12-14] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\vmvla\AppData\Local\Google\Chrome\User Data\Default [2021-10-12]
CHR Extension: (Prezentácie) - C:\Users\vmvla\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-10-07]
CHR Extension: (Dokumenty) - C:\Users\vmvla\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-10-07]
CHR Extension: (Disk Google) - C:\Users\vmvla\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-10-07]
CHR Extension: (YouTube) - C:\Users\vmvla\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-10-07]
CHR Extension: (Tabuľky) - C:\Users\vmvla\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-10-07]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\vmvla\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\vmvla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-07]
CHR Extension: (Gmail) - C:\Users\vmvla\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-10-07]
CHR Profile: C:\Users\vmvla\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-10-07]
CHR Profile: C:\Users\vmvla\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-12-15]
CHR HomePage: Profile 1 -> hxxps://www.google.com/
CHR Extension: (WOT Website Security & Privacy Protection) - C:\Users\vmvla\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2022-12-08]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\vmvla\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-12-07]
CHR Extension: (Avast Passwords) - C:\Users\vmvla\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2021-10-07]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\vmvla\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-30]
CHR Extension: (AdBlock - najlepší blokovač reklám) - C:\Users\vmvla\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-12-01]
CHR Extension: (QuickClean) - C:\Users\vmvla\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hcdeoflfbkpmebldjfkemfhjomgjipgn [2021-10-07]
CHR Extension: (Grammarly: Grammar Checker and Writing App) - C:\Users\vmvla\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2022-12-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\vmvla\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-07]
CHR Profile: C:\Users\vmvla\AppData\Local\Google\Chrome\User Data\System Profile [2021-10-07]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ACCSvc; C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe [259232 2021-12-30] (Acer Incorporated -> Acer Incorporated)
R3 aswbIDSAgent; E:\avast\aswidsagent.exe [8550808 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; E:\avast\AvastSvc.exe [597400 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; E:\avast\afwServ.exe [2038168 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; E:\avast\aswToolsSvc.exe [597400 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; E:\avast\wsc_proxy.exe [56912 2021-11-11] (Avast Software s.r.o. -> AVAST Software)
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-14] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\108.0.19614.101\elevation_service.exe [1794048 2022-12-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-14] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12544456 2022-12-08] (Microsoft Corporation -> Microsoft Corporation)
R2 DtsApo4Service; C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe [201376 2020-10-18] (DTS, Inc. -> DTS Inc.)
R2 GoTrust ID Plugin; C:\Program Files\GoTrust ID Plugin\GoTrust ID Plugin\GTFidoService.exe [15360 2020-09-08] (GOTrustID Inc.) [File not signed]
R2 GoTrustID Service; C:\Program Files\GoTrust ID Plugin\Bridge_Service.exe [336992 2020-09-08] (GoTrustID Inc -> GOTrustID Inc.)
S3 Origin Client Service; E:\origin\OriginClientService.exe [2579264 2022-11-09] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; E:\origin\OriginWebHelperService.exe [3497800 2022-11-09] (Electronic Arts, Inc. -> Electronic Arts)
S3 PSSvc; C:\Program Files\Acer\NitroSense Service\PSSvc.exe [862248 2020-04-16] (Acer Incorporated -> Acer Incorporated)
S3 QASvc; C:\Program Files\Acer\Quick Access Service\QASvc.exe [504480 2022-01-03] (Acer Incorporated -> Acer Incorporated)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe [326184 2020-08-10] (Acer Incorporated -> Acer Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvae.inf_amd64_fdabed922efb6704\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvae.inf_amd64_fdabed922efb6704\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [229208 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [391272 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [297832 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [95960 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [25576 2022-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [39648 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [267888 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [555560 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [105248 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [80376 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [852000 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [695496 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [212632 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [318456 2022-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R1 rtf64; C:\Windows\system32\DRIVERS\rtf64x64.sys [70560 2018-09-03] (Realtek Semiconductor Corp. -> Realtek)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
U1 aswbdisk; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-12-15 11:37 - 2022-12-15 11:37 - 000029827 _____ C:\Users\vmvla\Desktop\FRST.txt
2022-12-15 11:35 - 2022-12-15 11:35 - 002375680 _____ (Farbar) C:\Users\vmvla\Desktop\FRST64.exe
2022-12-15 10:55 - 2022-12-15 10:55 - 000000000 ___HD C:\$WinREAgent
2022-12-13 17:31 - 2022-12-13 17:31 - 000273816 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2022-12-13 17:31 - 2022-12-13 17:31 - 000212632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2022-12-12 18:00 - 2022-12-12 18:00 - 000065202 _____ C:\Users\vmvla\AppData\Local\recently-used.xbel
2022-11-23 08:48 - 2022-11-23 08:48 - 000000000 ____D C:\Users\vmvla\AppData\Local\ToastNotificationManagerCompat
2022-11-20 09:34 - 2022-11-20 09:34 - 000000000 ____D C:\Program Files (x86)\Windows Kits
2022-11-20 09:34 - 2022-11-20 09:34 - 000000000 ____D C:\Program Files (x86)\Microsoft GameInput
2022-11-17 15:04 - 2022-11-17 16:52 - 2002545718 _____ C:\Users\vmvla\Desktop\Na palube jednorozce cz 2001 (fantasy) (720x576).avi
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-12-15 11:37 - 2022-06-23 10:25 - 000000000 ____D C:\FRST
2022-12-15 11:27 - 2022-09-21 08:23 - 000002930 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2022-12-15 11:27 - 2022-09-21 08:23 - 000000648 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2022-12-15 11:27 - 2021-12-11 19:17 - 000003054 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3987471142-46148360-586981681-1001
2022-12-15 11:27 - 2021-11-24 19:59 - 000003440 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineUA
2022-12-15 11:27 - 2021-11-24 19:59 - 000003216 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineCore
2022-12-15 11:27 - 2021-11-24 19:58 - 000002960 _____ C:\Windows\system32\Tasks\CCleaner Update
2022-12-15 11:27 - 2021-11-24 19:58 - 000002220 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - vmvla
2022-12-15 11:27 - 2021-10-07 13:01 - 000003386 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2022-12-15 11:27 - 2021-10-07 13:01 - 000003162 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2022-12-15 11:27 - 2021-10-07 12:54 - 000002850 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3987471142-46148360-586981681-1001
2022-12-15 11:27 - 2021-07-30 05:48 - 000003560 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-12-15 11:27 - 2021-07-30 05:48 - 000003336 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-12-15 11:27 - 2021-07-30 05:47 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-12-15 11:07 - 2022-04-22 14:04 - 000000000 ____D C:\Users\vmvla\AppData\Roaming\discord
2022-12-15 11:05 - 2021-11-11 18:51 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2022-12-15 11:00 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2022-12-15 10:59 - 2021-11-29 20:49 - 000000000 ____D C:\ProgramData\Origin
2022-12-15 10:54 - 2022-01-02 18:59 - 000000000 ____D C:\Program Files\dotnet
2022-12-15 10:54 - 2021-10-12 11:11 - 000000000 ____D C:\Windows\system32\MRT
2022-12-15 10:54 - 2021-07-30 05:52 - 000000000 ____D C:\ProgramData\Package Cache
2022-12-15 10:53 - 2021-10-12 11:11 - 148633544 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-12-15 10:53 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-12-15 10:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2022-12-15 10:48 - 2022-04-22 14:04 - 000000000 ____D C:\Users\vmvla\AppData\Local\Discord
2022-12-15 10:47 - 2021-11-29 20:49 - 000000000 ____D C:\Users\vmvla\AppData\Local\Origin
2022-12-15 10:47 - 2021-10-07 13:01 - 000000000 ____D C:\Program Files (x86)\Google
2022-12-15 10:47 - 2021-10-07 12:54 - 000000000 ___RD C:\Users\vmvla\OneDrive
2022-12-15 10:47 - 2021-07-30 05:54 - 000000000 ____D C:\ProgramData\NVIDIA
2022-12-14 22:42 - 2021-10-07 12:38 - 000000000 ____D C:\Users\vmvla
2022-12-14 22:42 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-12-14 20:29 - 2021-11-24 19:59 - 000002403 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2022-12-14 20:29 - 2021-11-24 19:59 - 000002368 _____ C:\Users\Public\Desktop\CCleaner Browser.lnk
2022-12-14 20:29 - 2021-11-24 19:59 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2022-12-14 18:19 - 2021-07-30 05:56 - 000840598 _____ C:\Windows\system32\PerfStringBackup.INI
2022-12-14 18:19 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2022-12-14 18:12 - 2021-10-09 06:47 - 000000000 ____D C:\Windows\Minidump
2022-12-14 18:12 - 2021-07-30 05:47 - 000008192 ___SH C:\DumpStack.log.tmp
2022-12-14 18:12 - 2021-07-30 05:47 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-12-14 18:12 - 2021-07-25 09:45 - 003963397 ____N C:\Windows\Minidump\121422-14000-01.dmp
2022-12-14 18:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2022-12-14 18:05 - 2021-10-07 13:43 - 000000000 ____D C:\Users\vmvla\AppData\Roaming\paradox-launcher-v2
2022-12-14 15:33 - 2021-10-07 12:53 - 000000000 ____D C:\Users\vmvla\AppData\Local\D3DSCache
2022-12-14 10:29 - 2021-12-30 11:33 - 000000000 ____D C:\Users\vmvla\AppData\Roaming\GitHub Desktop
2022-12-14 09:50 - 2021-10-07 13:01 - 000002263 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-12-14 09:50 - 2021-10-07 13:01 - 000002222 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-12-13 19:01 - 2021-12-22 16:54 - 000000000 ____D C:\Users\vmvla\AppData\Local\babl-0.1
2022-12-13 17:32 - 2021-11-11 18:50 - 000391272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2022-12-13 17:31 - 2021-11-11 18:50 - 000852000 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2022-12-13 17:31 - 2021-11-11 18:50 - 000695496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2022-12-13 17:31 - 2021-11-11 18:50 - 000555560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2022-12-13 17:31 - 2021-11-11 18:50 - 000318456 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2022-12-13 17:31 - 2021-11-11 18:50 - 000297832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2022-12-13 17:31 - 2021-11-11 18:50 - 000267888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2022-12-13 17:31 - 2021-11-11 18:50 - 000229208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2022-12-13 17:31 - 2021-11-11 18:50 - 000105248 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2022-12-13 17:31 - 2021-11-11 18:50 - 000095960 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2022-12-13 17:31 - 2021-11-11 18:50 - 000080376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2022-12-13 17:31 - 2021-11-11 18:50 - 000039648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2022-12-13 17:31 - 2021-11-11 18:50 - 000003932 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2022-12-13 17:31 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2022-12-13 09:30 - 2021-10-07 12:38 - 000002367 _____ C:\Users\vmvla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-12-12 18:00 - 2021-12-22 17:18 - 000000000 ____D C:\Users\vmvla\AppData\Local\gtk-2.0
2022-12-12 12:29 - 2022-02-13 19:49 - 000000000 ____D C:\Users\vmvla\AppData\Roaming\RenPy
2022-12-11 18:54 - 2021-11-11 18:52 - 000000000 ____D C:\Users\vmvla\AppData\Local\Avast Software
2022-12-11 09:26 - 2022-04-22 14:04 - 000002227 _____ C:\Users\vmvla\Desktop\Discord.lnk
2022-12-10 19:45 - 2021-07-30 05:48 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-12-10 13:43 - 2021-07-30 06:26 - 000000000 ____D C:\Program Files\Microsoft Office
2022-11-26 18:07 - 2021-11-29 20:49 - 000000000 ____D C:\Users\vmvla\AppData\Roaming\Origin
2022-11-20 09:34 - 2022-10-20 20:19 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\xgamehelper.exe
2022-11-20 09:34 - 2022-10-20 20:19 - 000067064 _____ (Microsoft Corporation) C:\Windows\system32\xgamecontrol.exe
2022-11-20 09:34 - 2021-11-19 19:36 - 000165368 _____ (Microsoft Corporation) C:\Windows\system32\gamelaunchhelper.dll
2022-11-20 09:34 - 2021-10-07 13:11 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\gamingtcuihelpers.dll
2022-11-20 09:34 - 2021-10-07 13:09 - 002815440 _____ (Microsoft Corporation) C:\Windows\system32\xgameruntime.dll
2022-11-20 09:34 - 2021-10-07 13:09 - 000460240 _____ (Microsoft Corporation) C:\Windows\system32\gameplatformservices.dll
2022-11-20 09:34 - 2021-10-07 13:09 - 000243192 _____ (Microsoft Corporation) C:\Windows\system32\gamingservicesproxy.dll
2022-11-20 09:34 - 2021-10-07 13:09 - 000198136 _____ (Microsoft Corporation) C:\Windows\system32\gameconfighelper.dll
==================== Files in the root of some directories ========
2022-12-12 18:00 - 2022-12-12 18:00 - 000065202 _____ () C:\Users\vmvla\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-12-2022
Ran by vmvla (15-12-2022 11:37:55)
Running from C:\Users\vmvla\Desktop
Microsoft Windows 10 Home Version 21H2 19044.2251 (X64) (2021-10-07 11:26:46)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3987471142-46148360-586981681-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3987471142-46148360-586981681-503 - Limited - Disabled)
Guest (S-1-5-21-3987471142-46148360-586981681-501 - Limited - Disabled)
vmvla (S-1-5-21-3987471142-46148360-586981681-1001 - Administrator - Enabled) => C:\Users\vmvla
WDAGUtilityAccount (S-1-5-21-3987471142-46148360-586981681-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AV: Norton Security Ultra (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A}
FW: Norton Security Ultra (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000020250}) (Version: 2.1.20250 - Acer)
Acer Jumpstart (HKLM-x32\...\{0C5ED25A-B8D1-4E71-BFCB-6B370A4EA19C}) (Version: 3.5.22220.20 - Acer)
App Explorer (HKU\S-1-5-21-3987471142-46148360-586981681-1001\...\Host App Service) (Version: 0.273.4.386 - SweetLabs) <==== ATTENTION
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 22.12.6044 - Avast Software)
Care Center Service (HKLM\...\{AFB52E98-7597-4484-9202-58F0FD3512ED}) (Version: 4.00.3042 - Acer Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 6.06 - Piriform)
CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 108.0.19614.101 - Autori prehliadača CCleaner Browser)
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1583.3 - Piriform Software) Hidden
Discord (HKU\S-1-5-21-3987471142-46148360-586981681-1001\...\Discord) (Version: 1.0.9004 - Discord Inc.)
Dragon (HKLM-x32\...\{3C8FA4F4-8471-4C60-9002-9B9F78B7B483}) (Version: 4 - Realtek)
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3026 - Acer Incorporated)
Dynamic Application Loader Host Interface Service (HKLM\...\{A28339C8-E641-4CCE-A316-56F405D1C245}) (Version: 1.0.0.0 - Intel Corporation) Hidden
ExpressVPN (HKLM-x32\...\{878F6EB4-73BF-4A1E-9A92-6DDF9EDC8A8B}) (Version: 2.3.21102.1 - Acer)
Genshin Impact (HKLM\...\Genshin Impact) (Version: 2.20.2.0 - miHoYo Co.,Ltd)
GIMP 2.10.30 (HKLM\...\GIMP-2_is1) (Version: 2.10.30 - The GIMP Team)
GitHub Desktop (HKU\S-1-5-21-3987471142-46148360-586981681-1001\...\GitHubDesktop) (Version: 3.1.2 - GitHub, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 108.0.5359.100 - Google LLC)
GoTrust ID Plugin 2.0.12.36 (HKLM\...\GoTrust ID Plugin) (Version: 2.0.12.36 - GoTrust ID Inc.)
Intel(R) Chipset Device Software (HKLM\...\{06D713D6-9845-436D-B857-5BF2596B4554}) (Version: 10.1.18634.8254 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{99926fb7-5da9-4101-b79f-eec3674ca64b}) (Version: 10.1.18634.8254 - Intel(R) Corporation)
Intel(R) LMS (HKLM\...\{A0983640-26D2-4CD8-A512-747BF3CF3F82}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2101.15.0.2080 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{21468D61-6A78-4358-B346-F4D37C6D55CC}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{788371EA-0B02-40AD-85D0-21BE107E3628}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{2F171580-9C56-4A25-A5D5-CBBAA025BFA6}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Microsoft .NET Core Host - 3.1.32 (x64) (HKLM\...\{8A8E3A04-83BC-4CDE-9259-893B666C1AB1}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Host FX Resolver - 3.1.32 (x64) (HKLM\...\{ABC6B3C2-1A8D-4C5E-AC16-C2AE44F02743}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft .NET Core Runtime - 3.1.32 (x64) (HKLM\...\{A741B803-3F0E-4684-81EF-FC128D15A92C}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft 365 - sk-sk (HKLM\...\O365HomePremRetail - sk-sk) (Version: 16.0.15831.20190 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 108.0.1462.46 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 108.0.1462.46 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{6BBE9278-659F-FA16-E4B8-C2D60DE0DCC7}) (Version: 10.1.22621.1863 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3987471142-46148360-586981681-1001\...\OneDriveSetup.exe) (Version: 22.238.1114.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.28.29334 (HKLM\...\{2E11EF4E-901F-4B2D-B68E-3DB2A566C857}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.28.29334 (HKLM\...\{8A3F7D5B-422D-49D9-84F7-8DC1B7782967}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29334 (HKLM-x32\...\{14C49FC8-3E9B-4F29-8526-26629B5CF30B}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29334 (HKLM-x32\...\{0D01A812-82A1-481F-8546-8E28E976F8DF}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.32 (x64) (HKLM\...\{5BEE5F3E-4D78-4DE8-A8F3-36D3E9D8868C}) (Version: 24.192.31915 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 3.1.32 (x64) (HKLM-x32\...\{0eddeab6-01c1-4cf7-83ba-164ea8974c90}) (Version: 3.1.32.31915 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 105.0.3 (x64 en-US)) (Version: 105.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 80.0.1 - Mozilla)
NitroSense Service (HKLM\...\{9089CCF1-ABBE-4271-A0F0-5119BF339A83}) (Version: 3.00.3008 - Acer Incorporated)
NVIDIA FrameView SDK 1.2.4999.30397803 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.4999.30397803 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.24.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.24.0.126 - NVIDIA Corporation)
NVIDIA Grafický ovládač 472.80 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 472.80 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.20.0221 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.20.0221 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15831.20184 - Microsoft Corporation) Hidden
OptaneDowngradeGuard (HKLM\...\{86B0E6C1-32E0-42CC-BC4F-BF3C0730CECB}) (Version: 18.0.0.0 - Intel Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.116.52126 - Electronic Arts, Inc.)
Paradox Launcher v2 (HKLM\...\{E68BBC18-9E69-436B-B20F-E294DE62ECAB}) (Version: 2.3.0 - Paradox Interactive)
Quick Access Service (HKLM\...\{AB25551C-74EF-4BAB-9989-891517FCF9FF}) (Version: 3.00.3038 - Acer Incorporated)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9107.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.45.928.2020 - Realtek)
RstDowngradeGuard (HKLM\...\{13C2A26E-7AD4-4D82-BB4F-DEA6E871B958}) (Version: 18.0.0.0 - Intel Corporation) Hidden
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
User Experience Improvement Program Service (HKLM\...\{323EA05D-046D-449D-9D7C-89243C957CCE}) (Version: 5.00.3002 - Acer Incorporated)
Windows Kontrola stavu počítača (HKLM\...\{8D6B9DC1-A437-41E0-8DF1-9F37748394AE}) (Version: 3.6.2204.08001 - Microsoft Corporation)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Packages:
=========
Acer Product Registration -> C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3040.0_x64__48frkmn4z8aw4 [2022-10-12] (Acer Incorporated)
AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.52851.0_x64__8wekyb3d8bbwe [2022-12-01] (Microsoft Corporation)
Care Center S -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCareCenterS_4.0.3042.0_x64__48frkmn4z8aw4 [2022-01-12] (Acer Incorporated)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_23.4.4.0_x64__xbfy0k16fey96 [2022-12-11] (Dropbox Inc.)
DTS Sound Unbound -> C:\Program Files\WindowsApps\DTSInc.DTSSoundUnbound_2022.4.2.0_x64__t5j2fzbtdg37r [2022-12-11] (DTS, Inc.)
DTS:X Ultra -> C:\Program Files\WindowsApps\DTSInc.DTSXUltra_1.11.7.0_x64__t5j2fzbtdg37r [2022-09-10] (DTS, Inc.)
File Viewer Plus 4 -> C:\Program Files\WindowsApps\SharpenedProductions.FileViewerPlus4_4.2.1.0_x86__xkt78gamzntbr [2022-10-08] (Sharpened Productions)
GoTrust ID -> C:\Program Files\WindowsApps\GOTrustTechnologyInc.GO-TrustAuthenticator_3.1.21.0_x64__0r04f53sqacg6 [2021-10-10] (GoTrustID Inc.)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1037.0_x64__8j3eq9eme6ctt [2022-10-17] (INTEL CORP)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2022-11-12] (LinkedIn)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1710.29.105.0_x64__8xx8rvfyw5nnt [2022-12-09] (Meta) [Startup Task]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_52.11010.438.0_x64__8wekyb3d8bbwe [2022-10-20] (Microsoft Corporation)
NitroSense_DT_V30 -> C:\Program Files\WindowsApps\AcerIncorporated.NitroSenseDTV30_3.0.3008.0_x64__48frkmn4z8aw4 [2021-10-07] (Acer Incorporated)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-10-17] (NVIDIA Corp.)
PhotoDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PhotoDirectorforacerDesktop_8.0.6428.0_x64__ypz87dpxkv292 [2021-10-07] (CYBERLINK COM CORP)
PowerDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PowerDirectorforacerDesktop_14.0.4304.0_x64__ypz87dpxkv292 [2021-10-07] (CYBERLINK COM CORP)
QuickAccess -> C:\Program Files\WindowsApps\AcerIncorporated.QuickAccess_3.0.3038.0_x64__48frkmn4z8aw4 [2022-02-13] (Acer Incorporated)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.23.242.0_x64__dt26b99r8h8gj [2021-10-07] (Realtek Semiconductor Corp)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2022-12-09] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0 [2022-12-09] (Spotify AB) [Startup Task]
Trio Office -> C:\Program Files\WindowsApps\64343GTDocStudio.OfficeDocOpener_3.3.2.0_x86__3h5nez1g3qt2c [2022-08-19] (GT Office PDF Studio)
User Experience Improvement Program V5 -> C:\Program Files\WindowsApps\AcerIncorporated.UserExperienceImprovementProgramV_5.0.3002.0_x64__48frkmn4z8aw4 [2021-10-07] (Acer Incorporated)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Windows\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_fac18e2da6ec7b25\OptaneShellExt.dll [2020-12-16] (Intel(R) Rapid Storage Technology -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => E:\avast\ashShell.dll [2022-12-13] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => E:\avast\ashShell.dll [2022-12-13] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => E:\avast\ashShell.dll [2022-12-13] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => E:\winrar\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => E:\winrar\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => E:\avast\ashShell.dll [2022-12-13] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Windows\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_fac18e2da6ec7b25\OptaneShellExt.dll [2020-12-16] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvae.inf_amd64_fdabed922efb6704\nvshext.dll [2022-01-04] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => E:\avast\ashShell.dll [2022-12-13] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => E:\winrar\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => E:\winrar\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32-x32: [vidc.VP60] => C:\Windows\system32\vp6vfw.dll
HKLM\...\Drivers32-x32: [vidc.VP61] => C:\Windows\system32\vp6vfw.dll
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\vmvla\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Sunrise - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) =============
2022-11-17 09:50 - 2022-11-10 07:19 - 134859776 _____ () [File not signed] E:\steam\bin\cef\cef.win7x64\libcef.dll
2022-11-17 09:50 - 2022-11-07 11:17 - 000387072 _____ () [File not signed] E:\steam\bin\cef\cef.win7x64\libegl.dll
2022-11-17 09:50 - 2022-11-07 11:17 - 008052736 _____ () [File not signed] E:\steam\bin\cef\cef.win7x64\libglesv2.dll
2021-07-30 06:27 - 2021-07-30 06:27 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2021-07-30 06:27 - 2021-07-30 06:27 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2022-11-17 09:50 - 2022-11-07 11:17 - 000992256 _____ (The Chromium Authors) [File not signed] E:\steam\bin\cef\cef.win7x64\chrome_elf.dll
2022-11-15 09:33 - 2021-11-29 20:50 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] E:\origin\LIBEAY32.dll
2022-11-15 09:33 - 2021-11-29 20:50 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] E:\origin\ssleay32.dll
2022-11-15 09:33 - 2021-11-29 20:50 - 001611264 _____ (The Qt Company Ltd) [File not signed] E:\origin\platforms\qwindows.dll
2022-11-15 09:33 - 2021-11-29 20:50 - 005487104 _____ (The Qt Company Ltd) [File not signed] E:\origin\Qt5Core.dll
2022-11-15 09:33 - 2021-11-29 20:50 - 005841920 _____ (The Qt Company Ltd) [File not signed] E:\origin\Qt5Gui.dll
2022-11-15 09:33 - 2021-11-29 20:50 - 001179136 _____ (The Qt Company Ltd) [File not signed] E:\origin\Qt5Network.dll
2022-11-15 09:33 - 2021-11-29 20:50 - 000146432 _____ (The Qt Company Ltd) [File not signed] E:\origin\Qt5WebSockets.dll
2022-11-15 09:33 - 2021-11-29 20:50 - 005089792 _____ (The Qt Company Ltd) [File not signed] E:\origin\Qt5Widgets.dll
2022-11-15 09:33 - 2021-11-29 20:50 - 000184832 _____ (The Qt Company Ltd) [File not signed] E:\origin\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-12-10] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3987471142-46148360-586981681-1001\Control Panel\Desktop\\Wallpaper -> d:\pictures\pones\eaw\first_light_by_mrscroup-dbxmhql.png
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
Wi-Fi: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{A5B7461A-FBB9-4306-B8ED-9A818A10E7AB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6EFFC052-1FF3-4352-ACF0-3D512AFEB542}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{73810A0C-01DF-4CAC-A433-AA5038F3907B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8A008EB8-3369-430F-844C-BC80BAC9CC9E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A8852AF5-5CE0-4B1F-9DD1-3BA7CD20A215}] => (Allow) E:\steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{5049D98D-A45F-4DF7-A273-AF60027D77EF}] => (Allow) E:\steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{DAB3223E-D725-438D-B580-A224E9E69240}] => (Allow) E:\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{5D2E2BF6-0D33-40B7-860B-F5A6DFF94CAC}] => (Allow) E:\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{9873C904-AC59-4450-B07D-7D4A10C327C1}] => (Allow) E:\steam\steamapps\common\Disco Elysium\disco.exe () [File not signed]
FirewallRules: [{F8543A74-3B7C-4662-B57E-8AC48D918D4F}] => (Allow) E:\steam\steamapps\common\Disco Elysium\disco.exe () [File not signed]
FirewallRules: [{330F6F9B-0BC1-4EBB-BBB5-F6AA41F849B3}] => (Allow) E:\steam\steamapps\common\ChineseParent\game.exe () [File not signed]
FirewallRules: [{525336E5-EEAB-4AF0-B178-EA5133E3D889}] => (Allow) E:\steam\steamapps\common\ChineseParent\game.exe () [File not signed]
FirewallRules: [{886540A7-D848-4185-9E06-FDE3F3D7D764}] => (Allow) E:\steam\steamapps\common\Armello\armello.exe () [File not signed]
FirewallRules: [{D3E7806D-3777-4B38-8DB3-E3C039916F51}] => (Allow) E:\steam\steamapps\common\Armello\armello.exe () [File not signed]
FirewallRules: [{E854E2BB-B8A6-453E-8D25-1295238328E0}] => (Allow) E:\steam\steamapps\common\Stellaris\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{E09E4626-DF48-4EB1-BF42-5663B7A3B33D}] => (Allow) E:\steam\steamapps\common\Stellaris\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{444ACB9F-1036-4EDF-BDDD-3467F6B33559}] => (Allow) E:\steam\steamapps\common\Sid Meier's Civilization VI\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{545F1F5F-6303-419A-BA36-E3BD90084142}] => (Allow) E:\steam\steamapps\common\Sid Meier's Civilization VI\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{3BDCA06A-BC62-4205-924E-DE35DFD4FC99}] => (Allow) E:\avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{791894E4-F5F8-4A84-810F-A469CED4D53E}] => (Allow) E:\avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{AC8C4E16-9BFD-465B-A3BA-055452DF29E6}] => (Allow) E:\steam\steamapps\common\AoE3DE\AoE3DE_s.exe (Tantalus Media Pty Ltd -> Microsoft Corporation)
FirewallRules: [{FE291E33-092A-4CE9-93F5-A6F585038871}] => (Allow) E:\steam\steamapps\common\AoE3DE\AoE3DE_s.exe (Tantalus Media Pty Ltd -> Microsoft Corporation)
FirewallRules: [{0696D62D-A43A-4C02-BCA6-585B8E1B377C}] => (Allow) E:\steam\steamapps\common\AoE3DE\BattleServer.exe (Tantalus Media Pty Ltd -> )
FirewallRules: [{F442A79F-B5E3-4412-A9AC-A662348A478A}] => (Allow) E:\steam\steamapps\common\AoE3DE\BattleServer.exe (Tantalus Media Pty Ltd -> )
FirewallRules: [{05BFD281-6CC1-4F9C-AEE6-258BCCE81C8F}] => (Allow) E:\steam\steamapps\common\AoE2DE\AoE2DE_s.exe (Wicked Witch Software Pty Ltd -> Microsoft Corporation)
FirewallRules: [{2428F9FE-78FD-4D81-8868-F1F5254B355E}] => (Allow) E:\steam\steamapps\common\AoE2DE\AoE2DE_s.exe (Wicked Witch Software Pty Ltd -> Microsoft Corporation)
FirewallRules: [{017FF628-EDAF-482B-AA4B-1D240DE5F9FE}] => (Allow) E:\steam\steamapps\common\Suzerain\Suzerain.exe () [File not signed]
FirewallRules: [{75BD28AF-6356-4A35-826A-D2EB43ED58EE}] => (Allow) E:\steam\steamapps\common\Suzerain\Suzerain.exe () [File not signed]
FirewallRules: [{D7DCDC9C-5057-4B59-9694-BBCE29E14894}] => (Allow) E:\steam\steamapps\common\VA-11 HALL-A\VA-11 Hall A.exe () [File not signed]
FirewallRules: [{38767B56-7CBC-4FA4-BBC2-489312507466}] => (Allow) E:\steam\steamapps\common\VA-11 HALL-A\VA-11 Hall A.exe () [File not signed]
FirewallRules: [{F1723461-B88B-4CE2-8281-0DF5F978A2B9}] => (Allow) E:\steam\steamapps\common\Fate Extella Link\fateextellalink.exe () [File not signed]
FirewallRules: [{00CDDE1D-F227-4D48-AE9E-5C2C7F9E1E99}] => (Allow) E:\steam\steamapps\common\Fate Extella Link\fateextellalink.exe () [File not signed]
FirewallRules: [{B2A8985C-2561-48BE-9951-EF2ECF899FF6}] => (Allow) E:\steam\steamapps\common\The Life and Suffering of Sir Brante\The Life and Suffering of Sir Brante.exe () [File not signed]
FirewallRules: [{CE76C8E0-0959-4175-B68D-E54C89907B5B}] => (Allow) E:\steam\steamapps\common\The Life and Suffering of Sir Brante\The Life and Suffering of Sir Brante.exe () [File not signed]
FirewallRules: [{BF81F93E-908B-43CD-89D1-970B71A18198}] => (Allow) E:\steam\steamapps\common\Batman The Telltale Series\Batman.exe (Telltale Games) [File not signed]
FirewallRules: [{F40B5142-D59D-4D54-BD55-81CAABC74160}] => (Allow) E:\steam\steamapps\common\Batman The Telltale Series\Batman.exe (Telltale Games) [File not signed]
FirewallRules: [{B0918537-BC09-4E78-8633-F217D5A91856}] => (Allow) E:\steam\steamapps\common\Batman The Enemy Within - The Telltale Series\Batman2.exe (Telltale Games) [File not signed]
FirewallRules: [{5438322D-A385-4748-A100-A6FFB064CA4E}] => (Allow) E:\steam\steamapps\common\Batman The Enemy Within - The Telltale Series\Batman2.exe (Telltale Games) [File not signed]
FirewallRules: [{016C56E3-517D-465A-BF37-6EF8B891E036}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BD811C69-B266-4079-BAAF-1628E8541BB8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6AB5C35F-B928-46DF-9679-8317CE4B50D3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{1575C545-166C-4488-8A28-D37D17BF4278}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{FD36C241-FCEA-4F18-9EEF-57954AEF5CCC}] => (Allow) E:\steam\steamapps\common\OMORI\OMORI.exe (KADOKAWA) [File not signed]
FirewallRules: [{87C5150D-2591-4694-B672-F4E3573F6D1D}] => (Allow) E:\steam\steamapps\common\OMORI\OMORI.exe (KADOKAWA) [File not signed]
FirewallRules: [{A5AE3EA0-59B5-4635-9C79-41FB7DD8C09E}] => (Allow) E:\steam\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe (LariLauncher) [File not signed]
FirewallRules: [{C5044E29-BBB8-40FC-A4C8-F7A09EE76CCA}] => (Allow) E:\steam\steamapps\common\Divinity Original Sin 2\bin\SupportTool.exe (LariLauncher) [File not signed]
FirewallRules: [{01CC6CD1-C4DC-4470-A6FD-838B96AE4F37}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CFFFF8E0-953C-44D4-9F52-88B0427D6236}] => (Allow) E:\swtor\Star Wars-The Old Republic\launcher.exe (Electronic Arts, Inc. -> Solid State Networks)
FirewallRules: [{793D29B7-64C3-47E4-936E-EE367E06C1A9}] => (Allow) E:\swtor\Star Wars-The Old Republic\launcher.exe (Electronic Arts, Inc. -> Solid State Networks)
FirewallRules: [{1DE59337-6445-40B8-B280-9F694ED8032B}] => (Allow) E:\swtor\Star Wars-The Old Republic\launcher.exe (Electronic Arts, Inc. -> Solid State Networks)
FirewallRules: [{8154691B-E83A-410A-908B-622857C86176}] => (Allow) E:\swtor\Star Wars-The Old Republic\launcher.exe (Electronic Arts, Inc. -> Solid State Networks)
FirewallRules: [{EE05C573-FF3D-43B8-9B28-23DE5E108293}] => (Allow) E:\steam\steamapps\common\Hearts of Iron IV\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{4A04CA5A-F5D1-4693-8ED9-2210536D78BF}] => (Allow) E:\steam\steamapps\common\Hearts of Iron IV\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{3057FAA4-2A7F-439E-B879-55D3830D42A3}] => (Allow) E:\steam\steamapps\common\Hearts of Iron IV\hoi4.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{A4BA304F-55C3-4023-9BB7-C3BA1262808A}] => (Allow) E:\steam\steamapps\common\Hearts of Iron IV\hoi4.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{F27E6064-FD86-478A-8631-67D0F6A7AF3C}] => (Allow) E:\steam\steamapps\common\Tokyo Dark\nw.exe (The NWJS Community) [File not signed]
FirewallRules: [{C844B9C2-9F36-447F-B69E-63D1B2EB2ADE}] => (Allow) E:\steam\steamapps\common\Tokyo Dark\nw.exe (The NWJS Community) [File not signed]
FirewallRules: [{0B72F93A-4C90-4F0D-A840-B9FFE1E06927}] => (Allow) E:\steam\steamapps\common\LongLiveTheQueen\LongLiveTheQueen.exe () [File not signed]
FirewallRules: [{4C136331-8352-4269-B5DC-B047705D2404}] => (Allow) E:\steam\steamapps\common\LongLiveTheQueen\LongLiveTheQueen.exe () [File not signed]
FirewallRules: [{0C30C081-DF5C-49F6-A17A-64F7294900DE}] => (Allow) E:\steam\steamapps\common\Europa Universalis IV\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{BB303BE8-AB95-46C9-9B89-933E8DEA9AE0}] => (Allow) E:\steam\steamapps\common\Europa Universalis IV\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{6C533B03-7CC5-45AD-B62A-B0375FCD5036}] => (Allow) E:\steam\steamapps\common\The Heroic Legend Of Eagarlnia\Eagarlnia.exe () [File not signed]
FirewallRules: [{339E568C-7F73-47E7-996D-7D4DE082FD80}] => (Allow) E:\steam\steamapps\common\The Heroic Legend Of Eagarlnia\Eagarlnia.exe () [File not signed]
FirewallRules: [{544AE6B5-A7CB-4F09-826C-B36AEB6E7FBD}] => (Allow) E:\steam\steamapps\common\Banner of the Maid\banner.exe () [File not signed]
FirewallRules: [{CA60F9C1-5A45-4778-B108-C58586E9BA2A}] => (Allow) E:\steam\steamapps\common\Banner of the Maid\banner.exe () [File not signed]
FirewallRules: [{695F06AF-3D5A-41EA-8A47-78B3895346D3}] => (Allow) E:\steam\steamapps\common\Victoria 2\victoria2.exe () [File not signed]
FirewallRules: [{181CC7B8-5DF4-436C-97A7-AC6825FDEFBC}] => (Allow) E:\steam\steamapps\common\Victoria 2\victoria2.exe () [File not signed]
FirewallRules: [{4DA05CB7-2A76-4E96-AE3D-971D5EE1F912}] => (Allow) E:\steam\steamapps\common\Crusader Kings II\CK2game.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{F5382427-04F3-4067-ACD6-1EBB20C3E919}] => (Allow) E:\steam\steamapps\common\Crusader Kings II\CK2game.exe (Paradox Interactive AB (publ) -> Paradox Interactive)
FirewallRules: [{D45C85B0-37BD-49CD-84E1-1472E763DA04}] => (Allow) E:\steam\steamapps\common\Total War THREE KINGDOMS\launcher\launcher.exe (The Creative Assembly Ltd -> Creative Assembly Ltd)
FirewallRules: [{1C82189A-E9E4-4D86-B9DC-14EBDB184B9A}] => (Allow) E:\steam\steamapps\common\Total War THREE KINGDOMS\launcher\launcher.exe (The Creative Assembly Ltd -> Creative Assembly Ltd)
FirewallRules: [{78C4FF32-3B51-45EE-9F19-C74EB1996A54}] => (Allow) E:\steam\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [{4887D6A4-0375-4451-ABB1-8D1EF0A4C098}] => (Allow) E:\steam\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [{0D23DB35-6950-46DC-B64E-76E639C7171A}] => (Allow) E:\steam\steamapps\common\Total War WARHAMMER III\launcher\launcher.exe (The Creative Assembly Ltd -> Creative Assembly Ltd)
FirewallRules: [{633FE468-6D44-44D9-8E66-B3F9FDFEFAA0}] => (Allow) E:\steam\steamapps\common\Total War WARHAMMER III\launcher\launcher.exe (The Creative Assembly Ltd -> Creative Assembly Ltd)
FirewallRules: [{2378DA9F-86BC-4867-88CE-36E30A6430D6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{546E1E3C-DC36-4964-8A63-C1D4AB9D0E6A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D8AF0247-050D-402A-A10E-095FA41962BC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2BA650D2-E95E-43B9-9081-A20870C95974}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{45291AAE-23F3-4F3D-8DD7-2D5A81C1DAA9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A6DC57E7-37C9-4651-94EC-D240C1A81B07}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{10B2BEE0-BEA0-496F-97AD-8FC2911A7994}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C31FBC63-8726-4068-9780-FA3D84415606}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.200.1165.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D995D41E-3D0C-4B82-9DD8-DCED6249AEB0}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\108.0.1462.46\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{19539776-1809-419D-BAEB-C018100E312E}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{37369104-F809-451B-9B17-DD100836ED70}] => (Allow) E:\steam\steamapps\common\Crusader Kings III\launcher\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{B7C6B966-16AA-428C-873D-F2EB68496AC8}] => (Allow) E:\steam\steamapps\common\Crusader Kings III\launcher\dowser.exe (Paradox Interactive AB (publ) -> )
FirewallRules: [{BB43CAA1-2739-46BB-9573-B9054A18015B}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FirewallRules: [{BA4497FD-A663-47DA-A450-C9FF1377AB2D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{00BE35EC-BE34-492A-80C8-8138CA3ADA70}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3EDCE4CC-19AB-4261-A9B7-32DECD264B23}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FA60D526-5515-46FA-8D7C-C47193BC3CA9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.92.3204.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
10-11-2022 09:07:44 Inštalátor modulov systému Windows
06-12-2022 12:42:10 Scheduled Checkpoint
15-12-2022 10:54:55 Inštalátor modulov systému Windows
15-12-2022 10:55:13 Inštalátor modulov systému Windows
15-12-2022 10:56:08 Inštalátor modulov systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/14/2022 09:16:24 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x305; CorrelationId: {B2192729-805F-4665-BD63-F3683CE6A394}
Error: (12/14/2022 09:13:31 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x305; CorrelationId: {25A971DB-4BB8-4675-8DDC-716CE960965A}
Error: (12/14/2022 09:11:46 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x305; CorrelationId: {E8DC35E7-F0B0-4796-BA2B-F686875B30A5}
Error: (12/14/2022 09:11:32 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x305; CorrelationId: {00B239A6-AFD6-4780-A2AB-7AF873CA2501}
Error: (12/14/2022 09:09:48 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x305; CorrelationId: {729C4222-B315-433D-8CCB-830CFE1562B6}
Error: (12/14/2022 09:09:37 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x305; CorrelationId: {5DE1978F-52C9-4A3E-A5CD-9173C7AC838D}
Error: (12/14/2022 09:09:31 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x305; CorrelationId: {BBDD0873-99D5-4E0B-8023-27E56936F314}
Error: (12/14/2022 09:09:13 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x305; CorrelationId: {7F5CC65C-1FB7-4A73-B7F0-AED92320CBA0}
System errors:
=============
Error: (12/14/2022 06:12:23 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Počítač sa po kontrole chýb reštartoval. Kontrola chýb: 0x000000ef (0xffff9e02a8427080, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000). Výpis sa uložil do súboru: C:\Windows\Minidump\121422-14000-01.dmp. Identifikácia hlásenia: 73630475-2141-4ce0-abf6-4d4689000332.
Error: (12/14/2022 06:12:22 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 18:05:47 on 14. 12. 2022 was unexpected.
Error: (12/13/2022 12:28:45 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VIJ0913)
Description: The server {D18705BE-FC2F-44C8-AEFF-1CD49AEA8FC1} did not register with DCOM within the required timeout.
Error: (12/13/2022 12:26:45 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VIJ0913)
Description: The server {F53321FA-34F8-4B7F-B9A3-361877CB94CF} did not register with DCOM within the required timeout.
Error: (12/02/2022 09:48:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Steam Client Service zlyhalo kvôli nasledujúcej chybe:
The service did not respond to the start or control request in a timely fashion.
Error: (12/02/2022 09:48:18 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Steam Client Service bol dosiahnutý časový limit (30000 ms).
Error: (11/28/2022 08:47:06 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VIJ0913)
Description: The server Microsoft.MicrosoftOfficeHub_18.2210.1203.0_x64__8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub.AppXvhez9tbpytkh6zv5q0bx5fj12yay14wg.mca did not register with DCOM within the required timeout.
Error: (11/26/2022 05:15:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Používateľská služba zobrazovania oznámení vo Windowse_257f2a70 sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 10000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
CodeIntegrity:
===============
Date: 2022-12-15 10:49:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume6\avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2022-12-14 18:13:28
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume6\avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. R01-A1 03/18/2021
Motherboard: Acer Nitro N50-620
Processor: 11th Gen Intel(R) Core(TM) i5-11400F @ 2.60GHz
Percentage of memory in use: 54%
Total physical RAM: 16237.42 MB
Available physical RAM: 7407.78 MB
Total Virtual: 32621.42 MB
Available Virtual: 21607.02 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:475.83 GB) (Free:282.92 GB) (Model: HFM512GD3JX016N) NTFS
Drive d: (TARDIS 1TB) (Fixed) (Total:931.28 GB) (Free:203.91 GB) (Model: ADATA HD710 USB Device) FAT32
Drive e: (Data) (Fixed) (Total:931.5 GB) (Free:305.31 GB) (Model: ST1000DM010-2EP102) NTFS
\\?\Volume{a8c64fba-b96a-49b8-a65d-b79c8d31cc2e}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.5 GB) NTFS
\\?\Volume{79396bdc-529d-4483-a4fb-057b15abba23}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 6969DB2B)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 62132B02)
Partition: GPT.
==========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: CD108301)
Partition 1: (Active) - (Size=931.5 GB) - (Type=FAT32)
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
preventívka
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: preventívka
ahoj,
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AV: Norton Security Ultra (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A}
nie je dobre mat dva funkcne AV, jeden odinstaluj
+
vycisti PC s ADWCleanerom
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AV: Norton Security Ultra (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A}
nie je dobre mat dva funkcne AV, jeden odinstaluj
+
vycisti PC s ADWCleanerom
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: preventívka
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-15-2022
# Duration: 00:00:01
# OS: Windows 10 (Build 19044.2251)
# Cleaned: 16
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Users\Default\AppData\Local\Host App Service
Deleted C:\Users\Public\App Explorer
Deleted C:\Users\vmvla\AppData\Local\Host App Service
***** [ Files ] *****
Deleted C:\END
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\APP EXPLORER
***** [ Registry ] *****
Deleted HKCU\Software\App Host Service
Deleted HKCU\Software\Host App Service
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B9156E9-2615-4B66-B650-22894ADBF49A}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\App Explorer
Deleted HKLM\Software\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
***** [ Chromium (and derivatives) ] *****
Deleted acklnhgjphbhhomkneonohbjnbmkclfb
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
Deleted Amazon Assistant - abb-acer@amazon.com
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [5432 octets] - [15/12/2022 12:11:51]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Ten Norton ale najsamprv nevidím nikde ani cez prehľadavanie systemu ani cez CCleaner.
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-15-2022
# Duration: 00:00:01
# OS: Windows 10 (Build 19044.2251)
# Cleaned: 16
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Users\Default\AppData\Local\Host App Service
Deleted C:\Users\Public\App Explorer
Deleted C:\Users\vmvla\AppData\Local\Host App Service
***** [ Files ] *****
Deleted C:\END
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\APP EXPLORER
***** [ Registry ] *****
Deleted HKCU\Software\App Host Service
Deleted HKCU\Software\Host App Service
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B9156E9-2615-4B66-B650-22894ADBF49A}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\App Explorer
Deleted HKLM\Software\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
***** [ Chromium (and derivatives) ] *****
Deleted acklnhgjphbhhomkneonohbjnbmkclfb
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
Deleted Amazon Assistant - abb-acer@amazon.com
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [5432 octets] - [15/12/2022 12:11:51]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Ten Norton ale najsamprv nevidím nikde ani cez prehľadavanie systemu ani cez CCleaner.
Re: preventívka
citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>
•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>
Kód: Vybrat vše
Start
CloseProcesses:
CreateRestorePoint:
AV: Norton Security Ultra (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A}
FW: Norton Security Ultra (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1}
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
App Explorer (HKU\S-1-5-21-3987471142-46148360-586981681-1001\...\Host App Service) (Version: 0.273.4.386 - SweetLabs) <==== ATTENTION
EmptyTemp:
Reboot:
End
•Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txtFRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: preventívka
Fix result of Farbar Recovery Scan Tool (x64) Version: 11-12-2022
Ran by vmvla (15-12-2022 12:57:14) Run:1
Running from C:\Users\vmvla\Desktop
Loaded Profiles: vmvla
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
AV: Norton Security Ultra (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A}
FW: Norton Security Ultra (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1}
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
App Explorer (HKU\S-1-5-21-3987471142-46148360-586981681-1001\...\Host App Service) (Version: 0.273.4.386 - SweetLabs) <==== ATTENTION
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
"AV: Norton Security Ultra (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A}" => removed successfully
"FW: Norton Security Ultra (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
App Explorer (HKU\S-1-5-21-3987471142-46148360-586981681-1001\...\Host App Service) (Version: 0.273.4.386 - SweetLabs) <==== ATTENTION => Error: No automatic fix found for this entry.
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1048576 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 224365355 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 659864856 B
Windows/system/drivers => 13280838 B
Edge => 0 B
Chrome => 852610386 B
Firefox => 111390364 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 474888 B
NetworkService => 482506 B
vmvla => 329424084 B
RecycleBin => 0 B
EmptyTemp: => 2 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 12:59:42 ====
Ran by vmvla (15-12-2022 12:57:14) Run:1
Running from C:\Users\vmvla\Desktop
Loaded Profiles: vmvla
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
AV: Norton Security Ultra (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A}
FW: Norton Security Ultra (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1}
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
App Explorer (HKU\S-1-5-21-3987471142-46148360-586981681-1001\...\Host App Service) (Version: 0.273.4.386 - SweetLabs) <==== ATTENTION
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
"AV: Norton Security Ultra (Enabled - Up to date) {9E3FD331-C4C2-7AC4-0537-131EEF1B1F8A}" => removed successfully
"FW: Norton Security Ultra (Enabled) {A6045214-8EAD-7B9C-2E68-BA2B11C858F1}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
App Explorer (HKU\S-1-5-21-3987471142-46148360-586981681-1001\...\Host App Service) (Version: 0.273.4.386 - SweetLabs) <==== ATTENTION => Error: No automatic fix found for this entry.
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1048576 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 224365355 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 659864856 B
Windows/system/drivers => 13280838 B
Edge => 0 B
Chrome => 852610386 B
Firefox => 111390364 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 474888 B
NetworkService => 482506 B
vmvla => 329424084 B
RecycleBin => 0 B
EmptyTemp: => 2 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 12:59:42 ====
Re: preventívka
a moze to byt ciste ako horska bystrina 
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: preventívka
Ďakujem veľmi pekne
Re: preventívka
zamalicko 
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Přispějete na provoz fóra?