Prosím o kontrolu, dceři ukradli učet Discord.
Děkuji.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-03-2023
Ran by prede (administrator) on DESKTOP-D5FU0IC (LENOVO 82B3) (02-03-2023 19:39:48)
Running from C:\Users\prede\OneDrive\Plocha
Loaded Profiles: prede
Platform: Microsoft Windows 10 Pro Version 22H2 19045.2604 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <6>
(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(cmd.exe ->) (Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Users\prede\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(Discord Inc. -> Discord Inc.) C:\Users\prede\AppData\Local\Discord\app-1.0.9011\Discord.exe <6>
(DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_925ded1d9428eaee\DAX3API.exe ->) (Dolby Laboratories, Inc. -> ) C:\ProgramData\Dolby\DAX3\RADARHOST\DSRHost.exe
(DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_925ded1d9428eaee\DAX3API.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~1.INF\DAX3API.exe
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_cd446641b2a10fd9\LenovoUtilityService.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_cd446641b2a10fd9\FnHotkeyUtility.exe
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_925ded1d9428eaee\DAX3API.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_82b77f8c4618e2d0\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0b214be229a13e84\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_c98d5e0dfc88ac2f\RstMwService.exe
(services.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_cd446641b2a10fd9\LenovoUtilityService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_7947c31fc944635c\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(Spotify AB) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe <6>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\prede\AppData\Local\Microsoft\OneDrive\23.033.0212.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.1271.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.1271.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23012.167.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\backgroundTaskHost.exe
(svchost.exe ->) (WhatsApp Inc.) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2306.4.0_x64__cv1g1gvanyjgm\WhatsApp.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [1084704 2020-05-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [219032 2023-02-15] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3089288 2022-11-10] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1812155880-2879728718-321869557-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4253032 2023-02-14] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1812155880-2879728718-321869557-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32823248 2023-03-01] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1812155880-2879728718-321869557-1001\...\Run: [MicrosoftEdgeAutoLaunch_8D8358F69C65887A7652BC79253FD377] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4243408 2023-02-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1812155880-2879728718-321869557-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3149608 2023-02-09] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-1812155880-2879728718-321869557-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1090168 2023-02-03] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-1812155880-2879728718-321869557-1001\...\Run: [Discord] => C:\Users\prede\AppData\Local\Discord\Update.exe [1525016 2023-02-13] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1812155880-2879728718-321869557-1001\...\MountPoints2: {65b6c973-48b6-11ec-a27e-841b77978b9f} - "D:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {3C1C047A-D719-4845-9AB4-97074E7A3711} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1900320 2023-01-19] (Lenovo -> )
Task: {406472C1-F9DB-4A9B-B42A-93F8038912E8} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4A0B94A2-DF5F-48BC-A23C-5B4C4D223B5E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4F596CA5-1283-4F2C-B2A5-A3B62DBAD087} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {770A7C0A-C464-479C-B3A0-8FCD39D46829} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {83B60BE3-D155-46FA-A64D-9406B51AADC5} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9B413D16-EC47-4BCC-A11E-D45B56E204B9} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A0B98B1E-A7FE-4B54-AD48-25A39761AEDE} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {A2B43ED0-C5E8-426C-8695-D0B852175DDA} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B37AB43E-47A1-4260-849A-E139A91F5E23} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4867992 2023-02-15] (Avast Software s.r.o. -> AVAST Software)
Task: {C022C212-5889-448A-8D0B-A46FEDF662F0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1560056 2023-02-01] (Adobe Inc. -> Adobe Inc.)
Task: {CEF0A94B-202E-4414-A29B-1EA869791D68} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1812155880-2879728718-321869557-1001 => C:\Users\prede\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [89096 2022-10-19] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {E6E4A91B-1534-4CB6-A4C7-2E9185CC1E41} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {E8925BE8-F2A8-418F-A4F5-3CB3514E44DE} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2295192 2023-01-30] (Avast Software s.r.o. -> Avast Software)
Task: {F04D0839-E657-457E-A3B6-05145759FBB7} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FF638C8D-1EFE-401A-97E3-9CA51FEC9EC8} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1900320 2023-01-19] (Lenovo -> )
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 85.132.179.206 188.75.176.2
Tcpip\..\Interfaces\{668a8c6c-7b8c-4b02-bbe8-edc5d131d167}: [DhcpNameServer] 85.132.179.206 188.75.176.2
Tcpip\..\Interfaces\{a35a8c51-4bf9-47e1-9a15-f2791e77e1d7}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\prede\AppData\Local\Microsoft\Edge\User Data\Default [2023-03-02]
Edge DownloadDir: Default -> C:\Users\prede\OneDrive\Plocha
Edge Notifications: Default -> hxxps://www.facebook.com; hxxps://www.instagram.com; hxxps://www.youtube.com
Edge HomePage: Default -> hxxp://google.cz/
Edge StartupUrls: Default -> "hxxp://google.cz/"
FireFox:
========
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-02-14] (Adobe Inc. -> Adobe Systems Inc.)
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-02-01] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8603544 2023-02-15] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [576408 2023-02-15] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2065304 2023-02-15] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [575896 2023-02-15] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-08-31] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [9712432 2022-09-18] (BattlEye Innovations e.K. -> )
R2 DolbyDAXAPI; C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_925ded1d9428eaee\DAX3API.exe [2205144 2020-12-22] (Dolby Laboratories, Inc. -> Dolby Laboratories)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1136040 2022-12-18] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2023-02-19] (Epic Games Inc. -> Epic Games, Inc.)
R2 FMAPOService; C:\Windows\System32\FMService64.exe [390400 2020-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 LenovoFnAndFunctionKeys; C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_cd446641b2a10fd9\LenovoUtilityService.exe [279264 2023-01-13] (Lenovo -> Lenovo(beijing) Limited)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2579264 2023-02-09] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3497800 2023-02-09] (Electronic Arts, Inc. -> Electronic Arts)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [16119104 2022-09-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 TwitchService; C:\Program Files\Common Files\Twitch\TwitchService.exe [363008 2023-01-25] (Twitch Interactive, Inc. -> )
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10430256 2022-11-10] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_7947c31fc944635c\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_7947c31fc944635c\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [31392 2023-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [231800 2023-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [391264 2023-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [297848 2023-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [95928 2023-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [25576 2022-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [39600 2023-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [268448 2023-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [556080 2023-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [105216 2023-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [80392 2023-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [852016 2023-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [696016 2023-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [212632 2023-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [319016 2023-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R3 DroidCam; C:\Windows\System32\drivers\droidcam.sys [32240 2020-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Dev47Apps)
R3 DroidCamVideo; C:\Windows\System32\DriverStore\FileRepository\droidcamvideo.inf_amd64_47e18363cbf3dfe0\droidcamvideo.sys [33784 2021-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [22216888 2022-11-10] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-03-02 19:39 - 2023-03-02 19:39 - 000000000 ____D C:\FRST
2023-03-02 17:05 - 2023-03-02 19:16 - 000000000 ____D C:\Users\prede\AppData\Local\Discord
2023-03-02 17:05 - 2023-03-02 17:05 - 083185944 _____ (Discord Inc.) C:\Users\prede\DiscordSetup.exe
2023-03-02 16:48 - 2023-03-02 16:48 - 000418905 _____ C:\Users\prede\AppData\Roaming\cookies.txt
2023-03-02 16:48 - 2023-03-02 16:48 - 000068996 _____ C:\Users\prede\AppData\Roaming\autofilldata.txt
2023-03-02 16:48 - 2023-03-02 16:48 - 000002686 _____ C:\Users\prede\AppData\Roaming\passwords.txt
2023-03-02 16:48 - 2023-03-02 16:48 - 000000146 _____ C:\Users\prede\AppData\Roaming\creditcards.txt
2023-03-02 16:48 - 2023-03-02 16:48 - 000000000 ____D C:\Users\prede\AppData\Roaming\findthehidden
2023-03-01 16:08 - 2023-03-01 16:08 - 000000000 ____D C:\Users\prede\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DroidCam
2023-03-01 16:08 - 2023-03-01 16:08 - 000000000 ____D C:\Program Files (x86)\DroidCam
2023-02-24 18:55 - 2023-02-24 18:55 - 000000000 ____D C:\PaintToolSAI
2023-02-18 16:22 - 2023-02-18 16:22 - 000000000 ____D C:\Users\prede\AppData\Local\VALORANT
2023-02-17 14:26 - 2023-02-17 14:26 - 002187349 _____ C:\Users\prede\OneDrive\Documents\transition.aep.webm
2023-02-15 15:48 - 2023-02-15 15:48 - 000000000 ___HD C:\$WinREAgent
2023-02-15 10:23 - 2023-02-15 10:23 - 000288664 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2023-02-10 09:34 - 2023-02-10 09:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\lenovo
2023-02-10 00:15 - 2023-02-24 18:55 - 000000620 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PaintTool SAI Ver.1.lnk
2023-02-10 00:15 - 2023-02-10 00:15 - 002470500 _____ C:\Users\prede\Downloads\painttool-sai-1.2.5-installer.exe
2023-02-10 00:15 - 2023-02-10 00:15 - 000000000 ____D C:\Users\prede\AppData\Roaming\SYSTEMAX Software Development
2023-02-10 00:15 - 2023-02-10 00:15 - 000000000 ____D C:\ProgramData\SYSTEMAX Software Development
2023-02-02 14:22 - 2023-02-15 15:54 - 000258096 _____ C:\Windows\system32\FNTCACHE.DAT
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-03-02 19:34 - 2021-09-01 14:12 - 000000000 ____D C:\Program Files (x86)\Steam
2023-03-02 19:27 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-03-02 19:18 - 2021-09-01 14:07 - 000000000 ____D C:\Users\prede\AppData\Roaming\discord
2023-03-02 18:13 - 2021-08-31 19:07 - 000000000 ____D C:\Users\prede\AppData\Local\D3DSCache
2023-03-02 17:50 - 2021-11-12 16:52 - 000000000 ____D C:\ProgramData\Origin
2023-03-02 17:47 - 2022-03-11 18:14 - 000000000 ____D C:\Users\prede\AppData\Local\Battle.net
2023-03-02 17:46 - 2021-11-12 16:52 - 000000000 ____D C:\Users\prede\AppData\Local\Origin
2023-03-02 17:18 - 2021-08-31 20:08 - 000000000 ____D C:\ProgramData\NVIDIA
2023-03-02 17:16 - 2021-08-31 19:09 - 000000000 ___RD C:\Users\prede\OneDrive
2023-03-02 17:06 - 2021-08-31 19:08 - 001693864 _____ C:\Windows\system32\PerfStringBackup.INI
2023-03-02 17:06 - 2019-12-07 15:43 - 000719668 _____ C:\Windows\system32\perfh005.dat
2023-03-02 17:06 - 2019-12-07 15:43 - 000145794 _____ C:\Windows\system32\perfc005.dat
2023-03-02 17:06 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2023-03-02 17:05 - 2021-09-01 14:07 - 000000000 ____D C:\Users\prede\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2023-03-02 17:05 - 2021-09-01 14:07 - 000000000 ____D C:\Users\prede\AppData\Local\SquirrelTemp
2023-03-02 17:05 - 2021-08-31 19:05 - 000000000 ____D C:\Users\prede
2023-03-02 17:01 - 2022-12-07 01:10 - 000000001 _____ C:\Windows\vgkbootstatus.dat
2023-03-02 16:59 - 2022-10-02 18:57 - 000000000 ____D C:\Program Files\TeamViewer
2023-03-02 16:59 - 2021-09-01 01:00 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-03-02 16:59 - 2021-09-01 00:59 - 000008192 ___SH C:\DumpStack.log.tmp
2023-03-02 16:59 - 2021-08-31 19:38 - 000000000 ____D C:\ProgramData\Avast Software
2023-03-02 16:59 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2023-03-02 16:58 - 2019-12-07 10:03 - 000786432 _____ C:\Windows\system32\config\BBI
2023-03-02 16:38 - 2021-12-11 00:08 - 000003062 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1812155880-2879728718-321869557-1001
2023-03-02 16:38 - 2021-09-01 01:00 - 000003568 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-03-02 16:38 - 2021-09-01 01:00 - 000003344 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-03-02 16:38 - 2021-08-31 20:08 - 000003398 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-02 16:38 - 2021-08-31 20:08 - 000003196 _____ C:\Windows\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-02 16:38 - 2021-08-31 20:08 - 000003152 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-02 16:38 - 2021-08-31 20:08 - 000002984 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-02 16:38 - 2021-08-31 20:08 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-02 16:38 - 2021-08-31 20:08 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-02 16:38 - 2021-08-31 20:08 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-02 16:38 - 2021-08-31 20:08 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-02 16:38 - 2021-08-31 20:08 - 000002914 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-02 16:38 - 2021-08-31 20:08 - 000002744 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-02 16:38 - 2021-08-31 19:50 - 000003482 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2023-03-02 16:38 - 2021-08-31 19:40 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2023-03-02 16:38 - 2021-08-31 19:09 - 000002858 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1812155880-2879728718-321869557-1001
2023-03-02 15:39 - 2021-09-01 00:59 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-03-02 14:52 - 2021-09-01 13:56 - 000000000 ____D C:\ProgramData\Riot Games
2023-03-01 20:36 - 2021-09-01 13:57 - 000000000 ____D C:\Users\prede\AppData\Local\CrashDumps
2023-03-01 20:35 - 2023-01-28 15:50 - 000001608 _____ C:\ProgramData\droidcam-client-options-v2
2023-03-01 20:35 - 2023-01-28 15:50 - 000000401 _____ C:\ProgramData\droidcam-settings
2023-03-01 19:36 - 2023-01-29 12:39 - 000000000 ____D C:\Users\prede\AppData\Roaming\obs-studio
2023-03-01 16:19 - 2022-03-21 11:54 - 000000000 ____D C:\Users\prede\AppData\Local\ElevatedDiagnostics
2023-03-01 15:29 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\LiveKernelReports
2023-03-01 15:25 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2023-03-01 15:23 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-02-28 14:29 - 2021-08-31 19:05 - 000002377 _____ C:\Users\prede\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-02-27 14:51 - 2021-09-01 01:00 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-02-26 20:15 - 2021-10-03 14:06 - 000000000 ____D C:\Users\prede\AppData\Roaming\vlc
2023-02-26 20:09 - 2022-09-17 10:38 - 000000000 ____D C:\torenty
2023-02-23 20:11 - 2023-01-28 14:33 - 000001871 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Streamlabs Desktop.lnk
2023-02-23 20:11 - 2022-10-12 13:50 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2023-02-23 20:11 - 2022-08-05 18:10 - 000001255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Legion Arena.lnk
2023-02-23 20:11 - 2021-10-29 13:38 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2023-02-23 20:11 - 2021-09-01 14:26 - 000001270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2023-02-23 20:11 - 2021-09-01 14:04 - 000001082 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2023-02-23 18:27 - 2023-01-28 14:16 - 000000000 ____D C:\twitch
2023-02-22 21:40 - 2022-09-15 18:14 - 000002088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2023-02-18 16:22 - 2021-09-01 14:26 - 000000000 ____D C:\ProgramData\Epic
2023-02-18 16:21 - 2021-09-01 13:56 - 000000000 ____D C:\Users\prede\AppData\Local\Riot Games
2023-02-16 23:55 - 2021-08-31 19:09 - 000000000 ____D C:\Users\prede\AppData\Local\PlaceholderTileLogoFolder
2023-02-16 23:55 - 2021-08-31 19:07 - 000000000 ____D C:\Users\prede\AppData\Local\Packages
2023-02-16 23:55 - 2021-08-31 19:07 - 000000000 ____D C:\ProgramData\Packages
2023-02-15 15:54 - 2021-08-31 20:06 - 000000000 ____D C:\Windows\TempInst
2023-02-15 15:53 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-02-15 15:53 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-02-15 15:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2023-02-15 15:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2023-02-15 15:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2023-02-15 15:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2023-02-15 15:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\DDFs
2023-02-15 15:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-02-15 15:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2023-02-15 15:53 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2023-02-15 15:51 - 2021-08-31 19:03 - 003015680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-02-15 15:02 - 2021-08-31 19:14 - 000000000 ____D C:\Windows\system32\MRT
2023-02-15 15:01 - 2021-08-31 19:14 - 149955784 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-02-15 10:23 - 2022-09-15 18:14 - 000031392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2023-02-15 10:23 - 2021-08-31 19:40 - 000852016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2023-02-15 10:23 - 2021-08-31 19:40 - 000696016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2023-02-15 10:23 - 2021-08-31 19:40 - 000556080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2023-02-15 10:23 - 2021-08-31 19:40 - 000391264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2023-02-15 10:23 - 2021-08-31 19:40 - 000319016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2023-02-15 10:23 - 2021-08-31 19:40 - 000297848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2023-02-15 10:23 - 2021-08-31 19:40 - 000268448 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2023-02-15 10:23 - 2021-08-31 19:40 - 000231800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2023-02-15 10:23 - 2021-08-31 19:40 - 000105216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2023-02-15 10:23 - 2021-08-31 19:40 - 000095928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2023-02-15 10:23 - 2021-08-31 19:40 - 000080392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2023-02-15 10:23 - 2021-08-31 19:40 - 000039600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2023-02-15 10:23 - 2021-08-31 19:40 - 000003990 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2023-02-15 10:23 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-02-11 20:07 - 2023-01-29 20:04 - 000000000 ____D C:\Users\prede\AppData\Local\osu!
2023-02-10 22:40 - 2021-08-31 20:06 - 000000000 ____D C:\ProgramData\Lenovo
2023-02-10 09:34 - 2022-04-01 13:31 - 000000000 ____D C:\Program Files (x86)\Lenovo
2023-02-10 09:34 - 2021-09-03 08:34 - 000001921 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2023-02-10 09:34 - 2021-08-31 20:06 - 000000000 ____D C:\Windows\system32\Tasks\TVT
2023-02-09 22:27 - 2021-11-12 16:53 - 000000000 ____D C:\Program Files (x86)\Origin
2023-02-05 05:55 - 2022-03-20 13:58 - 000000000 ____D C:\Users\prede\AppData\Roaming\paradox-launcher-v2
2023-02-04 02:20 - 2022-03-11 18:13 - 000000000 ____D C:\Program Files (x86)\Battle.net
2023-02-04 01:47 - 2021-09-02 18:18 - 000000000 ____D C:\Users\prede\AppData\Roaming\EasyAntiCheat
2023-02-02 14:22 - 2021-08-31 19:40 - 000000000 ____D C:\Program Files\Common Files\Avast Software
==================== Files in the root of some directories ========
2023-03-02 17:05 - 2023-03-02 17:05 - 083185944 _____ (Discord Inc.) C:\Users\prede\DiscordSetup.exe
2022-09-16 23:36 - 2019-11-28 00:00 - 000006026 _____ () C:\Program Files\current.btskin
2022-09-17 01:12 - 2022-11-05 21:08 - 000000607 _____ () C:\Program Files\dht.dat
2022-09-17 01:12 - 2022-09-17 01:12 - 000004118 _____ () C:\Program Files\dht.dat.old
2022-09-16 23:41 - 2022-11-05 21:08 - 000000002 _____ () C:\Program Files\dht_feed.dat
2022-09-16 23:41 - 2022-09-17 01:12 - 000000002 _____ () C:\Program Files\dht_feed.dat.old
2022-09-16 23:38 - 2022-09-16 23:37 - 000035362 ____N () C:\Program Files\Pan.prstenu.Prsteny Moci.S01E01.2160p.mkv.torrent
2022-11-05 21:07 - 2022-09-17 01:12 - 000004534 _____ () C:\Program Files\resume.20221105.210736.dat
2022-09-16 23:40 - 2022-11-05 21:08 - 000005014 _____ () C:\Program Files\resume.dat
2022-09-16 23:40 - 2022-09-17 01:12 - 000004534 _____ () C:\Program Files\resume.dat.old
2022-09-17 01:12 - 2022-11-05 21:08 - 000000099 _____ () C:\Program Files\rss.dat
2022-09-17 01:12 - 2022-09-17 01:12 - 000000099 _____ () C:\Program Files\rss.dat.old
2022-09-16 23:36 - 2022-11-05 21:08 - 000012454 _____ () C:\Program Files\settings.dat
2022-09-16 23:36 - 2022-11-05 21:08 - 000012489 _____ () C:\Program Files\settings.dat.old
2022-09-16 23:36 - 2019-11-28 00:00 - 000027702 _____ () C:\Program Files\toolbar.bmp
2022-09-16 23:36 - 2022-02-14 18:00 - 000378160 _____ (Zdenek Svub) C:\Program Files\uninstall.exe
2022-09-16 23:36 - 2019-11-28 00:00 - 000189334 _____ () C:\Program Files\utorrent-313-26837.chm
2022-09-16 23:36 - 2022-02-20 20:00 - 000752432 _____ (BitTorrent, Inc.) C:\Program Files\utorrent.exe
2022-09-16 23:36 - 2019-11-28 00:00 - 000954701 _____ () C:\Program Files\utorrent.lng
2022-09-16 23:36 - 2019-11-28 00:00 - 000000049 _____ () C:\Program Files\utorrent.url
2022-09-16 23:36 - 2019-11-28 00:00 - 000184498 _____ () C:\Program Files\webui.zip
2021-10-03 14:06 - 2021-10-03 14:06 - 041372992 _____ () C:\Program Files (x86)\vlc-3.0.16-win32.exe
2023-03-02 16:48 - 2023-03-02 16:48 - 000068996 _____ () C:\Users\prede\AppData\Roaming\autofilldata.txt
2023-03-02 16:48 - 2023-03-02 16:48 - 000418905 _____ () C:\Users\prede\AppData\Roaming\cookies.txt
2023-03-02 16:48 - 2023-03-02 16:48 - 000000146 _____ () C:\Users\prede\AppData\Roaming\creditcards.txt
2023-03-02 16:48 - 2023-03-02 16:48 - 000002686 _____ () C:\Users\prede\AppData\Roaming\passwords.txt
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-03-2023
Ran by prede (02-03-2023 19:40:31)
Running from C:\Users\prede\OneDrive\Plocha
Microsoft Windows 10 Pro Version 22H2 19045.2604 (X64) (2021-08-31 18:02:49)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1812155880-2879728718-321869557-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1812155880-2879728718-321869557-503 - Limited - Disabled)
Guest (S-1-5-21-1812155880-2879728718-321869557-501 - Limited - Disabled)
prede (S-1-5-21-1812155880-2879728718-321869557-1001 - Administrator - Enabled) => C:\Users\prede
WDAGUtilityAccount (S-1-5-21-1812155880-2879728718-321869557-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.1.3.26837 - emc, uTorrent.CZ)
Adobe Acrobat Reader - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 22.003.20322 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601042}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 23.1.6049 - Avast Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-1812155880-2879728718-321869557-1001\...\Discord) (Version: 1.0.9011 - Discord Inc.)
DroidCam Client (HKLM-x32\...\DroidCam) (Version: 6.5.2 - DEV47APPS)
Epic Games Launcher (HKLM-x32\...\{A7BBC0A6-3DB0-41CC-BCED-DDFC5D4F3060}) (Version: 1.2.17.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-1812155880-2879728718-321869557-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Legion Arena (HKLM-x32\...\Legion Arena_is1) (Version: 1.3.0.39 - Lenovo Group Ltd.)
Lenovo Service Bridge (HKU\S-1-5-21-1812155880-2879728718-321869557-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.2.13 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.08.01.0009 - Lenovo)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 110.0.1587.57 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 110.0.1587.57 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{6BBE9278-659F-FA16-E4B8-C2D60DE0DCC7}) (Version: 10.1.22621.1863 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1812155880-2879728718-321869557-1001\...\OneDriveSetup.exe) (Version: 23.033.0212.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31931 (HKLM-x32\...\{d4cecf3b-b68f-4995-8840-52ea0fab646e}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29334 (HKLM-x32\...\{14C49FC8-3E9B-4F29-8526-26629B5CF30B}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29334 (HKLM-x32\...\{0D01A812-82A1-481F-8546-8E28E976F8DF}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31931 (HKLM\...\{EAE242B1-0A26-485A-BFEB-0292EE9F03CB}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31931 (HKLM\...\{CF4C347D-954E-4543-88D2-EC17F07F466F}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Minecraft Launcher (HKLM-x32\...\{733C3ACB-432D-4880-B0E1-660000D7974D}) (Version: 1.0.0.0 - Mojang)
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 517.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 517.00 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 27.2.4 - OBS Project)
Origin (HKLM-x32\...\Origin) (Version: 10.5.119.52718 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{4e28b818-673a-431d-ad82-6ed012649597}) (Version: latest - ppy Pty Ltd)
PaintTool SAI Ver.1 (HKLM-x32\...\PaintToolSAI) (Version: - )
Paradox Launcher v2 (HKLM\...\{66DA3501-823A-4F07-A20D-C64495A59DC8}) (Version: 2.1.0 - Paradox Interactive)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StreamElements SE.Live (HKLM-x32\...\StreamElements OBS.Live) (Version: 22.9.8.69 - StreamElements)
Streamlabs Desktop 1.12.5 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 1.12.5 - General Workings, Inc.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.34.4 - TeamViewer)
TmUnitedForever Update 2010-03-15 (HKLM-x32\...\TmUnitedForever_is1) (Version: - Nadeo)
Twitch Studio (HKU\S-1-5-21-1812155880-2879728718-321869557-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF372B0}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Uplay (HKLM-x32\...\Uplay) (Version: 22.1 - Ubisoft)
VALORANT (HKU\S-1-5-21-1812155880-2879728718-321869557-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.18 - VideoLAN)
WhatsApp (HKU\S-1-5-21-1812155880-2879728718-321869557-1001\...\WhatsApp) (Version: 2.2140.7 - WhatsApp)
WinRAR 6.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.10.0 - win.rar GmbH)
Packages:
=========
Dolby Atmos for Gaming -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAtmosforGaming_3.20800.804.0_x64__rz1tebttyb220 [2021-08-31] (Dolby Laboratories)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-09-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-09-01] (Microsoft Corporation) [MS Ad]
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.1.28.0_x64__8wekyb3d8bbwe [2022-08-22] (Microsoft Studios)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-10-17] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.12.219.0_x64__dt26b99r8h8gj [2021-08-31] (Realtek Semiconductor Corp)
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.564.444.0_x86__55nm5eh3cm0pr [2023-02-28] (ROBLOX Corporation)
Rychlý pomocník -> C:\Program Files\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.19.0_x64__8wekyb3d8bbwe [2023-02-28] (Microsoft Corp.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2022-12-08] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0 [2023-02-18] (Spotify AB) [Startup Task]
Trio Office -> C:\Program Files\WindowsApps\64343GTDocStudio.OfficeDocOpener_3.3.2.0_x86__3h5nez1g3qt2c [2022-08-26] (GT Office PDF Studio)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2306.4.0_x64__cv1g1gvanyjgm [2023-02-23] (WhatsApp Inc.) [Startup Task]
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.747.1945.0_x64__8wekyb3d8bbwe [2023-02-03] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x64__8wekyb3d8bbwe [2023-02-28] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x86__8wekyb3d8bbwe [2023-02-28] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-02-28] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-02-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-02-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-01-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-01-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-02-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_7947c31fc944635c\nvshext.dll [2022-09-15] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-02-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-01-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-01-24] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32-x32: [vidc.VP60] => C:\Windows\system32\vp6vfw.dll
HKLM\...\Drivers32-x32: [vidc.VP61] => C:\Windows\system32\vp6vfw.dll
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2021-09-01 14:12 - 2022-11-07 11:17 - 000387072 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2021-09-01 14:12 - 2022-11-07 11:17 - 008052736 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2023-02-23 00:01 - 2023-02-23 00:01 - 001530368 _____ () [File not signed] C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2306.4.0_x64__cv1g1gvanyjgm\e_sqlite3.dll
2023-02-23 00:01 - 2023-02-23 00:02 - 104974336 _____ () [File not signed] C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2306.4.0_x64__cv1g1gvanyjgm\WhatsApp.dll
2023-02-23 00:01 - 2023-02-23 00:02 - 008795648 _____ () [File not signed] C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2306.4.0_x64__cv1g1gvanyjgm\WhatsAppNative.dll
2017-03-02 15:19 - 2017-03-02 15:19 - 000310272 ____N (easyhook.codeplex.com) [File not signed] C:\ProgramData\Dolby\DAX3\RADARHOST\EasyHook64.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData:err [1116]
AlternateDataStreams: C:\Users\All Users:err [1116]
AlternateDataStreams: C:\ProgramData\Data aplikací:err [1116]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk:8F93AA8F75 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk:21661D084B [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Legion Arena.lnk:20903A5BF7 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk:F20EF51E1F [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Streamlabs Desktop.lnk:578370639A [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk:F208FC6732 [3442]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [2668]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
2022-01-21 09:20 - 2022-01-21 09:20 - 000000375 _____ C:\Windows\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1812155880-2879728718-321869557-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 85.132.179.206 - 188.75.176.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{C71F7907-10DB-4A49-8946-DA0A86FBB71E}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{9F5531CB-4CF5-4E57-9C0C-DD5F2AB468EF}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{943D21ED-813A-49C3-9EAE-1649FE848950}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CA4F5E17-BE89-49B0-AD21-9E39EAD0CF30}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{ABBE9197-045E-4EEA-9208-322DB74141A8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{42EFA61E-2F7F-4226-B52C-FC4AA34EF7CC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D6464696-B9F1-4DC4-9D5D-C41C8F03B25A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BFBE07D4-34B0-47EC-8E26-D7D84A087BB6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{210AF5EC-1761-40BB-B362-AF3523AAA4AA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{79C257FF-50B4-4CC0-B1D3-FFF326C0C820}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E385B363-1C25-4AC9-8F8A-3F0E63B7BB77}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A681EAED-526D-40B0-BC42-99E1C9F8AB5F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{BEF3F261-BFD6-4BAD-B318-611F381A67A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{2A1B2984-58C4-4FF6-A3B9-F78F792AF8EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{4F2123A4-44F1-48AA-BCE5-2819A5AF9BBB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client.exe () [File not signed]
FirewallRules: [{B4E81CD1-C7A2-4FDC-AC58-F845D6656B48}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client.exe () [File not signed]
FirewallRules: [{5AD29465-A8CE-4F52-ADA5-49F6048BF9EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{18A77AF5-56B0-4CE5-926F-48E954F4844D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{0B75C564-CAC6-49F3-A965-EDA4DFEEC15A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
FirewallRules: [{0A780763-899E-4E96-9423-373EF6FE6954}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
FirewallRules: [{B5EDA9EC-3585-4C63-9B42-1A16DE889A20}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Green Hell\GH.exe () [File not signed]
FirewallRules: [{D5037AAF-98B1-4ABD-BBA8-ECF2726CE7BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Green Hell\GH.exe () [File not signed]
FirewallRules: [{E2D58AD3-AC65-400F-91D8-C950E8E00AB4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForever.exe () [File not signed]
FirewallRules: [{37D0A9A2-93B6-49AE-BF13-B29F36BE16F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForever.exe () [File not signed]
FirewallRules: [{EEF29C3C-38D4-4759-B4FA-7B0F4D9E7727}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe () [File not signed]
FirewallRules: [{CC5D5326-4037-414E-963C-A0FB2D98C2D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe () [File not signed]
FirewallRules: [TCP Query User{94CF6D88-B7C4-4758-9E3E-CFB86A5E1724}C:\program files\warcraft od pepíka\war3.exe] => (Allow) C:\program files\warcraft od pepíka\war3.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [UDP Query User{5508F3E5-A98A-4FCC-B138-05AF700C2C1A}C:\program files\warcraft od pepíka\war3.exe] => (Allow) C:\program files\warcraft od pepíka\war3.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [TCP Query User{3ECFDF6A-AFF4-4335-8E26-93EE1E29E33A}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{D59F8990-DA04-4C3E-B7BB-78C120755373}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{92584F15-76BA-43EB-B29E-95B4CBDA8F1F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ben and Ed\BenAndEd.exe () [File not signed]
FirewallRules: [{38E25EEA-C90C-499D-84E5-62EE8D9470DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ben and Ed\BenAndEd.exe () [File not signed]
FirewallRules: [{E9EBF142-1737-4B3E-B15B-494450F91815}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ben and Ed - Blood Party\BaEBloodParty.exe () [File not signed]
FirewallRules: [{BA222D2C-5E69-451F-A692-FE5D01C208FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ben and Ed - Blood Party\BaEBloodParty.exe () [File not signed]
FirewallRules: [{068E36DD-9610-4F26-A321-FB10DF25287A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\UNO Demo\UNO.exe (Chengdu Ubisoft Software Co., Ltd. -> )
FirewallRules: [{C9507E20-3972-40F2-A736-1060342BC9BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\UNO Demo\UNO.exe (Chengdu Ubisoft Software Co., Ltd. -> )
FirewallRules: [{5101314F-649B-448B-B56E-FE6CBF426868}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\March of Empires\MOE.exe () [File not signed]
FirewallRules: [{D7CDA1C7-0C6B-4F40-B1C4-48FAAE0DE773}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\March of Empires\MOE.exe () [File not signed]
FirewallRules: [TCP Query User{F1F85E12-73AB-4575-B8A9-CCEF6E9FA65E}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{B0113156-5F73-4645-8508-EA5A3DCB3563}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{67BD0561-B75E-4C79-84AB-0DB00C0936C6}C:\program files (x86)\steam\steamapps\common\ben and ed - blood party\baebloodparty\binaries\win32\baebloodparty.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\ben and ed - blood party\baebloodparty\binaries\win32\baebloodparty.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{861BC72C-E7C1-476B-9305-AF7BD6DE7122}C:\program files (x86)\steam\steamapps\common\ben and ed - blood party\baebloodparty\binaries\win32\baebloodparty.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\ben and ed - blood party\baebloodparty\binaries\win32\baebloodparty.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{30766E00-EF0A-4F6D-AD49-ADB324AF7F40}C:\program files (x86)\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{6AB276FE-AFE9-4D19-8420-949CAE351D44}C:\program files (x86)\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [{C52DCA10-F6A7-4969-9873-BC7213168EAE}] => (Allow) C:\Program Files\utorrent.exe (Zdenek Svub -> BitTorrent, Inc.)
FirewallRules: [{A6EFD419-E046-474D-9267-BA3A573C237E}] => (Allow) C:\Program Files\utorrent.exe (Zdenek Svub -> BitTorrent, Inc.)
FirewallRules: [{4CD0879E-1ED6-4DCA-B0FE-DAD85417741E}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{AA44A6A6-B087-4FC7-9A50-4AA6021A7733}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0AA75DA4-B7FC-49F0-9195-05C9B93A36CD}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1EE13C3B-43FB-4F9D-A04C-0BCC68C5D66F}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F9162D7B-4031-4267-9FE2-8C3B08BEFB35}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Keep Talking and Nobody Explodes\ktane.exe () [File not signed]
FirewallRules: [{3A1CBDEC-8D53-4218-A06D-698169FA64E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Keep Talking and Nobody Explodes\ktane.exe () [File not signed]
FirewallRules: [{C1E8F202-78EE-4E0A-9D5B-6BBF75E7090A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Business Tour\BusinessTour.exe () [File not signed]
FirewallRules: [{68892882-5D7F-4ACC-9141-C29757EE8226}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Business Tour\BusinessTour.exe () [File not signed]
FirewallRules: [{6C2C9EBE-AC7A-4799-8910-A9A8036C5A95}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FlatOut2\FlatOut2.exe () [File not signed]
FirewallRules: [{0FA70662-63EC-4A61-B480-B95AE4917BF4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FlatOut2\FlatOut2.exe () [File not signed]
FirewallRules: [{64B818C7-4CC2-44BF-9006-86CEFA6813C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Zoo 2 Animal Park\zoo2.exe (Unity Technologies ApS) [File not signed]
FirewallRules: [{1CD71B39-235D-43C9-AF79-55C98B90D7AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Zoo 2 Animal Park\zoo2.exe (Unity Technologies ApS) [File not signed]
FirewallRules: [{E49D1AF7-A9BA-47D9-AE26-D14CACFDA865}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{58D54970-42D1-4CA8-8828-7B04DACA05B2}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{55CAC596-4F0B-4503-B137-60184FDF12BF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0DCA3C11-C874-4601-865A-0AB0C5AB470A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0E1AC7F7-5959-43BE-89EE-31CE05129C08}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D2C16612-4B92-4776-9AA9-35ADC0BA4388}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{ADCD6115-663E-4CB0-9A6D-A383FC9FF33C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E5A63002-D1F2-45DB-940C-5827A0CB62C7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{016C1BEB-0801-439F-868C-A287626C459D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{69918162-3AE6-49AD-8519-C2AAA603F112}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B92CF8B9-CF60-43C0-A949-1D06D7CCB48B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3426.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{494AD965-25CA-417F-8AB0-FE3682827086}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3426.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{177D07B1-1F9A-439E-A05F-4FC7F0FAA1E1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3426.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F39D8108-9593-49FC-A363-B665AA05CC21}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3426.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AFF8D682-C433-45D5-8ECD-54F3A3A28F83}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.57\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
15-02-2023 15:48:20 Instalační služba modulů systému Windows
15-02-2023 15:48:43 Instalační služba modulů systému Windows
26-02-2023 18:14:46 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/02/2023 04:58:39 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (03/01/2023 08:35:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DroidCamApp.exe, verze: 0.0.0.0, časové razítko: 0x61624b41
Název chybujícího modulu: DroidCamApp.exe, verze: 0.0.0.0, časové razítko: 0x61624b41
Kód výjimky: 0xc0000005
Posun chyby: 0x0003a225
ID chybujícího procesu: 0x50ac
Čas spuštění chybující aplikace: 0x01d94c4fcf55e6d6
Cesta k chybující aplikaci: C:\Program Files (x86)\DroidCam\DroidCamApp.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\DroidCam\DroidCamApp.exe
ID zprávy: 482cc6fa-3314-47e3-91d3-b8082f6647d0
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (03/01/2023 04:03:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DroidCamApp.exe, verze: 0.0.0.0, časové razítko: 0x61624b41
Název chybujícího modulu: DroidCamApp.exe, verze: 0.0.0.0, časové razítko: 0x61624b41
Kód výjimky: 0xc0000005
Posun chyby: 0x0003a225
ID chybujícího procesu: 0x3854
Čas spuštění chybující aplikace: 0x01d94c4edf90c10a
Cesta k chybující aplikaci: C:\Program Files (x86)\DroidCam\DroidCamApp.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\DroidCam\DroidCamApp.exe
ID zprávy: 7aa2a273-c7c4-43e5-bae9-294b7d63117d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/27/2023 09:32:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DroidCamApp.exe, verze: 0.0.0.0, časové razítko: 0x61624b41
Název chybujícího modulu: DroidCamApp.exe, verze: 0.0.0.0, časové razítko: 0x61624b41
Kód výjimky: 0xc0000005
Posun chyby: 0x0003a225
ID chybujícího procesu: 0x43d4
Čas spuštění chybující aplikace: 0x01d94ab59c22b6c9
Cesta k chybující aplikaci: C:\Program Files (x86)\DroidCam\DroidCamApp.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\DroidCam\DroidCamApp.exe
ID zprávy: e0fb7870-af14-4583-a7de-44d7a1b2a09d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/24/2023 10:46:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 3.1.3.26837, časové razítko: 0x4f5934c0
Název chybujícího modulu: GDI32.dll, verze: 10.0.19041.2130, časové razítko: 0x463c9bed
Kód výjimky: 0xc000041d
Posun chyby: 0x00005e57
ID chybujícího procesu: 0x1404
Čas spuštění chybující aplikace: 0x01d9487360963dff
Cesta k chybující aplikaci: C:\Program Files\utorrent.exe
Cesta k chybujícímu modulu: C:\Windows\System32\GDI32.dll
ID zprávy: 75dd2b78-b87f-4506-b989-41216b9ef941
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/23/2023 10:45:37 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na \\?\Volume{3a67c860-4f4a-07bf-1000-5763d3e2c1e4}\, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (02/23/2023 06:59:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: obs64.exe, verze: 29.0.2.0, časové razítko: 0x63de3702
Název chybujícího modulu: obs-browser.dll, verze: 0.0.0.0, časové razítko: 0x63b8a363
Kód výjimky: 0xc0000409
Posun chyby: 0x00000000000627e5
ID chybujícího procesu: 0x3218
Čas spuštění chybující aplikace: 0x01d94770b8ae1bf6
Cesta k chybující aplikaci: C:\Program Files (x86)\obs-studio\bin\64bit\obs64.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\obs-studio\obs-plugins\64bit\obs-browser.dll
ID zprávy: ff08da60-0d1c-48ba-9084-fb56dde9bb20
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/21/2023 03:50:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: obs64.exe, verze: 29.0.2.0, časové razítko: 0x63de3702
Název chybujícího modulu: obs-browser.dll, verze: 0.0.0.0, časové razítko: 0x63b8a363
Kód výjimky: 0xc0000409
Posun chyby: 0x00000000000627e5
ID chybujícího procesu: 0x1be0
Čas spuštění chybující aplikace: 0x01d94534e02fbf9c
Cesta k chybující aplikaci: C:\Program Files (x86)\obs-studio\bin\64bit\obs64.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\obs-studio\obs-plugins\64bit\obs-browser.dll
ID zprávy: d62ccc7a-f415-44c8-a078-92f48ba3a5cf
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (03/02/2023 05:16:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Origin Web Helper Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (03/02/2023 05:16:31 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Origin Web Helper Service bylo dosaženo časového limitu (30000 ms).
Error: (03/02/2023 04:59:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Origin Web Helper Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (03/02/2023 04:59:45 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Origin Web Helper Service bylo dosaženo časového limitu (30000 ms).
Error: (03/02/2023 04:59:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Origin Web Helper Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (03/02/2023 04:59:13 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Origin Web Helper Service bylo dosaženo časového limitu (45000 ms).
Error: (03/02/2023 04:58:34 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-D5FU0IC)
Description: Služba DCOM zjistila chybu 1053 při pokusu o spuštění služby BcastDVRUserService_10efdd s argumenty Není k dispozici za účelem spuštění serveru:
Windows.Media.Capture.Internal.AppCaptureShell
Error: (03/02/2023 04:58:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Uživatelská služba pro GameDVR a vysílání her_10efdd neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
CodeIntegrity:
===============
Date: 2023-03-02 17:01:14
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2023-03-02 17:00:22
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO EFCN54WW 02/14/2022
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i5-10300H CPU @ 2.50GHz
Percentage of memory in use: 38%
Total physical RAM: 16291.8 MB
Available physical RAM: 10030.56 MB
Total Virtual: 21411.8 MB
Available Virtual: 13164.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:953.26 GB) (Free:501.3 GB) (Model: SKHynix_HFS001TD9TNI-L2A0B) NTFS
\\?\Volume{0a407154-9aa0-4e6d-b063-bc0695595013}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{3a67c860-4f4a-07bf-1000-5763d3e2c1e4}\ () (Fixed) (Total:0.01 GB) (Free:0 GB) NTFS
\\?\Volume{a5965ef6-dfcc-44ef-bf59-d6697632a644}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 953.9 GB) (Disk ID: 5412D21F)
Partition: GPT.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 1.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Ukradený učet Discord
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118243
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Ukradený učet Discord
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Ukradený učet Discord
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-02-2023
# Duration: 00:00:01
# OS: Windows 10 (Build 19045.2604)
# Cleaned: 6
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
Deleted C:\Program Files\settings.dat
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.LenovoServiceBridge Folder C:\Users\prede\AppData\Local\PROGRAMS\LENOVO\LENOVO SERVICE BRIDGE
Deleted Preinstalled.LenovoServiceBridge Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1
Deleted Preinstalled.LenovoUpdate Folder C:\Program Files (x86)\LENOVO\SYSTEM UPDATE
Deleted Preinstalled.LenovoUpdate Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{03C6CC92-68F2-4961-9A73-CAECA350BD08}
Deleted Preinstalled.LenovoUpdate Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\TVSU_is1
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2008 octets] - [02/03/2023 20:05:04]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-02-2023
# Duration: 00:00:01
# OS: Windows 10 (Build 19045.2604)
# Cleaned: 6
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
Deleted C:\Program Files\settings.dat
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.LenovoServiceBridge Folder C:\Users\prede\AppData\Local\PROGRAMS\LENOVO\LENOVO SERVICE BRIDGE
Deleted Preinstalled.LenovoServiceBridge Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1
Deleted Preinstalled.LenovoUpdate Folder C:\Program Files (x86)\LENOVO\SYSTEM UPDATE
Deleted Preinstalled.LenovoUpdate Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{03C6CC92-68F2-4961-9A73-CAECA350BD08}
Deleted Preinstalled.LenovoUpdate Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\TVSU_is1
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2008 octets] - [02/03/2023 20:05:04]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118243
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Ukradený učet Discord
Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Ukradený učet Discord
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-03-2023
Ran by prede (administrator) on DESKTOP-D5FU0IC (LENOVO 82B3) (02-03-2023 21:24:23)
Running from C:\Users\prede\OneDrive\Plocha
Loaded Profiles: prede
Platform: Microsoft Windows 10 Pro Version 22H2 19045.2604 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <5>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\BreachGuard\bgui.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe <4>
(C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe ->) (Avast Software s.r.o. -> Software Security System) C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\Ekag20nt.exe
(C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe ->) (Avast Software s.r.o. -> The CefSharp Authors) C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe <4>
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.19.0_x64__8wekyb3d8bbwe\Microsoft.RemoteAssistance.QuickAssist\QuickAssist.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.57\msedgewebview2.exe <6>
(explorer.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Battery Saver\BatteryUI.exe <4>
(explorer.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe <4>
(explorer.exe ->) (Microsoft Corp.) C:\Program Files\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.19.0_x64__8wekyb3d8bbwe\Microsoft.RemoteAssistance.QuickAssist\QuickAssist.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <10>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AntiTrackSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Battery Saver\BatterySvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\BreachGuard\bgsvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_82b77f8c4618e2d0\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_7947c31fc944635c\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (WhatsApp Inc.) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2306.4.0_x64__cv1g1gvanyjgm\WhatsApp.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [1084704 2020-05-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [219032 2023-02-15] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3089288 2022-11-10] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [BatteryUI.exe] => C:\Program Files\Avast Software\Battery Saver\BatteryUI.exe [4500304 2023-03-02] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Avast BreachGuard] => C:\Program Files\Avast Software\BreachGuard\bgui.exe [7206296 2023-03-02] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [4332440 2023-03-02] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1812155880-2879728718-321869557-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4253032 2023-02-14] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1812155880-2879728718-321869557-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32823248 2023-03-01] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1812155880-2879728718-321869557-1001\...\Run: [MicrosoftEdgeAutoLaunch_8D8358F69C65887A7652BC79253FD377] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4243408 2023-02-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1812155880-2879728718-321869557-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3149608 2023-02-09] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-1812155880-2879728718-321869557-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1090168 2023-02-03] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-1812155880-2879728718-321869557-1001\...\Run: [Discord] => C:\Users\prede\AppData\Local\Discord\Update.exe [1525016 2023-02-13] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1812155880-2879728718-321869557-1001\...\MountPoints2: {65b6c973-48b6-11ec-a27e-841b77978b9f} - "D:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {08FD37D7-56CB-47CA-AA21-09E95A2BF9A3} - System32\Tasks\Avast Software\Avast Battery Saver BugReport => C:\Program Files\Avast Software\Battery Saver\AvBugReport.exe [4614992 2023-03-02] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 134 --programpath "C:\Program Files\Avast Software\Battery Saver\Setup\.." --configpath "C:\Program Files\Avast Software\Battery Saver\Setup" --path "C:\ProgramData\Avast Software\Battery Saver\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid 63b434e9-068f-4059-9d60-cf8ee48f4edf
Task: {0E1C5956-582C-44DA-9D88-6B540BF22B78} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [6788312 2023-01-04] (Avast Software s.r.o. -> Avast Software)
Task: {0F9BB63A-254A-48EE-B366-E656D2760C37} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1217944 2023-03-02] (Avast Software s.r.o. -> AVAST Software)
Task: {16B659E8-61C2-481B-8EAC-3D863EE9CEBF} - System32\Tasks\Avast Software\Avast Battery Saver Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-bs\icarus.exe [6667600 2022-05-18] (Avast Software s.r.o. -> Avast Software)
Task: {35B2AC89-C7B3-4A6F-8485-6179BAD50F87} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [6694224 2023-01-26] (Avast Software s.r.o. -> Avast Software)
Task: {3C1C047A-D719-4845-9AB4-97074E7A3711} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe PendingTask (No File)
Task: {406472C1-F9DB-4A9B-B42A-93F8038912E8} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4A0B94A2-DF5F-48BC-A23C-5B4C4D223B5E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4F596CA5-1283-4F2C-B2A5-A3B62DBAD087} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5077F5BB-50CE-4803-B051-DA91375E9036} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4698008 2023-03-02] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\Avast Software\SecureLine VPN\log" --guid bc650451-a0c4-47ec-a89d-b0dd08ab8aae
Task: {58B9185A-D041-471B-A086-893CB6E2162F} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [4664216 2023-03-02] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\Avast Software\Cleanup\log" --guid 8e05cab9-ec52-4d63-b2b9-b2b2976a3028
Task: {770A7C0A-C464-479C-B3A0-8FCD39D46829} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {83B60BE3-D155-46FA-A64D-9406B51AADC5} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {86348B11-306D-443B-A739-B8C2CB946C77} - System32\Tasks\Avast Software\Avast BreachGuard Crash Reporter => C:\Program Files\Avast Software\BreachGuard\AvBugReport.exe [4912024 2023-03-02] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 135 --path "C:\ProgramData\Avast Software\BreachGuard\log" --logpath "C:\ProgramData\Avast Software\BreachGuard\log" --configpath "C:\Program Files\Avast Software\BreachGuard\Setup" --programpath "C:\Program Files\Avast Software\BreachGuard" --guid 962f79a2-35ce-4fa9-90e9-02dee54062fe
Task: {8DEC1350-FB6A-4223-B15F-D69F854FBBA7} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4867992 2023-02-15] (Avast Software s.r.o. -> AVAST Software)
Task: {9B161BA6-A239-4C00-8068-5F5AB834D606} - System32\Tasks\Avast Software\AvastAntiTrackPremiumStart => C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe [813008 2023-03-02] (Avast Software s.r.o. -> AVAST Software)
Task: {9B413D16-EC47-4BCC-A11E-D45B56E204B9} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A0B98B1E-A7FE-4B54-AD48-25A39761AEDE} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {A2B43ED0-C5E8-426C-8695-D0B852175DDA} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C022C212-5889-448A-8D0B-A46FEDF662F0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1560056 2023-02-01] (Adobe Inc. -> Adobe Inc.)
Task: {C4D373CD-427F-4A4D-A3FA-17C330180BAE} - System32\Tasks\Avast Software\Avast BreachGuard Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-bg\icarus.exe [7049624 2023-02-22] (Avast Software s.r.o. -> Avast Software)
Task: {CEF0A94B-202E-4414-A29B-1EA869791D68} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1812155880-2879728718-321869557-1001 => C:\Users\prede\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe (No File)
Task: {E6E4A91B-1534-4CB6-A4C7-2E9185CC1E41} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {E8925BE8-F2A8-418F-A4F5-3CB3514E44DE} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2295192 2023-01-30] (Avast Software s.r.o. -> Avast Software)
Task: {F04D0839-E657-457E-A3B6-05145759FBB7} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FF638C8D-1EFE-401A-97E3-9CA51FEC9EC8} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe /CM -search R -action INSTALL -includerebootpackages 1,3,4,5 -noicon -noreboot -nolicense -defaultupdate -schtask (No File)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{668a8c6c-7b8c-4b02-bbe8-edc5d131d167}: [DhcpNameServer] 85.132.179.206 188.75.176.2
Tcpip\..\Interfaces\{a35a8c51-4bf9-47e1-9a15-f2791e77e1d7}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\prede\AppData\Local\Microsoft\Edge\User Data\Default [2023-03-02]
Edge DownloadDir: Default -> C:\Users\prede\OneDrive\Plocha
Edge Notifications: Default -> hxxps://www.facebook.com; hxxps://www.instagram.com; hxxps://www.youtube.com
Edge HomePage: Default -> hxxp://google.cz/
Edge StartupUrls: Default -> "hxxp://google.cz/"
FireFox:
========
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-02-14] (Adobe Inc. -> Adobe Systems Inc.)
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-02-01] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8603544 2023-02-15] (Avast Software s.r.o. -> AVAST Software)
R2 Avast BreachGuard Service; C:\Program Files\Avast Software\BreachGuard\bgsvc.exe [7399320 2023-03-02] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [576408 2023-02-15] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2065304 2023-02-15] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [575896 2023-02-15] (Avast Software s.r.o. -> AVAST Software)
R2 AvastAntiTrackSvc; C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AntiTrackSvc.exe [5779160 2023-03-02] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-08-31] (Avast Software s.r.o. -> AVAST Software)
R2 BatterySvc; C:\Program Files\Avast Software\Battery Saver\BatterySvc.exe [7427408 2023-03-02] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [9712432 2022-09-18] (BattlEye Innovations e.K. -> )
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [15615384 2023-03-02] (Avast Software s.r.o. -> AVAST Software)
S2 DolbyDAXAPI; C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_925ded1d9428eaee\DAX3API.exe [2205144 2020-12-22] (Dolby Laboratories, Inc. -> Dolby Laboratories)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1136040 2022-12-18] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2023-02-19] (Epic Games Inc. -> Epic Games, Inc.)
S2 FMAPOService; C:\Windows\System32\FMService64.exe [390400 2020-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
S2 LenovoFnAndFunctionKeys; C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_cd446641b2a10fd9\LenovoUtilityService.exe [279264 2023-01-13] (Lenovo -> Lenovo(beijing) Limited)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2579264 2023-02-09] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3497800 2023-02-09] (Electronic Arts, Inc. -> Electronic Arts)
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [9639320 2023-03-02] (Avast Software s.r.o. -> AVAST Software)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [16119104 2022-09-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 TwitchService; C:\Program Files\Common Files\Twitch\TwitchService.exe [363008 2023-01-25] (Twitch Interactive, Inc. -> )
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10430256 2022-11-10] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_7947c31fc944635c\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_7947c31fc944635c\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S3 SUService; "C:\Program Files (x86)\Lenovo\System Update\SUService.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [231800 2023-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [391264 2023-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [297848 2023-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [95928 2023-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [25576 2022-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [39600 2023-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [268448 2023-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [556080 2023-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [105216 2023-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [80392 2023-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [852016 2023-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [696016 2023-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [212632 2023-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [319016 2023-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R3 aswVpnRdr; C:\Windows\System32\drivers\aswVpnRdr.sys [72584 2023-03-02] (Avast Software s.r.o. -> Avast Software)
S3 aswWireGuard; C:\Windows\System32\drivers\aswWireguard.sys [184544 2023-03-02] (Avast Software s.r.o. -> Avast Software)
R3 DroidCam; C:\Windows\System32\drivers\droidcam.sys [32240 2020-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Dev47Apps)
R3 DroidCamVideo; C:\Windows\System32\DriverStore\FileRepository\droidcamvideo.inf_amd64_47e18363cbf3dfe0\droidcamvideo.sys [33784 2021-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R1 netfilter2; C:\Windows\System32\drivers\netfilter2.sys [124952 2023-03-02] (Avast Software s.r.o. -> Windows (R) Win 7 DDK provider)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [22216888 2022-11-10] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-03-02 21:17 - 2023-03-02 21:17 - 000124952 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\netfilter2.sys
2023-03-02 21:17 - 2023-03-02 21:17 - 000002402 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast AntiTrack Premium.lnk
2023-03-02 21:17 - 2023-03-02 21:17 - 000002125 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Cleanup Premium.lnk
2023-03-02 21:17 - 2023-03-02 21:17 - 000000000 _RSHD C:\ProgramData\Key-Base
2023-03-02 21:17 - 2023-03-02 21:17 - 000000000 ____D C:\Users\prede\AppData\Local\AvastAntiTrackPremium
2023-03-02 21:17 - 2023-03-02 21:17 - 000000000 ____D C:\ProgramData\{7883FCDB-DF22-7E7A-C986-F888E549AAFE}
2023-03-02 21:16 - 2023-03-02 21:16 - 000184544 _____ (Avast Software) C:\Windows\system32\Drivers\aswWireguard.sys
2023-03-02 21:16 - 2023-03-02 21:16 - 000072584 _____ (Avast Software) C:\Windows\system32\Drivers\aswVpnRdr.sys
2023-03-02 21:16 - 2023-03-02 21:16 - 000004028 _____ C:\Windows\system32\Tasks\Avast SecureLine VPN Update
2023-03-02 21:16 - 2023-03-02 21:16 - 000002149 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SecureLine VPN.lnk
2023-03-02 21:16 - 2023-03-02 21:16 - 000002123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast BreachGuard.lnk
2023-03-02 21:16 - 2023-03-02 21:16 - 000000000 ____D C:\Program Files (x86)\Avast Software
2023-03-02 21:15 - 2023-03-02 21:16 - 000040344 _____ (Avast Software) C:\Windows\system32\icarus_rvrt.exe
2023-03-02 21:15 - 2023-03-02 21:15 - 000002184 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Battery Saver.lnk
2023-03-02 21:15 - 2023-03-02 21:15 - 000002088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premium Security.lnk
2023-03-02 21:15 - 2023-02-15 10:23 - 000288664 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2023-03-02 20:28 - 2023-03-02 20:28 - 000000000 ___HD C:\$WinREAgent
2023-03-02 20:04 - 2023-03-02 20:05 - 000000000 ____D C:\AdwCleaner
2023-03-02 19:39 - 2023-03-02 21:23 - 000000000 ____D C:\FRST
2023-03-02 17:05 - 2023-03-02 19:16 - 000000000 ____D C:\Users\prede\AppData\Local\Discord
2023-03-02 17:05 - 2023-03-02 17:05 - 083185944 _____ (Discord Inc.) C:\Users\prede\DiscordSetup.exe
2023-03-02 16:48 - 2023-03-02 16:48 - 000418905 _____ C:\Users\prede\AppData\Roaming\cookies.txt
2023-03-02 16:48 - 2023-03-02 16:48 - 000068996 _____ C:\Users\prede\AppData\Roaming\autofilldata.txt
2023-03-02 16:48 - 2023-03-02 16:48 - 000002686 _____ C:\Users\prede\AppData\Roaming\passwords.txt
2023-03-02 16:48 - 2023-03-02 16:48 - 000000146 _____ C:\Users\prede\AppData\Roaming\creditcards.txt
2023-03-02 16:48 - 2023-03-02 16:48 - 000000000 ____D C:\Users\prede\AppData\Roaming\findthehidden
2023-03-01 16:08 - 2023-03-01 16:08 - 000000000 ____D C:\Users\prede\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DroidCam
2023-03-01 16:08 - 2023-03-01 16:08 - 000000000 ____D C:\Program Files (x86)\DroidCam
2023-02-24 18:55 - 2023-02-24 18:55 - 000000000 ____D C:\PaintToolSAI
2023-02-18 16:22 - 2023-02-18 16:22 - 000000000 ____D C:\Users\prede\AppData\Local\VALORANT
2023-02-17 14:26 - 2023-02-17 14:26 - 002187349 _____ C:\Users\prede\OneDrive\Documents\transition.aep.webm
2023-02-10 00:15 - 2023-02-24 18:55 - 000000620 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PaintTool SAI Ver.1.lnk
2023-02-10 00:15 - 2023-02-10 00:15 - 002470500 _____ C:\Users\prede\Downloads\painttool-sai-1.2.5-installer.exe
2023-02-10 00:15 - 2023-02-10 00:15 - 000000000 ____D C:\Users\prede\AppData\Roaming\SYSTEMAX Software Development
2023-02-10 00:15 - 2023-02-10 00:15 - 000000000 ____D C:\ProgramData\SYSTEMAX Software Development
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-03-02 21:19 - 2021-09-02 18:18 - 000000000 ____D C:\Users\prede\AppData\Roaming\EasyAntiCheat
2023-03-02 21:19 - 2021-09-01 14:12 - 000000000 ____D C:\Program Files (x86)\Steam
2023-03-02 21:19 - 2021-09-01 14:07 - 000000000 ____D C:\Users\prede\AppData\Local\SquirrelTemp
2023-03-02 21:19 - 2021-09-01 13:57 - 000000000 ____D C:\Users\prede\AppData\Local\CrashDumps
2023-03-02 21:19 - 2021-09-01 00:59 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-03-02 21:19 - 2021-08-31 20:08 - 000000000 ____D C:\ProgramData\NVIDIA
2023-03-02 21:19 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2023-03-02 21:17 - 2021-08-31 19:41 - 000000000 ____D C:\Users\prede\AppData\Roaming\Avast Software
2023-03-02 21:17 - 2021-08-31 19:40 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2023-03-02 21:17 - 2021-08-31 19:40 - 000000000 ____D C:\Program Files\Avast Software
2023-03-02 21:16 - 2021-08-31 19:41 - 000000000 ____D C:\Users\prede\AppData\Local\Avast Software
2023-03-02 21:16 - 2021-08-31 19:38 - 000000000 ____D C:\ProgramData\Avast Software
2023-03-02 21:15 - 2021-08-31 19:40 - 000003990 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2023-03-02 21:15 - 2021-08-31 19:40 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2023-03-02 21:15 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-03-02 20:56 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-03-02 20:33 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2023-03-02 20:05 - 2022-04-01 13:31 - 000000000 ____D C:\Program Files (x86)\Lenovo
2023-03-02 20:05 - 2021-09-01 14:07 - 000000000 ____D C:\Users\prede\AppData\Roaming\discord
2023-03-02 18:13 - 2021-08-31 19:07 - 000000000 ____D C:\Users\prede\AppData\Local\D3DSCache
2023-03-02 17:50 - 2021-11-12 16:52 - 000000000 ____D C:\ProgramData\Origin
2023-03-02 17:47 - 2022-03-11 18:14 - 000000000 ____D C:\Users\prede\AppData\Local\Battle.net
2023-03-02 17:46 - 2021-11-12 16:52 - 000000000 ____D C:\Users\prede\AppData\Local\Origin
2023-03-02 17:16 - 2021-08-31 19:09 - 000000000 ___RD C:\Users\prede\OneDrive
2023-03-02 17:06 - 2021-08-31 19:08 - 001693864 _____ C:\Windows\system32\PerfStringBackup.INI
2023-03-02 17:06 - 2019-12-07 15:43 - 000719668 _____ C:\Windows\system32\perfh005.dat
2023-03-02 17:06 - 2019-12-07 15:43 - 000145794 _____ C:\Windows\system32\perfc005.dat
2023-03-02 17:05 - 2021-09-01 14:07 - 000000000 ____D C:\Users\prede\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2023-03-02 17:05 - 2021-08-31 19:05 - 000000000 ____D C:\Users\prede
2023-03-02 17:01 - 2022-12-07 01:10 - 000000001 _____ C:\Windows\vgkbootstatus.dat
2023-03-02 16:59 - 2022-10-02 18:57 - 000000000 ____D C:\Program Files\TeamViewer
2023-03-02 16:59 - 2021-09-01 01:00 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-03-02 16:59 - 2021-09-01 00:59 - 000008192 ___SH C:\DumpStack.log.tmp
2023-03-02 16:59 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2023-03-02 16:58 - 2019-12-07 10:03 - 000786432 _____ C:\Windows\system32\config\BBI
2023-03-02 16:38 - 2021-12-11 00:08 - 000003062 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1812155880-2879728718-321869557-1001
2023-03-02 16:38 - 2021-09-01 01:00 - 000003568 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-03-02 16:38 - 2021-09-01 01:00 - 000003344 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-03-02 16:38 - 2021-08-31 20:08 - 000003398 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-02 16:38 - 2021-08-31 20:08 - 000003196 _____ C:\Windows\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-02 16:38 - 2021-08-31 20:08 - 000003152 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-02 16:38 - 2021-08-31 20:08 - 000002984 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-02 16:38 - 2021-08-31 20:08 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-02 16:38 - 2021-08-31 20:08 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-02 16:38 - 2021-08-31 20:08 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-02 16:38 - 2021-08-31 20:08 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-02 16:38 - 2021-08-31 20:08 - 000002914 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-02 16:38 - 2021-08-31 20:08 - 000002744 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-02 16:38 - 2021-08-31 19:50 - 000003482 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2023-03-02 16:38 - 2021-08-31 19:09 - 000002858 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1812155880-2879728718-321869557-1001
2023-03-02 14:52 - 2021-09-01 13:56 - 000000000 ____D C:\ProgramData\Riot Games
2023-03-01 20:35 - 2023-01-28 15:50 - 000001608 _____ C:\ProgramData\droidcam-client-options-v2
2023-03-01 20:35 - 2023-01-28 15:50 - 000000401 _____ C:\ProgramData\droidcam-settings
2023-03-01 19:36 - 2023-01-29 12:39 - 000000000 ____D C:\Users\prede\AppData\Roaming\obs-studio
2023-03-01 16:19 - 2022-03-21 11:54 - 000000000 ____D C:\Users\prede\AppData\Local\ElevatedDiagnostics
2023-03-01 15:29 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\LiveKernelReports
2023-03-01 15:25 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2023-03-01 15:23 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-02-28 14:29 - 2021-08-31 19:05 - 000002377 _____ C:\Users\prede\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-02-27 14:51 - 2021-09-01 01:00 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-02-26 20:15 - 2021-10-03 14:06 - 000000000 ____D C:\Users\prede\AppData\Roaming\vlc
2023-02-26 20:09 - 2022-09-17 10:38 - 000000000 ____D C:\torenty
2023-02-23 20:11 - 2022-10-12 13:50 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2023-02-23 20:11 - 2022-08-05 18:10 - 000001255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Legion Arena.lnk
2023-02-23 20:11 - 2021-10-29 13:38 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2023-02-23 20:11 - 2021-09-01 14:26 - 000001270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2023-02-23 20:11 - 2021-09-01 14:04 - 000001082 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2023-02-23 18:27 - 2023-01-28 14:16 - 000000000 ____D C:\twitch
2023-02-18 16:22 - 2021-09-01 14:26 - 000000000 ____D C:\ProgramData\Epic
2023-02-18 16:21 - 2021-09-01 13:56 - 000000000 ____D C:\Users\prede\AppData\Local\Riot Games
2023-02-16 23:55 - 2021-08-31 19:09 - 000000000 ____D C:\Users\prede\AppData\Local\PlaceholderTileLogoFolder
2023-02-16 23:55 - 2021-08-31 19:07 - 000000000 ____D C:\Users\prede\AppData\Local\Packages
2023-02-16 23:55 - 2021-08-31 19:07 - 000000000 ____D C:\ProgramData\Packages
2023-02-15 15:54 - 2021-08-31 20:06 - 000000000 ____D C:\Windows\TempInst
2023-02-15 15:53 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-02-15 15:53 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-02-15 15:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2023-02-15 15:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2023-02-15 15:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2023-02-15 15:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2023-02-15 15:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\DDFs
2023-02-15 15:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-02-15 15:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2023-02-15 15:51 - 2021-08-31 19:03 - 003015680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-02-15 15:02 - 2021-08-31 19:14 - 000000000 ____D C:\Windows\system32\MRT
2023-02-15 15:01 - 2021-08-31 19:14 - 149955784 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-02-15 10:23 - 2022-09-15 18:14 - 000031392 _____ (AVAST Software) C:\Windows\system32\Drivers\asw7e724b4101af49c8.tmp
2023-02-15 10:23 - 2021-08-31 19:40 - 000852016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2023-02-15 10:23 - 2021-08-31 19:40 - 000696016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2023-02-15 10:23 - 2021-08-31 19:40 - 000556080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2023-02-15 10:23 - 2021-08-31 19:40 - 000391264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2023-02-15 10:23 - 2021-08-31 19:40 - 000319016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2023-02-15 10:23 - 2021-08-31 19:40 - 000297848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2023-02-15 10:23 - 2021-08-31 19:40 - 000268448 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2023-02-15 10:23 - 2021-08-31 19:40 - 000231800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2023-02-15 10:23 - 2021-08-31 19:40 - 000105216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2023-02-15 10:23 - 2021-08-31 19:40 - 000095928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2023-02-15 10:23 - 2021-08-31 19:40 - 000080392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2023-02-15 10:23 - 2021-08-31 19:40 - 000039600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2023-02-11 20:07 - 2023-01-29 20:04 - 000000000 ____D C:\Users\prede\AppData\Local\osu!
2023-02-10 22:40 - 2021-08-31 20:06 - 000000000 ____D C:\ProgramData\Lenovo
2023-02-10 09:34 - 2021-09-03 08:34 - 000001921 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2023-02-10 09:34 - 2021-08-31 20:06 - 000000000 ____D C:\Windows\system32\Tasks\TVT
2023-02-09 22:27 - 2021-11-12 16:53 - 000000000 ____D C:\Program Files (x86)\Origin
2023-02-05 05:55 - 2022-03-20 13:58 - 000000000 ____D C:\Users\prede\AppData\Roaming\paradox-launcher-v2
2023-02-04 02:20 - 2022-03-11 18:13 - 000000000 ____D C:\Program Files (x86)\Battle.net
==================== Files in the root of some directories ========
2023-03-02 17:05 - 2023-03-02 17:05 - 083185944 _____ (Discord Inc.) C:\Users\prede\DiscordSetup.exe
2022-09-16 23:36 - 2019-11-28 00:00 - 000006026 _____ () C:\Program Files\current.btskin
2022-09-17 01:12 - 2022-11-05 21:08 - 000000607 _____ () C:\Program Files\dht.dat
2022-09-17 01:12 - 2022-09-17 01:12 - 000004118 _____ () C:\Program Files\dht.dat.old
2022-09-16 23:41 - 2022-11-05 21:08 - 000000002 _____ () C:\Program Files\dht_feed.dat
2022-09-16 23:41 - 2022-09-17 01:12 - 000000002 _____ () C:\Program Files\dht_feed.dat.old
2022-09-16 23:38 - 2022-09-16 23:37 - 000035362 ____N () C:\Program Files\Pan.prstenu.Prsteny Moci.S01E01.2160p.mkv.torrent
2022-11-05 21:07 - 2022-09-17 01:12 - 000004534 _____ () C:\Program Files\resume.20221105.210736.dat
2022-09-16 23:40 - 2022-11-05 21:08 - 000005014 _____ () C:\Program Files\resume.dat
2022-09-16 23:40 - 2022-09-17 01:12 - 000004534 _____ () C:\Program Files\resume.dat.old
2022-09-17 01:12 - 2022-11-05 21:08 - 000000099 _____ () C:\Program Files\rss.dat
2022-09-17 01:12 - 2022-09-17 01:12 - 000000099 _____ () C:\Program Files\rss.dat.old
2022-09-16 23:36 - 2022-11-05 21:08 - 000012489 _____ () C:\Program Files\settings.dat.old
2022-09-16 23:36 - 2019-11-28 00:00 - 000027702 _____ () C:\Program Files\toolbar.bmp
2022-09-16 23:36 - 2022-02-14 18:00 - 000378160 _____ (Zdenek Svub) C:\Program Files\uninstall.exe
2022-09-16 23:36 - 2019-11-28 00:00 - 000189334 _____ () C:\Program Files\utorrent-313-26837.chm
2022-09-16 23:36 - 2022-02-20 20:00 - 000752432 _____ (BitTorrent, Inc.) C:\Program Files\utorrent.exe
2022-09-16 23:36 - 2019-11-28 00:00 - 000954701 _____ () C:\Program Files\utorrent.lng
2022-09-16 23:36 - 2019-11-28 00:00 - 000000049 _____ () C:\Program Files\utorrent.url
2022-09-16 23:36 - 2019-11-28 00:00 - 000184498 _____ () C:\Program Files\webui.zip
2021-10-03 14:06 - 2021-10-03 14:06 - 041372992 _____ () C:\Program Files (x86)\vlc-3.0.16-win32.exe
2023-03-02 16:48 - 2023-03-02 16:48 - 000068996 _____ () C:\Users\prede\AppData\Roaming\autofilldata.txt
2023-03-02 16:48 - 2023-03-02 16:48 - 000418905 _____ () C:\Users\prede\AppData\Roaming\cookies.txt
2023-03-02 16:48 - 2023-03-02 16:48 - 000000146 _____ () C:\Users\prede\AppData\Roaming\creditcards.txt
2023-03-02 16:48 - 2023-03-02 16:48 - 000002686 _____ () C:\Users\prede\AppData\Roaming\passwords.txt
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-03-2023
Ran by prede (02-03-2023 21:26:57)
Running from C:\Users\prede\OneDrive\Plocha
Microsoft Windows 10 Pro Version 22H2 19045.2604 (X64) (2021-08-31 18:02:49)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1812155880-2879728718-321869557-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1812155880-2879728718-321869557-503 - Limited - Disabled)
Guest (S-1-5-21-1812155880-2879728718-321869557-501 - Limited - Disabled)
prede (S-1-5-21-1812155880-2879728718-321869557-1001 - Administrator - Enabled) => C:\Users\prede
WDAGUtilityAccount (S-1-5-21-1812155880-2879728718-321869557-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.1.3.26837 - emc, uTorrent.CZ)
Adobe Acrobat Reader - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 22.003.20322 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601042}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Avast AntiTrack Premium (HKLM-x32\...\AvastAntiTrackPremium) (Version: 3.3.983.1074 - Avast Software)
Avast Battery Saver (HKLM\...\Avast Battery Saver) (Version: 22.2.1681.2728 - Avast Software)
Avast BreachGuard (HKLM\...\AvastBreachGuard) (Version: 23.2.1853.6718 - Avast Software)
Avast Cleanup Premium (HKLM\...\Avast Cleanup) (Version: 22.4.12696.9862 - Avast Software)
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 23.1.6049 - Avast Software)
Avast SecureLine VPN (HKLM\...\Avast SecureLine) (Version: 5.23.7370.6602 - Avast Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-1812155880-2879728718-321869557-1001\...\Discord) (Version: 1.0.9011 - Discord Inc.)
DroidCam Client (HKLM-x32\...\DroidCam) (Version: 6.5.2 - DEV47APPS)
Epic Games Launcher (HKLM-x32\...\{A7BBC0A6-3DB0-41CC-BCED-DDFC5D4F3060}) (Version: 1.2.17.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-1812155880-2879728718-321869557-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Legion Arena (HKLM-x32\...\Legion Arena_is1) (Version: 1.3.0.39 - Lenovo Group Ltd.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 110.0.1587.57 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 110.0.1587.57 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{6BBE9278-659F-FA16-E4B8-C2D60DE0DCC7}) (Version: 10.1.22621.1863 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1812155880-2879728718-321869557-1001\...\OneDriveSetup.exe) (Version: 23.033.0212.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31931 (HKLM-x32\...\{d4cecf3b-b68f-4995-8840-52ea0fab646e}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29334 (HKLM-x32\...\{14C49FC8-3E9B-4F29-8526-26629B5CF30B}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29334 (HKLM-x32\...\{0D01A812-82A1-481F-8546-8E28E976F8DF}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31931 (HKLM\...\{EAE242B1-0A26-485A-BFEB-0292EE9F03CB}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31931 (HKLM\...\{CF4C347D-954E-4543-88D2-EC17F07F466F}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Minecraft Launcher (HKLM-x32\...\{733C3ACB-432D-4880-B0E1-660000D7974D}) (Version: 1.0.0.0 - Mojang)
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 517.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 517.00 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 27.2.4 - OBS Project)
Origin (HKLM-x32\...\Origin) (Version: 10.5.119.52718 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{4e28b818-673a-431d-ad82-6ed012649597}) (Version: latest - ppy Pty Ltd)
PaintTool SAI Ver.1 (HKLM-x32\...\PaintToolSAI) (Version: - )
Paradox Launcher v2 (HKLM\...\{66DA3501-823A-4F07-A20D-C64495A59DC8}) (Version: 2.1.0 - Paradox Interactive)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StreamElements SE.Live (HKLM-x32\...\StreamElements OBS.Live) (Version: 22.9.8.69 - StreamElements)
Streamlabs Desktop 1.12.5 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 1.12.5 - General Workings, Inc.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.34.4 - TeamViewer)
TmUnitedForever Update 2010-03-15 (HKLM-x32\...\TmUnitedForever_is1) (Version: - Nadeo)
Twitch Studio (HKU\S-1-5-21-1812155880-2879728718-321869557-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF372B0}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Uplay (HKLM-x32\...\Uplay) (Version: 22.1 - Ubisoft)
VALORANT (HKU\S-1-5-21-1812155880-2879728718-321869557-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.18 - VideoLAN)
WhatsApp (HKU\S-1-5-21-1812155880-2879728718-321869557-1001\...\WhatsApp) (Version: 2.2140.7 - WhatsApp)
WinRAR 6.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.10.0 - win.rar GmbH)
Packages:
=========
Dolby Atmos for Gaming -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAtmosforGaming_3.20800.804.0_x64__rz1tebttyb220 [2021-08-31] (Dolby Laboratories)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-09-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-09-01] (Microsoft Corporation) [MS Ad]
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.1.28.0_x64__8wekyb3d8bbwe [2022-08-22] (Microsoft Studios)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-10-17] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.12.219.0_x64__dt26b99r8h8gj [2021-08-31] (Realtek Semiconductor Corp)
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.564.444.0_x86__55nm5eh3cm0pr [2023-02-28] (ROBLOX Corporation)
Rychlý pomocník -> C:\Program Files\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.19.0_x64__8wekyb3d8bbwe [2023-02-28] (Microsoft Corp.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2022-12-08] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0 [2023-02-18] (Spotify AB) [Startup Task]
Trio Office -> C:\Program Files\WindowsApps\64343GTDocStudio.OfficeDocOpener_3.3.2.0_x86__3h5nez1g3qt2c [2022-08-26] (GT Office PDF Studio)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2306.4.0_x64__cv1g1gvanyjgm [2023-02-23] (WhatsApp Inc.) [Startup Task]
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.747.1945.0_x64__8wekyb3d8bbwe [2023-02-03] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x64__8wekyb3d8bbwe [2023-02-28] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x86__8wekyb3d8bbwe [2023-02-28] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-02-28] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-02-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-02-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-01-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-01-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-02-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_7947c31fc944635c\nvshext.dll [2022-09-15] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-02-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-01-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-01-24] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32-x32: [vidc.VP60] => C:\Windows\system32\vp6vfw.dll
HKLM\...\Drivers32-x32: [vidc.VP61] => C:\Windows\system32\vp6vfw.dll
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2023-02-23 00:01 - 2023-02-23 00:01 - 001530368 _____ () [File not signed] C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2306.4.0_x64__cv1g1gvanyjgm\e_sqlite3.dll
2023-02-23 00:01 - 2023-02-23 00:02 - 104974336 _____ () [File not signed] C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2306.4.0_x64__cv1g1gvanyjgm\WhatsApp.dll
2023-02-23 00:01 - 2023-02-23 00:02 - 008795648 _____ () [File not signed] C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2306.4.0_x64__cv1g1gvanyjgm\WhatsAppNative.dll
2023-03-02 21:17 - 2023-03-02 21:17 - 000180224 _____ (Software Security System) [File not signed] C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\Ekc3220.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData:err [1116]
AlternateDataStreams: C:\Users\All Users:err [1116]
AlternateDataStreams: C:\ProgramData\Data aplikací:err [1116]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk:8F93AA8F75 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Legion Arena.lnk:20903A5BF7 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk:F20EF51E1F [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk:F208FC6732 [3442]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [2668]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
2022-01-21 09:20 - 2022-01-21 09:20 - 000000375 _____ C:\Windows\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1812155880-2879728718-321869557-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 85.132.179.206 - 188.75.176.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{C71F7907-10DB-4A49-8946-DA0A86FBB71E}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{9F5531CB-4CF5-4E57-9C0C-DD5F2AB468EF}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{943D21ED-813A-49C3-9EAE-1649FE848950}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CA4F5E17-BE89-49B0-AD21-9E39EAD0CF30}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{ABBE9197-045E-4EEA-9208-322DB74141A8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{42EFA61E-2F7F-4226-B52C-FC4AA34EF7CC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D6464696-B9F1-4DC4-9D5D-C41C8F03B25A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BFBE07D4-34B0-47EC-8E26-D7D84A087BB6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{210AF5EC-1761-40BB-B362-AF3523AAA4AA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{79C257FF-50B4-4CC0-B1D3-FFF326C0C820}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E385B363-1C25-4AC9-8F8A-3F0E63B7BB77}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A681EAED-526D-40B0-BC42-99E1C9F8AB5F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{BEF3F261-BFD6-4BAD-B318-611F381A67A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{2A1B2984-58C4-4FF6-A3B9-F78F792AF8EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{4F2123A4-44F1-48AA-BCE5-2819A5AF9BBB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client.exe () [File not signed]
FirewallRules: [{B4E81CD1-C7A2-4FDC-AC58-F845D6656B48}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client.exe () [File not signed]
FirewallRules: [{5AD29465-A8CE-4F52-ADA5-49F6048BF9EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{18A77AF5-56B0-4CE5-926F-48E954F4844D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{0B75C564-CAC6-49F3-A965-EDA4DFEEC15A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
FirewallRules: [{0A780763-899E-4E96-9423-373EF6FE6954}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
FirewallRules: [{B5EDA9EC-3585-4C63-9B42-1A16DE889A20}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Green Hell\GH.exe () [File not signed]
FirewallRules: [{D5037AAF-98B1-4ABD-BBA8-ECF2726CE7BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Green Hell\GH.exe () [File not signed]
FirewallRules: [{E2D58AD3-AC65-400F-91D8-C950E8E00AB4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForever.exe () [File not signed]
FirewallRules: [{37D0A9A2-93B6-49AE-BF13-B29F36BE16F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForever.exe () [File not signed]
FirewallRules: [{EEF29C3C-38D4-4759-B4FA-7B0F4D9E7727}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe () [File not signed]
FirewallRules: [{CC5D5326-4037-414E-963C-A0FB2D98C2D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe () [File not signed]
FirewallRules: [TCP Query User{94CF6D88-B7C4-4758-9E3E-CFB86A5E1724}C:\program files\warcraft od pepíka\war3.exe] => (Allow) C:\program files\warcraft od pepíka\war3.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [UDP Query User{5508F3E5-A98A-4FCC-B138-05AF700C2C1A}C:\program files\warcraft od pepíka\war3.exe] => (Allow) C:\program files\warcraft od pepíka\war3.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [TCP Query User{3ECFDF6A-AFF4-4335-8E26-93EE1E29E33A}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{D59F8990-DA04-4C3E-B7BB-78C120755373}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{92584F15-76BA-43EB-B29E-95B4CBDA8F1F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ben and Ed\BenAndEd.exe () [File not signed]
FirewallRules: [{38E25EEA-C90C-499D-84E5-62EE8D9470DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ben and Ed\BenAndEd.exe () [File not signed]
FirewallRules: [{E9EBF142-1737-4B3E-B15B-494450F91815}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ben and Ed - Blood Party\BaEBloodParty.exe () [File not signed]
FirewallRules: [{BA222D2C-5E69-451F-A692-FE5D01C208FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ben and Ed - Blood Party\BaEBloodParty.exe () [File not signed]
FirewallRules: [{068E36DD-9610-4F26-A321-FB10DF25287A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\UNO Demo\UNO.exe (Chengdu Ubisoft Software Co., Ltd. -> )
FirewallRules: [{C9507E20-3972-40F2-A736-1060342BC9BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\UNO Demo\UNO.exe (Chengdu Ubisoft Software Co., Ltd. -> )
FirewallRules: [{5101314F-649B-448B-B56E-FE6CBF426868}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\March of Empires\MOE.exe () [File not signed]
FirewallRules: [{D7CDA1C7-0C6B-4F40-B1C4-48FAAE0DE773}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\March of Empires\MOE.exe () [File not signed]
FirewallRules: [TCP Query User{F1F85E12-73AB-4575-B8A9-CCEF6E9FA65E}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{B0113156-5F73-4645-8508-EA5A3DCB3563}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{67BD0561-B75E-4C79-84AB-0DB00C0936C6}C:\program files (x86)\steam\steamapps\common\ben and ed - blood party\baebloodparty\binaries\win32\baebloodparty.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\ben and ed - blood party\baebloodparty\binaries\win32\baebloodparty.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{861BC72C-E7C1-476B-9305-AF7BD6DE7122}C:\program files (x86)\steam\steamapps\common\ben and ed - blood party\baebloodparty\binaries\win32\baebloodparty.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\ben and ed - blood party\baebloodparty\binaries\win32\baebloodparty.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{30766E00-EF0A-4F6D-AD49-ADB324AF7F40}C:\program files (x86)\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{6AB276FE-AFE9-4D19-8420-949CAE351D44}C:\program files (x86)\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [{C52DCA10-F6A7-4969-9873-BC7213168EAE}] => (Allow) C:\Program Files\utorrent.exe (Zdenek Svub -> BitTorrent, Inc.)
FirewallRules: [{A6EFD419-E046-474D-9267-BA3A573C237E}] => (Allow) C:\Program Files\utorrent.exe (Zdenek Svub -> BitTorrent, Inc.)
FirewallRules: [{4CD0879E-1ED6-4DCA-B0FE-DAD85417741E}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{AA44A6A6-B087-4FC7-9A50-4AA6021A7733}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0AA75DA4-B7FC-49F0-9195-05C9B93A36CD}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1EE13C3B-43FB-4F9D-A04C-0BCC68C5D66F}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F9162D7B-4031-4267-9FE2-8C3B08BEFB35}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Keep Talking and Nobody Explodes\ktane.exe () [File not signed]
FirewallRules: [{3A1CBDEC-8D53-4218-A06D-698169FA64E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Keep Talking and Nobody Explodes\ktane.exe () [File not signed]
FirewallRules: [{C1E8F202-78EE-4E0A-9D5B-6BBF75E7090A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Business Tour\BusinessTour.exe () [File not signed]
FirewallRules: [{68892882-5D7F-4ACC-9141-C29757EE8226}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Business Tour\BusinessTour.exe () [File not signed]
FirewallRules: [{6C2C9EBE-AC7A-4799-8910-A9A8036C5A95}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FlatOut2\FlatOut2.exe () [File not signed]
FirewallRules: [{0FA70662-63EC-4A61-B480-B95AE4917BF4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FlatOut2\FlatOut2.exe () [File not signed]
FirewallRules: [{64B818C7-4CC2-44BF-9006-86CEFA6813C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Zoo 2 Animal Park\zoo2.exe (Unity Technologies ApS) [File not signed]
FirewallRules: [{1CD71B39-235D-43C9-AF79-55C98B90D7AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Zoo 2 Animal Park\zoo2.exe (Unity Technologies ApS) [File not signed]
FirewallRules: [{E49D1AF7-A9BA-47D9-AE26-D14CACFDA865}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe => No File
FirewallRules: [{58D54970-42D1-4CA8-8828-7B04DACA05B2}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe => No File
FirewallRules: [{55CAC596-4F0B-4503-B137-60184FDF12BF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0DCA3C11-C874-4601-865A-0AB0C5AB470A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0E1AC7F7-5959-43BE-89EE-31CE05129C08}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D2C16612-4B92-4776-9AA9-35ADC0BA4388}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{ADCD6115-663E-4CB0-9A6D-A383FC9FF33C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E5A63002-D1F2-45DB-940C-5827A0CB62C7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{016C1BEB-0801-439F-868C-A287626C459D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{69918162-3AE6-49AD-8519-C2AAA603F112}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B92CF8B9-CF60-43C0-A949-1D06D7CCB48B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3426.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{494AD965-25CA-417F-8AB0-FE3682827086}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3426.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{177D07B1-1F9A-439E-A05F-4FC7F0FAA1E1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3426.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F39D8108-9593-49FC-A363-B665AA05CC21}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3426.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AFF8D682-C433-45D5-8ECD-54F3A3A28F83}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.57\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8181D212-03FB-492D-B00F-9900A21B4FAD}] => (Allow) C:\Program Files\Avast Software\Battery Saver\BatteryUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{331214FD-BEE7-4750-88A4-9FDB6171D2E9}] => (Allow) C:\Program Files\Avast Software\Battery Saver\BatteryUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{EA1FF99A-B857-46DB-9744-7C3D90830182}] => (Allow) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{09C7C1F5-A6FE-4B5A-927A-6F5C24E5BA4F}] => (Allow) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{1581F7FF-B3A2-4879-81FD-B2D826138B3E}] => (Allow) C:\Program Files\Avast Software\BreachGuard\bgui.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{3AD5BF86-16C4-4BF9-BCBC-E90A59ED0C84}] => (Allow) C:\Program Files\Avast Software\BreachGuard\bgui.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{DF09D5F4-1667-4282-A0AF-A77ED8BB641C}] => (Allow) C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe (Avast Software s.r.o. -> The CefSharp Authors)
FirewallRules: [{6375BB0C-F8FC-496A-8E5B-66DFD401A156}] => (Allow) C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe (Avast Software s.r.o. -> The CefSharp Authors)
FirewallRules: [{921AF530-9603-4F78-A451-B355FE40C97A}] => (Allow) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{E0368D61-B00D-4599-8AFD-73C4441102C7}] => (Allow) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (Avast Software s.r.o. -> AVAST Software)
==================== Restore Points =========================
15-02-2023 15:48:20 Instalační služba modulů systému Windows
15-02-2023 15:48:43 Instalační služba modulů systému Windows
26-02-2023 18:14:46 Naplánovaný kontrolní bod
02-03-2023 20:05:45 AdwCleaner_BeforeCleaning_02/03/2023_20:05:45
02-03-2023 20:28:08 Instalační služba modulů systému Windows
02-03-2023 20:29:02 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/02/2023 04:58:39 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (03/01/2023 08:35:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DroidCamApp.exe, verze: 0.0.0.0, časové razítko: 0x61624b41
Název chybujícího modulu: DroidCamApp.exe, verze: 0.0.0.0, časové razítko: 0x61624b41
Kód výjimky: 0xc0000005
Posun chyby: 0x0003a225
ID chybujícího procesu: 0x50ac
Čas spuštění chybující aplikace: 0x01d94c4fcf55e6d6
Cesta k chybující aplikaci: C:\Program Files (x86)\DroidCam\DroidCamApp.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\DroidCam\DroidCamApp.exe
ID zprávy: 482cc6fa-3314-47e3-91d3-b8082f6647d0
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (03/01/2023 04:03:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DroidCamApp.exe, verze: 0.0.0.0, časové razítko: 0x61624b41
Název chybujícího modulu: DroidCamApp.exe, verze: 0.0.0.0, časové razítko: 0x61624b41
Kód výjimky: 0xc0000005
Posun chyby: 0x0003a225
ID chybujícího procesu: 0x3854
Čas spuštění chybující aplikace: 0x01d94c4edf90c10a
Cesta k chybující aplikaci: C:\Program Files (x86)\DroidCam\DroidCamApp.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\DroidCam\DroidCamApp.exe
ID zprávy: 7aa2a273-c7c4-43e5-bae9-294b7d63117d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/27/2023 09:32:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DroidCamApp.exe, verze: 0.0.0.0, časové razítko: 0x61624b41
Název chybujícího modulu: DroidCamApp.exe, verze: 0.0.0.0, časové razítko: 0x61624b41
Kód výjimky: 0xc0000005
Posun chyby: 0x0003a225
ID chybujícího procesu: 0x43d4
Čas spuštění chybující aplikace: 0x01d94ab59c22b6c9
Cesta k chybující aplikaci: C:\Program Files (x86)\DroidCam\DroidCamApp.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\DroidCam\DroidCamApp.exe
ID zprávy: e0fb7870-af14-4583-a7de-44d7a1b2a09d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/24/2023 10:46:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 3.1.3.26837, časové razítko: 0x4f5934c0
Název chybujícího modulu: GDI32.dll, verze: 10.0.19041.2130, časové razítko: 0x463c9bed
Kód výjimky: 0xc000041d
Posun chyby: 0x00005e57
ID chybujícího procesu: 0x1404
Čas spuštění chybující aplikace: 0x01d9487360963dff
Cesta k chybující aplikaci: C:\Program Files\utorrent.exe
Cesta k chybujícímu modulu: C:\Windows\System32\GDI32.dll
ID zprávy: 75dd2b78-b87f-4506-b989-41216b9ef941
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/23/2023 10:45:37 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na \\?\Volume{3a67c860-4f4a-07bf-1000-5763d3e2c1e4}\, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (02/23/2023 06:59:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: obs64.exe, verze: 29.0.2.0, časové razítko: 0x63de3702
Název chybujícího modulu: obs-browser.dll, verze: 0.0.0.0, časové razítko: 0x63b8a363
Kód výjimky: 0xc0000409
Posun chyby: 0x00000000000627e5
ID chybujícího procesu: 0x3218
Čas spuštění chybující aplikace: 0x01d94770b8ae1bf6
Cesta k chybující aplikaci: C:\Program Files (x86)\obs-studio\bin\64bit\obs64.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\obs-studio\obs-plugins\64bit\obs-browser.dll
ID zprávy: ff08da60-0d1c-48ba-9084-fb56dde9bb20
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/21/2023 03:50:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: obs64.exe, verze: 29.0.2.0, časové razítko: 0x63de3702
Název chybujícího modulu: obs-browser.dll, verze: 0.0.0.0, časové razítko: 0x63b8a363
Kód výjimky: 0xc0000409
Posun chyby: 0x00000000000627e5
ID chybujícího procesu: 0x1be0
Čas spuštění chybující aplikace: 0x01d94534e02fbf9c
Cesta k chybující aplikaci: C:\Program Files (x86)\obs-studio\bin\64bit\obs64.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\obs-studio\obs-plugins\64bit\obs-browser.dll
ID zprávy: d62ccc7a-f415-44c8-a078-92f48ba3a5cf
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (03/02/2023 08:05:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Steam Client Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (03/02/2023 08:05:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Storage Middleware Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (03/02/2023 08:05:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Realtek Audio Universal Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (03/02/2023 08:05:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Dolby DAX API Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (03/02/2023 08:05:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Lenovo Fn and function keys service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (03/02/2023 08:05:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Fortemedia APO Control Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (03/02/2023 08:05:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (03/02/2023 08:05:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
CodeIntegrity:
===============
Date: 2023-03-02 21:15:40
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2023-03-02 17:00:22
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO EFCN54WW 02/14/2022
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i5-10300H CPU @ 2.50GHz
Percentage of memory in use: 45%
Total physical RAM: 16291.8 MB
Available physical RAM: 8825.23 MB
Total Virtual: 21411.8 MB
Available Virtual: 12392.44 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:953.26 GB) (Free:497.55 GB) (Model: SKHynix_HFS001TD9TNI-L2A0B) NTFS
\\?\Volume{0a407154-9aa0-4e6d-b063-bc0695595013}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{3a67c860-4f4a-07bf-1000-5763d3e2c1e4}\ () (Fixed) (Total:0.01 GB) (Free:0 GB) NTFS
\\?\Volume{a5965ef6-dfcc-44ef-bf59-d6697632a644}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 953.9 GB) (Disk ID: 5412D21F)
Partition: GPT.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 1.
==================== End of Addition.txt =======================
Ran by prede (administrator) on DESKTOP-D5FU0IC (LENOVO 82B3) (02-03-2023 21:24:23)
Running from C:\Users\prede\OneDrive\Plocha
Loaded Profiles: prede
Platform: Microsoft Windows 10 Pro Version 22H2 19045.2604 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <5>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\BreachGuard\bgui.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe <4>
(C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe ->) (Avast Software s.r.o. -> Software Security System) C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\Ekag20nt.exe
(C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe ->) (Avast Software s.r.o. -> The CefSharp Authors) C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe <4>
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.19.0_x64__8wekyb3d8bbwe\Microsoft.RemoteAssistance.QuickAssist\QuickAssist.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.57\msedgewebview2.exe <6>
(explorer.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Battery Saver\BatteryUI.exe <4>
(explorer.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe <4>
(explorer.exe ->) (Microsoft Corp.) C:\Program Files\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.19.0_x64__8wekyb3d8bbwe\Microsoft.RemoteAssistance.QuickAssist\QuickAssist.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <10>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AntiTrackSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Battery Saver\BatterySvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\BreachGuard\bgsvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_82b77f8c4618e2d0\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_7947c31fc944635c\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (WhatsApp Inc.) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2306.4.0_x64__cv1g1gvanyjgm\WhatsApp.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [1084704 2020-05-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [219032 2023-02-15] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [3089288 2022-11-10] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [BatteryUI.exe] => C:\Program Files\Avast Software\Battery Saver\BatteryUI.exe [4500304 2023-03-02] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Avast BreachGuard] => C:\Program Files\Avast Software\BreachGuard\bgui.exe [7206296 2023-03-02] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [4332440 2023-03-02] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1812155880-2879728718-321869557-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4253032 2023-02-14] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1812155880-2879728718-321869557-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32823248 2023-03-01] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1812155880-2879728718-321869557-1001\...\Run: [MicrosoftEdgeAutoLaunch_8D8358F69C65887A7652BC79253FD377] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4243408 2023-02-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1812155880-2879728718-321869557-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3149608 2023-02-09] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-1812155880-2879728718-321869557-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1090168 2023-02-03] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-1812155880-2879728718-321869557-1001\...\Run: [Discord] => C:\Users\prede\AppData\Local\Discord\Update.exe [1525016 2023-02-13] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1812155880-2879728718-321869557-1001\...\MountPoints2: {65b6c973-48b6-11ec-a27e-841b77978b9f} - "D:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {08FD37D7-56CB-47CA-AA21-09E95A2BF9A3} - System32\Tasks\Avast Software\Avast Battery Saver BugReport => C:\Program Files\Avast Software\Battery Saver\AvBugReport.exe [4614992 2023-03-02] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 134 --programpath "C:\Program Files\Avast Software\Battery Saver\Setup\.." --configpath "C:\Program Files\Avast Software\Battery Saver\Setup" --path "C:\ProgramData\Avast Software\Battery Saver\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid 63b434e9-068f-4059-9d60-cf8ee48f4edf
Task: {0E1C5956-582C-44DA-9D88-6B540BF22B78} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [6788312 2023-01-04] (Avast Software s.r.o. -> Avast Software)
Task: {0F9BB63A-254A-48EE-B366-E656D2760C37} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1217944 2023-03-02] (Avast Software s.r.o. -> AVAST Software)
Task: {16B659E8-61C2-481B-8EAC-3D863EE9CEBF} - System32\Tasks\Avast Software\Avast Battery Saver Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-bs\icarus.exe [6667600 2022-05-18] (Avast Software s.r.o. -> Avast Software)
Task: {35B2AC89-C7B3-4A6F-8485-6179BAD50F87} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [6694224 2023-01-26] (Avast Software s.r.o. -> Avast Software)
Task: {3C1C047A-D719-4845-9AB4-97074E7A3711} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe PendingTask (No File)
Task: {406472C1-F9DB-4A9B-B42A-93F8038912E8} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4A0B94A2-DF5F-48BC-A23C-5B4C4D223B5E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4F596CA5-1283-4F2C-B2A5-A3B62DBAD087} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5077F5BB-50CE-4803-B051-DA91375E9036} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4698008 2023-03-02] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\Avast Software\SecureLine VPN\log" --guid bc650451-a0c4-47ec-a89d-b0dd08ab8aae
Task: {58B9185A-D041-471B-A086-893CB6E2162F} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [4664216 2023-03-02] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\Avast Software\Cleanup\log" --guid 8e05cab9-ec52-4d63-b2b9-b2b2976a3028
Task: {770A7C0A-C464-479C-B3A0-8FCD39D46829} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {83B60BE3-D155-46FA-A64D-9406B51AADC5} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {86348B11-306D-443B-A739-B8C2CB946C77} - System32\Tasks\Avast Software\Avast BreachGuard Crash Reporter => C:\Program Files\Avast Software\BreachGuard\AvBugReport.exe [4912024 2023-03-02] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 135 --path "C:\ProgramData\Avast Software\BreachGuard\log" --logpath "C:\ProgramData\Avast Software\BreachGuard\log" --configpath "C:\Program Files\Avast Software\BreachGuard\Setup" --programpath "C:\Program Files\Avast Software\BreachGuard" --guid 962f79a2-35ce-4fa9-90e9-02dee54062fe
Task: {8DEC1350-FB6A-4223-B15F-D69F854FBBA7} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4867992 2023-02-15] (Avast Software s.r.o. -> AVAST Software)
Task: {9B161BA6-A239-4C00-8068-5F5AB834D606} - System32\Tasks\Avast Software\AvastAntiTrackPremiumStart => C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe [813008 2023-03-02] (Avast Software s.r.o. -> AVAST Software)
Task: {9B413D16-EC47-4BCC-A11E-D45B56E204B9} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A0B98B1E-A7FE-4B54-AD48-25A39761AEDE} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {A2B43ED0-C5E8-426C-8695-D0B852175DDA} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C022C212-5889-448A-8D0B-A46FEDF662F0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1560056 2023-02-01] (Adobe Inc. -> Adobe Inc.)
Task: {C4D373CD-427F-4A4D-A3FA-17C330180BAE} - System32\Tasks\Avast Software\Avast BreachGuard Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-bg\icarus.exe [7049624 2023-02-22] (Avast Software s.r.o. -> Avast Software)
Task: {CEF0A94B-202E-4414-A29B-1EA869791D68} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1812155880-2879728718-321869557-1001 => C:\Users\prede\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe (No File)
Task: {E6E4A91B-1534-4CB6-A4C7-2E9185CC1E41} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-17] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {E8925BE8-F2A8-418F-A4F5-3CB3514E44DE} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2295192 2023-01-30] (Avast Software s.r.o. -> Avast Software)
Task: {F04D0839-E657-457E-A3B6-05145759FBB7} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FF638C8D-1EFE-401A-97E3-9CA51FEC9EC8} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe /CM -search R -action INSTALL -includerebootpackages 1,3,4,5 -noicon -noreboot -nolicense -defaultupdate -schtask (No File)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{668a8c6c-7b8c-4b02-bbe8-edc5d131d167}: [DhcpNameServer] 85.132.179.206 188.75.176.2
Tcpip\..\Interfaces\{a35a8c51-4bf9-47e1-9a15-f2791e77e1d7}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\prede\AppData\Local\Microsoft\Edge\User Data\Default [2023-03-02]
Edge DownloadDir: Default -> C:\Users\prede\OneDrive\Plocha
Edge Notifications: Default -> hxxps://www.facebook.com; hxxps://www.instagram.com; hxxps://www.youtube.com
Edge HomePage: Default -> hxxp://google.cz/
Edge StartupUrls: Default -> "hxxp://google.cz/"
FireFox:
========
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-02-14] (Adobe Inc. -> Adobe Systems Inc.)
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-02-01] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8603544 2023-02-15] (Avast Software s.r.o. -> AVAST Software)
R2 Avast BreachGuard Service; C:\Program Files\Avast Software\BreachGuard\bgsvc.exe [7399320 2023-03-02] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [576408 2023-02-15] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2065304 2023-02-15] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [575896 2023-02-15] (Avast Software s.r.o. -> AVAST Software)
R2 AvastAntiTrackSvc; C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AntiTrackSvc.exe [5779160 2023-03-02] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-08-31] (Avast Software s.r.o. -> AVAST Software)
R2 BatterySvc; C:\Program Files\Avast Software\Battery Saver\BatterySvc.exe [7427408 2023-03-02] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [9712432 2022-09-18] (BattlEye Innovations e.K. -> )
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [15615384 2023-03-02] (Avast Software s.r.o. -> AVAST Software)
S2 DolbyDAXAPI; C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_925ded1d9428eaee\DAX3API.exe [2205144 2020-12-22] (Dolby Laboratories, Inc. -> Dolby Laboratories)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1136040 2022-12-18] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029456 2023-02-19] (Epic Games Inc. -> Epic Games, Inc.)
S2 FMAPOService; C:\Windows\System32\FMService64.exe [390400 2020-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
S2 LenovoFnAndFunctionKeys; C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_cd446641b2a10fd9\LenovoUtilityService.exe [279264 2023-01-13] (Lenovo -> Lenovo(beijing) Limited)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2579264 2023-02-09] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3497800 2023-02-09] (Electronic Arts, Inc. -> Electronic Arts)
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [9639320 2023-03-02] (Avast Software s.r.o. -> AVAST Software)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [16119104 2022-09-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 TwitchService; C:\Program Files\Common Files\Twitch\TwitchService.exe [363008 2023-01-25] (Twitch Interactive, Inc. -> )
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [10430256 2022-11-10] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_7947c31fc944635c\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_7947c31fc944635c\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S3 SUService; "C:\Program Files (x86)\Lenovo\System Update\SUService.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [231800 2023-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [391264 2023-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [297848 2023-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [95928 2023-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [25576 2022-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [39600 2023-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [268448 2023-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [556080 2023-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [105216 2023-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [80392 2023-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [852016 2023-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [696016 2023-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [212632 2023-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [319016 2023-02-15] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R3 aswVpnRdr; C:\Windows\System32\drivers\aswVpnRdr.sys [72584 2023-03-02] (Avast Software s.r.o. -> Avast Software)
S3 aswWireGuard; C:\Windows\System32\drivers\aswWireguard.sys [184544 2023-03-02] (Avast Software s.r.o. -> Avast Software)
R3 DroidCam; C:\Windows\System32\drivers\droidcam.sys [32240 2020-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Dev47Apps)
R3 DroidCamVideo; C:\Windows\System32\DriverStore\FileRepository\droidcamvideo.inf_amd64_47e18363cbf3dfe0\droidcamvideo.sys [33784 2021-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R1 netfilter2; C:\Windows\System32\drivers\netfilter2.sys [124952 2023-03-02] (Avast Software s.r.o. -> Windows (R) Win 7 DDK provider)
R1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [22216888 2022-11-10] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-03-02 21:17 - 2023-03-02 21:17 - 000124952 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\netfilter2.sys
2023-03-02 21:17 - 2023-03-02 21:17 - 000002402 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast AntiTrack Premium.lnk
2023-03-02 21:17 - 2023-03-02 21:17 - 000002125 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Cleanup Premium.lnk
2023-03-02 21:17 - 2023-03-02 21:17 - 000000000 _RSHD C:\ProgramData\Key-Base
2023-03-02 21:17 - 2023-03-02 21:17 - 000000000 ____D C:\Users\prede\AppData\Local\AvastAntiTrackPremium
2023-03-02 21:17 - 2023-03-02 21:17 - 000000000 ____D C:\ProgramData\{7883FCDB-DF22-7E7A-C986-F888E549AAFE}
2023-03-02 21:16 - 2023-03-02 21:16 - 000184544 _____ (Avast Software) C:\Windows\system32\Drivers\aswWireguard.sys
2023-03-02 21:16 - 2023-03-02 21:16 - 000072584 _____ (Avast Software) C:\Windows\system32\Drivers\aswVpnRdr.sys
2023-03-02 21:16 - 2023-03-02 21:16 - 000004028 _____ C:\Windows\system32\Tasks\Avast SecureLine VPN Update
2023-03-02 21:16 - 2023-03-02 21:16 - 000002149 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SecureLine VPN.lnk
2023-03-02 21:16 - 2023-03-02 21:16 - 000002123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast BreachGuard.lnk
2023-03-02 21:16 - 2023-03-02 21:16 - 000000000 ____D C:\Program Files (x86)\Avast Software
2023-03-02 21:15 - 2023-03-02 21:16 - 000040344 _____ (Avast Software) C:\Windows\system32\icarus_rvrt.exe
2023-03-02 21:15 - 2023-03-02 21:15 - 000002184 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Battery Saver.lnk
2023-03-02 21:15 - 2023-03-02 21:15 - 000002088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premium Security.lnk
2023-03-02 21:15 - 2023-02-15 10:23 - 000288664 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2023-03-02 20:28 - 2023-03-02 20:28 - 000000000 ___HD C:\$WinREAgent
2023-03-02 20:04 - 2023-03-02 20:05 - 000000000 ____D C:\AdwCleaner
2023-03-02 19:39 - 2023-03-02 21:23 - 000000000 ____D C:\FRST
2023-03-02 17:05 - 2023-03-02 19:16 - 000000000 ____D C:\Users\prede\AppData\Local\Discord
2023-03-02 17:05 - 2023-03-02 17:05 - 083185944 _____ (Discord Inc.) C:\Users\prede\DiscordSetup.exe
2023-03-02 16:48 - 2023-03-02 16:48 - 000418905 _____ C:\Users\prede\AppData\Roaming\cookies.txt
2023-03-02 16:48 - 2023-03-02 16:48 - 000068996 _____ C:\Users\prede\AppData\Roaming\autofilldata.txt
2023-03-02 16:48 - 2023-03-02 16:48 - 000002686 _____ C:\Users\prede\AppData\Roaming\passwords.txt
2023-03-02 16:48 - 2023-03-02 16:48 - 000000146 _____ C:\Users\prede\AppData\Roaming\creditcards.txt
2023-03-02 16:48 - 2023-03-02 16:48 - 000000000 ____D C:\Users\prede\AppData\Roaming\findthehidden
2023-03-01 16:08 - 2023-03-01 16:08 - 000000000 ____D C:\Users\prede\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DroidCam
2023-03-01 16:08 - 2023-03-01 16:08 - 000000000 ____D C:\Program Files (x86)\DroidCam
2023-02-24 18:55 - 2023-02-24 18:55 - 000000000 ____D C:\PaintToolSAI
2023-02-18 16:22 - 2023-02-18 16:22 - 000000000 ____D C:\Users\prede\AppData\Local\VALORANT
2023-02-17 14:26 - 2023-02-17 14:26 - 002187349 _____ C:\Users\prede\OneDrive\Documents\transition.aep.webm
2023-02-10 00:15 - 2023-02-24 18:55 - 000000620 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PaintTool SAI Ver.1.lnk
2023-02-10 00:15 - 2023-02-10 00:15 - 002470500 _____ C:\Users\prede\Downloads\painttool-sai-1.2.5-installer.exe
2023-02-10 00:15 - 2023-02-10 00:15 - 000000000 ____D C:\Users\prede\AppData\Roaming\SYSTEMAX Software Development
2023-02-10 00:15 - 2023-02-10 00:15 - 000000000 ____D C:\ProgramData\SYSTEMAX Software Development
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-03-02 21:19 - 2021-09-02 18:18 - 000000000 ____D C:\Users\prede\AppData\Roaming\EasyAntiCheat
2023-03-02 21:19 - 2021-09-01 14:12 - 000000000 ____D C:\Program Files (x86)\Steam
2023-03-02 21:19 - 2021-09-01 14:07 - 000000000 ____D C:\Users\prede\AppData\Local\SquirrelTemp
2023-03-02 21:19 - 2021-09-01 13:57 - 000000000 ____D C:\Users\prede\AppData\Local\CrashDumps
2023-03-02 21:19 - 2021-09-01 00:59 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-03-02 21:19 - 2021-08-31 20:08 - 000000000 ____D C:\ProgramData\NVIDIA
2023-03-02 21:19 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2023-03-02 21:17 - 2021-08-31 19:41 - 000000000 ____D C:\Users\prede\AppData\Roaming\Avast Software
2023-03-02 21:17 - 2021-08-31 19:40 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2023-03-02 21:17 - 2021-08-31 19:40 - 000000000 ____D C:\Program Files\Avast Software
2023-03-02 21:16 - 2021-08-31 19:41 - 000000000 ____D C:\Users\prede\AppData\Local\Avast Software
2023-03-02 21:16 - 2021-08-31 19:38 - 000000000 ____D C:\ProgramData\Avast Software
2023-03-02 21:15 - 2021-08-31 19:40 - 000003990 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2023-03-02 21:15 - 2021-08-31 19:40 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2023-03-02 21:15 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-03-02 20:56 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-03-02 20:33 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2023-03-02 20:05 - 2022-04-01 13:31 - 000000000 ____D C:\Program Files (x86)\Lenovo
2023-03-02 20:05 - 2021-09-01 14:07 - 000000000 ____D C:\Users\prede\AppData\Roaming\discord
2023-03-02 18:13 - 2021-08-31 19:07 - 000000000 ____D C:\Users\prede\AppData\Local\D3DSCache
2023-03-02 17:50 - 2021-11-12 16:52 - 000000000 ____D C:\ProgramData\Origin
2023-03-02 17:47 - 2022-03-11 18:14 - 000000000 ____D C:\Users\prede\AppData\Local\Battle.net
2023-03-02 17:46 - 2021-11-12 16:52 - 000000000 ____D C:\Users\prede\AppData\Local\Origin
2023-03-02 17:16 - 2021-08-31 19:09 - 000000000 ___RD C:\Users\prede\OneDrive
2023-03-02 17:06 - 2021-08-31 19:08 - 001693864 _____ C:\Windows\system32\PerfStringBackup.INI
2023-03-02 17:06 - 2019-12-07 15:43 - 000719668 _____ C:\Windows\system32\perfh005.dat
2023-03-02 17:06 - 2019-12-07 15:43 - 000145794 _____ C:\Windows\system32\perfc005.dat
2023-03-02 17:05 - 2021-09-01 14:07 - 000000000 ____D C:\Users\prede\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2023-03-02 17:05 - 2021-08-31 19:05 - 000000000 ____D C:\Users\prede
2023-03-02 17:01 - 2022-12-07 01:10 - 000000001 _____ C:\Windows\vgkbootstatus.dat
2023-03-02 16:59 - 2022-10-02 18:57 - 000000000 ____D C:\Program Files\TeamViewer
2023-03-02 16:59 - 2021-09-01 01:00 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-03-02 16:59 - 2021-09-01 00:59 - 000008192 ___SH C:\DumpStack.log.tmp
2023-03-02 16:59 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2023-03-02 16:58 - 2019-12-07 10:03 - 000786432 _____ C:\Windows\system32\config\BBI
2023-03-02 16:38 - 2021-12-11 00:08 - 000003062 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1812155880-2879728718-321869557-1001
2023-03-02 16:38 - 2021-09-01 01:00 - 000003568 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-03-02 16:38 - 2021-09-01 01:00 - 000003344 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-03-02 16:38 - 2021-08-31 20:08 - 000003398 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-02 16:38 - 2021-08-31 20:08 - 000003196 _____ C:\Windows\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-02 16:38 - 2021-08-31 20:08 - 000003152 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-02 16:38 - 2021-08-31 20:08 - 000002984 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-02 16:38 - 2021-08-31 20:08 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-02 16:38 - 2021-08-31 20:08 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-02 16:38 - 2021-08-31 20:08 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-02 16:38 - 2021-08-31 20:08 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-02 16:38 - 2021-08-31 20:08 - 000002914 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-02 16:38 - 2021-08-31 20:08 - 000002744 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-03-02 16:38 - 2021-08-31 19:50 - 000003482 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2023-03-02 16:38 - 2021-08-31 19:09 - 000002858 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1812155880-2879728718-321869557-1001
2023-03-02 14:52 - 2021-09-01 13:56 - 000000000 ____D C:\ProgramData\Riot Games
2023-03-01 20:35 - 2023-01-28 15:50 - 000001608 _____ C:\ProgramData\droidcam-client-options-v2
2023-03-01 20:35 - 2023-01-28 15:50 - 000000401 _____ C:\ProgramData\droidcam-settings
2023-03-01 19:36 - 2023-01-29 12:39 - 000000000 ____D C:\Users\prede\AppData\Roaming\obs-studio
2023-03-01 16:19 - 2022-03-21 11:54 - 000000000 ____D C:\Users\prede\AppData\Local\ElevatedDiagnostics
2023-03-01 15:29 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\LiveKernelReports
2023-03-01 15:25 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2023-03-01 15:23 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-02-28 14:29 - 2021-08-31 19:05 - 000002377 _____ C:\Users\prede\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-02-27 14:51 - 2021-09-01 01:00 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-02-26 20:15 - 2021-10-03 14:06 - 000000000 ____D C:\Users\prede\AppData\Roaming\vlc
2023-02-26 20:09 - 2022-09-17 10:38 - 000000000 ____D C:\torenty
2023-02-23 20:11 - 2022-10-12 13:50 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2023-02-23 20:11 - 2022-08-05 18:10 - 000001255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Legion Arena.lnk
2023-02-23 20:11 - 2021-10-29 13:38 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2023-02-23 20:11 - 2021-09-01 14:26 - 000001270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2023-02-23 20:11 - 2021-09-01 14:04 - 000001082 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2023-02-23 18:27 - 2023-01-28 14:16 - 000000000 ____D C:\twitch
2023-02-18 16:22 - 2021-09-01 14:26 - 000000000 ____D C:\ProgramData\Epic
2023-02-18 16:21 - 2021-09-01 13:56 - 000000000 ____D C:\Users\prede\AppData\Local\Riot Games
2023-02-16 23:55 - 2021-08-31 19:09 - 000000000 ____D C:\Users\prede\AppData\Local\PlaceholderTileLogoFolder
2023-02-16 23:55 - 2021-08-31 19:07 - 000000000 ____D C:\Users\prede\AppData\Local\Packages
2023-02-16 23:55 - 2021-08-31 19:07 - 000000000 ____D C:\ProgramData\Packages
2023-02-15 15:54 - 2021-08-31 20:06 - 000000000 ____D C:\Windows\TempInst
2023-02-15 15:53 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-02-15 15:53 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-02-15 15:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2023-02-15 15:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2023-02-15 15:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2023-02-15 15:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2023-02-15 15:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\DDFs
2023-02-15 15:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-02-15 15:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2023-02-15 15:51 - 2021-08-31 19:03 - 003015680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-02-15 15:02 - 2021-08-31 19:14 - 000000000 ____D C:\Windows\system32\MRT
2023-02-15 15:01 - 2021-08-31 19:14 - 149955784 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-02-15 10:23 - 2022-09-15 18:14 - 000031392 _____ (AVAST Software) C:\Windows\system32\Drivers\asw7e724b4101af49c8.tmp
2023-02-15 10:23 - 2021-08-31 19:40 - 000852016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2023-02-15 10:23 - 2021-08-31 19:40 - 000696016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2023-02-15 10:23 - 2021-08-31 19:40 - 000556080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2023-02-15 10:23 - 2021-08-31 19:40 - 000391264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2023-02-15 10:23 - 2021-08-31 19:40 - 000319016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2023-02-15 10:23 - 2021-08-31 19:40 - 000297848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2023-02-15 10:23 - 2021-08-31 19:40 - 000268448 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2023-02-15 10:23 - 2021-08-31 19:40 - 000231800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2023-02-15 10:23 - 2021-08-31 19:40 - 000105216 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2023-02-15 10:23 - 2021-08-31 19:40 - 000095928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2023-02-15 10:23 - 2021-08-31 19:40 - 000080392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2023-02-15 10:23 - 2021-08-31 19:40 - 000039600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2023-02-11 20:07 - 2023-01-29 20:04 - 000000000 ____D C:\Users\prede\AppData\Local\osu!
2023-02-10 22:40 - 2021-08-31 20:06 - 000000000 ____D C:\ProgramData\Lenovo
2023-02-10 09:34 - 2021-09-03 08:34 - 000001921 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2023-02-10 09:34 - 2021-08-31 20:06 - 000000000 ____D C:\Windows\system32\Tasks\TVT
2023-02-09 22:27 - 2021-11-12 16:53 - 000000000 ____D C:\Program Files (x86)\Origin
2023-02-05 05:55 - 2022-03-20 13:58 - 000000000 ____D C:\Users\prede\AppData\Roaming\paradox-launcher-v2
2023-02-04 02:20 - 2022-03-11 18:13 - 000000000 ____D C:\Program Files (x86)\Battle.net
==================== Files in the root of some directories ========
2023-03-02 17:05 - 2023-03-02 17:05 - 083185944 _____ (Discord Inc.) C:\Users\prede\DiscordSetup.exe
2022-09-16 23:36 - 2019-11-28 00:00 - 000006026 _____ () C:\Program Files\current.btskin
2022-09-17 01:12 - 2022-11-05 21:08 - 000000607 _____ () C:\Program Files\dht.dat
2022-09-17 01:12 - 2022-09-17 01:12 - 000004118 _____ () C:\Program Files\dht.dat.old
2022-09-16 23:41 - 2022-11-05 21:08 - 000000002 _____ () C:\Program Files\dht_feed.dat
2022-09-16 23:41 - 2022-09-17 01:12 - 000000002 _____ () C:\Program Files\dht_feed.dat.old
2022-09-16 23:38 - 2022-09-16 23:37 - 000035362 ____N () C:\Program Files\Pan.prstenu.Prsteny Moci.S01E01.2160p.mkv.torrent
2022-11-05 21:07 - 2022-09-17 01:12 - 000004534 _____ () C:\Program Files\resume.20221105.210736.dat
2022-09-16 23:40 - 2022-11-05 21:08 - 000005014 _____ () C:\Program Files\resume.dat
2022-09-16 23:40 - 2022-09-17 01:12 - 000004534 _____ () C:\Program Files\resume.dat.old
2022-09-17 01:12 - 2022-11-05 21:08 - 000000099 _____ () C:\Program Files\rss.dat
2022-09-17 01:12 - 2022-09-17 01:12 - 000000099 _____ () C:\Program Files\rss.dat.old
2022-09-16 23:36 - 2022-11-05 21:08 - 000012489 _____ () C:\Program Files\settings.dat.old
2022-09-16 23:36 - 2019-11-28 00:00 - 000027702 _____ () C:\Program Files\toolbar.bmp
2022-09-16 23:36 - 2022-02-14 18:00 - 000378160 _____ (Zdenek Svub) C:\Program Files\uninstall.exe
2022-09-16 23:36 - 2019-11-28 00:00 - 000189334 _____ () C:\Program Files\utorrent-313-26837.chm
2022-09-16 23:36 - 2022-02-20 20:00 - 000752432 _____ (BitTorrent, Inc.) C:\Program Files\utorrent.exe
2022-09-16 23:36 - 2019-11-28 00:00 - 000954701 _____ () C:\Program Files\utorrent.lng
2022-09-16 23:36 - 2019-11-28 00:00 - 000000049 _____ () C:\Program Files\utorrent.url
2022-09-16 23:36 - 2019-11-28 00:00 - 000184498 _____ () C:\Program Files\webui.zip
2021-10-03 14:06 - 2021-10-03 14:06 - 041372992 _____ () C:\Program Files (x86)\vlc-3.0.16-win32.exe
2023-03-02 16:48 - 2023-03-02 16:48 - 000068996 _____ () C:\Users\prede\AppData\Roaming\autofilldata.txt
2023-03-02 16:48 - 2023-03-02 16:48 - 000418905 _____ () C:\Users\prede\AppData\Roaming\cookies.txt
2023-03-02 16:48 - 2023-03-02 16:48 - 000000146 _____ () C:\Users\prede\AppData\Roaming\creditcards.txt
2023-03-02 16:48 - 2023-03-02 16:48 - 000002686 _____ () C:\Users\prede\AppData\Roaming\passwords.txt
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-03-2023
Ran by prede (02-03-2023 21:26:57)
Running from C:\Users\prede\OneDrive\Plocha
Microsoft Windows 10 Pro Version 22H2 19045.2604 (X64) (2021-08-31 18:02:49)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1812155880-2879728718-321869557-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1812155880-2879728718-321869557-503 - Limited - Disabled)
Guest (S-1-5-21-1812155880-2879728718-321869557-501 - Limited - Disabled)
prede (S-1-5-21-1812155880-2879728718-321869557-1001 - Administrator - Enabled) => C:\Users\prede
WDAGUtilityAccount (S-1-5-21-1812155880-2879728718-321869557-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.1.3.26837 - emc, uTorrent.CZ)
Adobe Acrobat Reader - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 22.003.20322 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601042}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Avast AntiTrack Premium (HKLM-x32\...\AvastAntiTrackPremium) (Version: 3.3.983.1074 - Avast Software)
Avast Battery Saver (HKLM\...\Avast Battery Saver) (Version: 22.2.1681.2728 - Avast Software)
Avast BreachGuard (HKLM\...\AvastBreachGuard) (Version: 23.2.1853.6718 - Avast Software)
Avast Cleanup Premium (HKLM\...\Avast Cleanup) (Version: 22.4.12696.9862 - Avast Software)
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 23.1.6049 - Avast Software)
Avast SecureLine VPN (HKLM\...\Avast SecureLine) (Version: 5.23.7370.6602 - Avast Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-1812155880-2879728718-321869557-1001\...\Discord) (Version: 1.0.9011 - Discord Inc.)
DroidCam Client (HKLM-x32\...\DroidCam) (Version: 6.5.2 - DEV47APPS)
Epic Games Launcher (HKLM-x32\...\{A7BBC0A6-3DB0-41CC-BCED-DDFC5D4F3060}) (Version: 1.2.17.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-1812155880-2879728718-321869557-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Legion Arena (HKLM-x32\...\Legion Arena_is1) (Version: 1.3.0.39 - Lenovo Group Ltd.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 110.0.1587.57 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 110.0.1587.57 - Microsoft Corporation)
Microsoft GameInput (HKLM-x32\...\{6BBE9278-659F-FA16-E4B8-C2D60DE0DCC7}) (Version: 10.1.22621.1863 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1812155880-2879728718-321869557-1001\...\OneDriveSetup.exe) (Version: 23.033.0212.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31931 (HKLM-x32\...\{d4cecf3b-b68f-4995-8840-52ea0fab646e}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29334 (HKLM-x32\...\{14C49FC8-3E9B-4F29-8526-26629B5CF30B}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29334 (HKLM-x32\...\{0D01A812-82A1-481F-8546-8E28E976F8DF}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31931 (HKLM\...\{EAE242B1-0A26-485A-BFEB-0292EE9F03CB}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31931 (HKLM\...\{CF4C347D-954E-4543-88D2-EC17F07F466F}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Minecraft Launcher (HKLM-x32\...\{733C3ACB-432D-4880-B0E1-660000D7974D}) (Version: 1.0.0.0 - Mojang)
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 517.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 517.00 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 27.2.4 - OBS Project)
Origin (HKLM-x32\...\Origin) (Version: 10.5.119.52718 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{4e28b818-673a-431d-ad82-6ed012649597}) (Version: latest - ppy Pty Ltd)
PaintTool SAI Ver.1 (HKLM-x32\...\PaintToolSAI) (Version: - )
Paradox Launcher v2 (HKLM\...\{66DA3501-823A-4F07-A20D-C64495A59DC8}) (Version: 2.1.0 - Paradox Interactive)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StreamElements SE.Live (HKLM-x32\...\StreamElements OBS.Live) (Version: 22.9.8.69 - StreamElements)
Streamlabs Desktop 1.12.5 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 1.12.5 - General Workings, Inc.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.34.4 - TeamViewer)
TmUnitedForever Update 2010-03-15 (HKLM-x32\...\TmUnitedForever_is1) (Version: - Nadeo)
Twitch Studio (HKU\S-1-5-21-1812155880-2879728718-321869557-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF372B0}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Uplay (HKLM-x32\...\Uplay) (Version: 22.1 - Ubisoft)
VALORANT (HKU\S-1-5-21-1812155880-2879728718-321869557-1001\...\Riot Game valorant.live) (Version: - Riot Games, Inc)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.18 - VideoLAN)
WhatsApp (HKU\S-1-5-21-1812155880-2879728718-321869557-1001\...\WhatsApp) (Version: 2.2140.7 - WhatsApp)
WinRAR 6.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.10.0 - win.rar GmbH)
Packages:
=========
Dolby Atmos for Gaming -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAtmosforGaming_3.20800.804.0_x64__rz1tebttyb220 [2021-08-31] (Dolby Laboratories)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-09-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-09-01] (Microsoft Corporation) [MS Ad]
Minecraft Launcher -> C:\Program Files\WindowsApps\Microsoft.4297127D64EC6_1.1.28.0_x64__8wekyb3d8bbwe [2022-08-22] (Microsoft Studios)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-10-17] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.12.219.0_x64__dt26b99r8h8gj [2021-08-31] (Realtek Semiconductor Corp)
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.564.444.0_x86__55nm5eh3cm0pr [2023-02-28] (ROBLOX Corporation)
Rychlý pomocník -> C:\Program Files\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.19.0_x64__8wekyb3d8bbwe [2023-02-28] (Microsoft Corp.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2022-12-08] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0 [2023-02-18] (Spotify AB) [Startup Task]
Trio Office -> C:\Program Files\WindowsApps\64343GTDocStudio.OfficeDocOpener_3.3.2.0_x86__3h5nez1g3qt2c [2022-08-26] (GT Office PDF Studio)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2306.4.0_x64__cv1g1gvanyjgm [2023-02-23] (WhatsApp Inc.) [Startup Task]
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.747.1945.0_x64__8wekyb3d8bbwe [2023-02-03] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x64__8wekyb3d8bbwe [2023-02-28] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x86__8wekyb3d8bbwe [2023-02-28] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-02-28] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-02-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-02-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-01-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-01-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-02-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_7947c31fc944635c\nvshext.dll [2022-09-15] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-02-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-01-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-01-24] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32-x32: [vidc.VP60] => C:\Windows\system32\vp6vfw.dll
HKLM\...\Drivers32-x32: [vidc.VP61] => C:\Windows\system32\vp6vfw.dll
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2023-02-23 00:01 - 2023-02-23 00:01 - 001530368 _____ () [File not signed] C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2306.4.0_x64__cv1g1gvanyjgm\e_sqlite3.dll
2023-02-23 00:01 - 2023-02-23 00:02 - 104974336 _____ () [File not signed] C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2306.4.0_x64__cv1g1gvanyjgm\WhatsApp.dll
2023-02-23 00:01 - 2023-02-23 00:02 - 008795648 _____ () [File not signed] C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2306.4.0_x64__cv1g1gvanyjgm\WhatsAppNative.dll
2023-03-02 21:17 - 2023-03-02 21:17 - 000180224 _____ (Software Security System) [File not signed] C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\Ekc3220.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData:err [1116]
AlternateDataStreams: C:\Users\All Users:err [1116]
AlternateDataStreams: C:\ProgramData\Data aplikací:err [1116]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk:8F93AA8F75 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Legion Arena.lnk:20903A5BF7 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk:F20EF51E1F [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk:F208FC6732 [3442]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [2668]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
2022-01-21 09:20 - 2022-01-21 09:20 - 000000375 _____ C:\Windows\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1812155880-2879728718-321869557-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 85.132.179.206 - 188.75.176.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{C71F7907-10DB-4A49-8946-DA0A86FBB71E}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{9F5531CB-4CF5-4E57-9C0C-DD5F2AB468EF}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{943D21ED-813A-49C3-9EAE-1649FE848950}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CA4F5E17-BE89-49B0-AD21-9E39EAD0CF30}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{ABBE9197-045E-4EEA-9208-322DB74141A8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{42EFA61E-2F7F-4226-B52C-FC4AA34EF7CC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D6464696-B9F1-4DC4-9D5D-C41C8F03B25A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BFBE07D4-34B0-47EC-8E26-D7D84A087BB6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{210AF5EC-1761-40BB-B362-AF3523AAA4AA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{79C257FF-50B4-4CC0-B1D3-FFF326C0C820}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E385B363-1C25-4AC9-8F8A-3F0E63B7BB77}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A681EAED-526D-40B0-BC42-99E1C9F8AB5F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{BEF3F261-BFD6-4BAD-B318-611F381A67A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{2A1B2984-58C4-4FF6-A3B9-F78F792AF8EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{4F2123A4-44F1-48AA-BCE5-2819A5AF9BBB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client.exe () [File not signed]
FirewallRules: [{B4E81CD1-C7A2-4FDC-AC58-F845D6656B48}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client.exe () [File not signed]
FirewallRules: [{5AD29465-A8CE-4F52-ADA5-49F6048BF9EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{18A77AF5-56B0-4CE5-926F-48E954F4844D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win64\PaladinsEAC.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{0B75C564-CAC6-49F3-A965-EDA4DFEEC15A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
FirewallRules: [{0A780763-899E-4E96-9423-373EF6FE6954}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
FirewallRules: [{B5EDA9EC-3585-4C63-9B42-1A16DE889A20}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Green Hell\GH.exe () [File not signed]
FirewallRules: [{D5037AAF-98B1-4ABD-BBA8-ECF2726CE7BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Green Hell\GH.exe () [File not signed]
FirewallRules: [{E2D58AD3-AC65-400F-91D8-C950E8E00AB4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForever.exe () [File not signed]
FirewallRules: [{37D0A9A2-93B6-49AE-BF13-B29F36BE16F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForever.exe () [File not signed]
FirewallRules: [{EEF29C3C-38D4-4759-B4FA-7B0F4D9E7727}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe () [File not signed]
FirewallRules: [{CC5D5326-4037-414E-963C-A0FB2D98C2D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe () [File not signed]
FirewallRules: [TCP Query User{94CF6D88-B7C4-4758-9E3E-CFB86A5E1724}C:\program files\warcraft od pepíka\war3.exe] => (Allow) C:\program files\warcraft od pepíka\war3.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [UDP Query User{5508F3E5-A98A-4FCC-B138-05AF700C2C1A}C:\program files\warcraft od pepíka\war3.exe] => (Allow) C:\program files\warcraft od pepíka\war3.exe (Blizzard Entertainment) [File not signed]
FirewallRules: [TCP Query User{3ECFDF6A-AFF4-4335-8E26-93EE1E29E33A}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{D59F8990-DA04-4C3E-B7BB-78C120755373}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [{92584F15-76BA-43EB-B29E-95B4CBDA8F1F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ben and Ed\BenAndEd.exe () [File not signed]
FirewallRules: [{38E25EEA-C90C-499D-84E5-62EE8D9470DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ben and Ed\BenAndEd.exe () [File not signed]
FirewallRules: [{E9EBF142-1737-4B3E-B15B-494450F91815}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ben and Ed - Blood Party\BaEBloodParty.exe () [File not signed]
FirewallRules: [{BA222D2C-5E69-451F-A692-FE5D01C208FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ben and Ed - Blood Party\BaEBloodParty.exe () [File not signed]
FirewallRules: [{068E36DD-9610-4F26-A321-FB10DF25287A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\UNO Demo\UNO.exe (Chengdu Ubisoft Software Co., Ltd. -> )
FirewallRules: [{C9507E20-3972-40F2-A736-1060342BC9BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\UNO Demo\UNO.exe (Chengdu Ubisoft Software Co., Ltd. -> )
FirewallRules: [{5101314F-649B-448B-B56E-FE6CBF426868}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\March of Empires\MOE.exe () [File not signed]
FirewallRules: [{D7CDA1C7-0C6B-4F40-B1C4-48FAAE0DE773}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\March of Empires\MOE.exe () [File not signed]
FirewallRules: [TCP Query User{F1F85E12-73AB-4575-B8A9-CCEF6E9FA65E}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [UDP Query User{B0113156-5F73-4645-8508-EA5A3DCB3563}C:\riot games\riot client\riotclientservices.exe] => (Allow) C:\riot games\riot client\riotclientservices.exe (Riot Games, Inc. -> Riot Games, Inc.)
FirewallRules: [TCP Query User{67BD0561-B75E-4C79-84AB-0DB00C0936C6}C:\program files (x86)\steam\steamapps\common\ben and ed - blood party\baebloodparty\binaries\win32\baebloodparty.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\ben and ed - blood party\baebloodparty\binaries\win32\baebloodparty.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [UDP Query User{861BC72C-E7C1-476B-9305-AF7BD6DE7122}C:\program files (x86)\steam\steamapps\common\ben and ed - blood party\baebloodparty\binaries\win32\baebloodparty.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\ben and ed - blood party\baebloodparty\binaries\win32\baebloodparty.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{30766E00-EF0A-4F6D-AD49-ADB324AF7F40}C:\program files (x86)\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [UDP Query User{6AB276FE-AFE9-4D19-8420-949CAE351D44}C:\program files (x86)\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
FirewallRules: [{C52DCA10-F6A7-4969-9873-BC7213168EAE}] => (Allow) C:\Program Files\utorrent.exe (Zdenek Svub -> BitTorrent, Inc.)
FirewallRules: [{A6EFD419-E046-474D-9267-BA3A573C237E}] => (Allow) C:\Program Files\utorrent.exe (Zdenek Svub -> BitTorrent, Inc.)
FirewallRules: [{4CD0879E-1ED6-4DCA-B0FE-DAD85417741E}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{AA44A6A6-B087-4FC7-9A50-4AA6021A7733}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0AA75DA4-B7FC-49F0-9195-05C9B93A36CD}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1EE13C3B-43FB-4F9D-A04C-0BCC68C5D66F}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F9162D7B-4031-4267-9FE2-8C3B08BEFB35}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Keep Talking and Nobody Explodes\ktane.exe () [File not signed]
FirewallRules: [{3A1CBDEC-8D53-4218-A06D-698169FA64E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Keep Talking and Nobody Explodes\ktane.exe () [File not signed]
FirewallRules: [{C1E8F202-78EE-4E0A-9D5B-6BBF75E7090A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Business Tour\BusinessTour.exe () [File not signed]
FirewallRules: [{68892882-5D7F-4ACC-9141-C29757EE8226}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Business Tour\BusinessTour.exe () [File not signed]
FirewallRules: [{6C2C9EBE-AC7A-4799-8910-A9A8036C5A95}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FlatOut2\FlatOut2.exe () [File not signed]
FirewallRules: [{0FA70662-63EC-4A61-B480-B95AE4917BF4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FlatOut2\FlatOut2.exe () [File not signed]
FirewallRules: [{64B818C7-4CC2-44BF-9006-86CEFA6813C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Zoo 2 Animal Park\zoo2.exe (Unity Technologies ApS) [File not signed]
FirewallRules: [{1CD71B39-235D-43C9-AF79-55C98B90D7AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Zoo 2 Animal Park\zoo2.exe (Unity Technologies ApS) [File not signed]
FirewallRules: [{E49D1AF7-A9BA-47D9-AE26-D14CACFDA865}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe => No File
FirewallRules: [{58D54970-42D1-4CA8-8828-7B04DACA05B2}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe => No File
FirewallRules: [{55CAC596-4F0B-4503-B137-60184FDF12BF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0DCA3C11-C874-4601-865A-0AB0C5AB470A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0E1AC7F7-5959-43BE-89EE-31CE05129C08}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D2C16612-4B92-4776-9AA9-35ADC0BA4388}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{ADCD6115-663E-4CB0-9A6D-A383FC9FF33C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E5A63002-D1F2-45DB-940C-5827A0CB62C7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{016C1BEB-0801-439F-868C-A287626C459D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{69918162-3AE6-49AD-8519-C2AAA603F112}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.205.1006.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B92CF8B9-CF60-43C0-A949-1D06D7CCB48B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3426.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{494AD965-25CA-417F-8AB0-FE3682827086}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3426.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{177D07B1-1F9A-439E-A05F-4FC7F0FAA1E1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3426.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F39D8108-9593-49FC-A363-B665AA05CC21}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3426.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AFF8D682-C433-45D5-8ECD-54F3A3A28F83}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.57\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8181D212-03FB-492D-B00F-9900A21B4FAD}] => (Allow) C:\Program Files\Avast Software\Battery Saver\BatteryUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{331214FD-BEE7-4750-88A4-9FDB6171D2E9}] => (Allow) C:\Program Files\Avast Software\Battery Saver\BatteryUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{EA1FF99A-B857-46DB-9744-7C3D90830182}] => (Allow) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{09C7C1F5-A6FE-4B5A-927A-6F5C24E5BA4F}] => (Allow) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{1581F7FF-B3A2-4879-81FD-B2D826138B3E}] => (Allow) C:\Program Files\Avast Software\BreachGuard\bgui.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{3AD5BF86-16C4-4BF9-BCBC-E90A59ED0C84}] => (Allow) C:\Program Files\Avast Software\BreachGuard\bgui.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{DF09D5F4-1667-4282-A0AF-A77ED8BB641C}] => (Allow) C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe (Avast Software s.r.o. -> The CefSharp Authors)
FirewallRules: [{6375BB0C-F8FC-496A-8E5B-66DFD401A156}] => (Allow) C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe (Avast Software s.r.o. -> The CefSharp Authors)
FirewallRules: [{921AF530-9603-4F78-A451-B355FE40C97A}] => (Allow) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{E0368D61-B00D-4599-8AFD-73C4441102C7}] => (Allow) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (Avast Software s.r.o. -> AVAST Software)
==================== Restore Points =========================
15-02-2023 15:48:20 Instalační služba modulů systému Windows
15-02-2023 15:48:43 Instalační služba modulů systému Windows
26-02-2023 18:14:46 Naplánovaný kontrolní bod
02-03-2023 20:05:45 AdwCleaner_BeforeCleaning_02/03/2023_20:05:45
02-03-2023 20:28:08 Instalační služba modulů systému Windows
02-03-2023 20:29:02 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/02/2023 04:58:39 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (03/01/2023 08:35:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DroidCamApp.exe, verze: 0.0.0.0, časové razítko: 0x61624b41
Název chybujícího modulu: DroidCamApp.exe, verze: 0.0.0.0, časové razítko: 0x61624b41
Kód výjimky: 0xc0000005
Posun chyby: 0x0003a225
ID chybujícího procesu: 0x50ac
Čas spuštění chybující aplikace: 0x01d94c4fcf55e6d6
Cesta k chybující aplikaci: C:\Program Files (x86)\DroidCam\DroidCamApp.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\DroidCam\DroidCamApp.exe
ID zprávy: 482cc6fa-3314-47e3-91d3-b8082f6647d0
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (03/01/2023 04:03:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DroidCamApp.exe, verze: 0.0.0.0, časové razítko: 0x61624b41
Název chybujícího modulu: DroidCamApp.exe, verze: 0.0.0.0, časové razítko: 0x61624b41
Kód výjimky: 0xc0000005
Posun chyby: 0x0003a225
ID chybujícího procesu: 0x3854
Čas spuštění chybující aplikace: 0x01d94c4edf90c10a
Cesta k chybující aplikaci: C:\Program Files (x86)\DroidCam\DroidCamApp.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\DroidCam\DroidCamApp.exe
ID zprávy: 7aa2a273-c7c4-43e5-bae9-294b7d63117d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/27/2023 09:32:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DroidCamApp.exe, verze: 0.0.0.0, časové razítko: 0x61624b41
Název chybujícího modulu: DroidCamApp.exe, verze: 0.0.0.0, časové razítko: 0x61624b41
Kód výjimky: 0xc0000005
Posun chyby: 0x0003a225
ID chybujícího procesu: 0x43d4
Čas spuštění chybující aplikace: 0x01d94ab59c22b6c9
Cesta k chybující aplikaci: C:\Program Files (x86)\DroidCam\DroidCamApp.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\DroidCam\DroidCamApp.exe
ID zprávy: e0fb7870-af14-4583-a7de-44d7a1b2a09d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/24/2023 10:46:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 3.1.3.26837, časové razítko: 0x4f5934c0
Název chybujícího modulu: GDI32.dll, verze: 10.0.19041.2130, časové razítko: 0x463c9bed
Kód výjimky: 0xc000041d
Posun chyby: 0x00005e57
ID chybujícího procesu: 0x1404
Čas spuštění chybující aplikace: 0x01d9487360963dff
Cesta k chybující aplikaci: C:\Program Files\utorrent.exe
Cesta k chybujícímu modulu: C:\Windows\System32\GDI32.dll
ID zprávy: 75dd2b78-b87f-4506-b989-41216b9ef941
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/23/2023 10:45:37 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na \\?\Volume{3a67c860-4f4a-07bf-1000-5763d3e2c1e4}\, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (02/23/2023 06:59:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: obs64.exe, verze: 29.0.2.0, časové razítko: 0x63de3702
Název chybujícího modulu: obs-browser.dll, verze: 0.0.0.0, časové razítko: 0x63b8a363
Kód výjimky: 0xc0000409
Posun chyby: 0x00000000000627e5
ID chybujícího procesu: 0x3218
Čas spuštění chybující aplikace: 0x01d94770b8ae1bf6
Cesta k chybující aplikaci: C:\Program Files (x86)\obs-studio\bin\64bit\obs64.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\obs-studio\obs-plugins\64bit\obs-browser.dll
ID zprávy: ff08da60-0d1c-48ba-9084-fb56dde9bb20
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/21/2023 03:50:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: obs64.exe, verze: 29.0.2.0, časové razítko: 0x63de3702
Název chybujícího modulu: obs-browser.dll, verze: 0.0.0.0, časové razítko: 0x63b8a363
Kód výjimky: 0xc0000409
Posun chyby: 0x00000000000627e5
ID chybujícího procesu: 0x1be0
Čas spuštění chybující aplikace: 0x01d94534e02fbf9c
Cesta k chybující aplikaci: C:\Program Files (x86)\obs-studio\bin\64bit\obs64.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\obs-studio\obs-plugins\64bit\obs-browser.dll
ID zprávy: d62ccc7a-f415-44c8-a078-92f48ba3a5cf
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (03/02/2023 08:05:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Steam Client Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (03/02/2023 08:05:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Storage Middleware Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (03/02/2023 08:05:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Realtek Audio Universal Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (03/02/2023 08:05:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Dolby DAX API Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (03/02/2023 08:05:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Lenovo Fn and function keys service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (03/02/2023 08:05:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Fortemedia APO Control Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (03/02/2023 08:05:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (03/02/2023 08:05:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
CodeIntegrity:
===============
Date: 2023-03-02 21:15:40
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2023-03-02 17:00:22
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO EFCN54WW 02/14/2022
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i5-10300H CPU @ 2.50GHz
Percentage of memory in use: 45%
Total physical RAM: 16291.8 MB
Available physical RAM: 8825.23 MB
Total Virtual: 21411.8 MB
Available Virtual: 12392.44 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:953.26 GB) (Free:497.55 GB) (Model: SKHynix_HFS001TD9TNI-L2A0B) NTFS
\\?\Volume{0a407154-9aa0-4e6d-b063-bc0695595013}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{3a67c860-4f4a-07bf-1000-5763d3e2c1e4}\ () (Fixed) (Total:0.01 GB) (Free:0 GB) NTFS
\\?\Volume{a5965ef6-dfcc-44ef-bf59-d6697632a644}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 953.9 GB) (Disk ID: 5412D21F)
Partition: GPT.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 1.
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 118243
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Ukradený učet Discord
Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\prede\OneDrive\Plocha jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1812155880-2879728718-321869557-1001\...\MountPoints2: {65b6c973-48b6-11ec-a27e-841b77978b9f} - "D:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {3C1C047A-D719-4845-9AB4-97074E7A3711} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe PendingTask (No File)
Task: {CEF0A94B-202E-4414-A29B-1EA869791D68} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1812155880-2879728718-321869557-1001 => C:\Users\prede\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe (No File)
C:\DumpStack.log.tmp
AlternateDataStreams: C:\ProgramData:err [1116]
AlternateDataStreams: C:\Users\All Users:err [1116]
AlternateDataStreams: C:\ProgramData\Data aplikací:err [1116]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk:8F93AA8F75 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Legion Arena.lnk:20903A5BF7 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk:F20EF51E1F [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk:F208FC6732 [3442]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [2668]
FirewallRules: [{E49D1AF7-A9BA-47D9-AE26-D14CACFDA865}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe => No File
FirewallRules: [{58D54970-42D1-4CA8-8828-7B04DACA05B2}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe => No File
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Ukradený učet Discord
Fix result of Farbar Recovery Scan Tool (x64) Version: 02-03-2023
Ran by prede (03-03-2023 20:06:35) Run:1
Running from C:\Users\prede\OneDrive\Plocha
Loaded Profiles: prede
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1812155880-2879728718-321869557-1001\...\MountPoints2: {65b6c973-48b6-11ec-a27e-841b77978b9f} - "D:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {3C1C047A-D719-4845-9AB4-97074E7A3711} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe PendingTask (No File)
Task: {CEF0A94B-202E-4414-A29B-1EA869791D68} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1812155880-2879728718-321869557-1001 => C:\Users\prede\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe (No File)
C:\DumpStack.log.tmp
AlternateDataStreams: C:\ProgramData:err [1116]
AlternateDataStreams: C:\Users\All Users:err [1116]
AlternateDataStreams: C:\ProgramData\Data aplikací:err [1116]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk:8F93AA8F75 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Legion Arena.lnk:20903A5BF7 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk:F20EF51E1F [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk:F208FC6732 [3442]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [2668]
FirewallRules: [{E49D1AF7-A9BA-47D9-AE26-D14CACFDA865}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe => No File
FirewallRules: [{58D54970-42D1-4CA8-8828-7B04DACA05B2}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe => No File
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKU\S-1-5-21-1812155880-2879728718-321869557-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{65b6c973-48b6-11ec-a27e-841b77978b9f} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3C1C047A-D719-4845-9AB4-97074E7A3711}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3C1C047A-D719-4845-9AB4-97074E7A3711}" => removed successfully
C:\Windows\System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TVT\TVSUUpdateTask_UserLogOn" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CEF0A94B-202E-4414-A29B-1EA869791D68}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CEF0A94B-202E-4414-A29B-1EA869791D68}" => removed successfully
C:\Windows\System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1812155880-2879728718-321869557-1001 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Lenovo Service Bridge\S-1-5-21-1812155880-2879728718-321869557-1001" => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
C:\ProgramData => ":err" ADS removed successfully
"C:\Users\All Users" => ":err" ADS not found.
"C:\ProgramData\Data aplikací" => ":err" ADS not found.
C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini => ":B1DA6C571C" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk => ":8F93AA8F75" ADS removed successfully
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini" => ":41964AA945" ADS not found.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk => ":BE32D07BC5" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Legion Arena.lnk => ":20903A5BF7" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk => ":F20EF51E1F" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk => ":F208FC6732" ADS removed successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E49D1AF7-A9BA-47D9-AE26-D14CACFDA865}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{58D54970-42D1-4CA8-8828-7B04DACA05B2}" => removed successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 112880647 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 1105996070 B
Windows/system/drivers => 3526955 B
Edge => 0 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 346834 B
NetworkService => 346834 B
prede => 220778526 B
RecycleBin => 61389 B
EmptyTemp: => 1.3 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 03-03-2023 20:08:02)
C:\DumpStack.log.tmp => Could not move
==== End of Fixlog 20:08:02 ====
Ran by prede (03-03-2023 20:06:35) Run:1
Running from C:\Users\prede\OneDrive\Plocha
Loaded Profiles: prede
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1812155880-2879728718-321869557-1001\...\MountPoints2: {65b6c973-48b6-11ec-a27e-841b77978b9f} - "D:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {3C1C047A-D719-4845-9AB4-97074E7A3711} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe PendingTask (No File)
Task: {CEF0A94B-202E-4414-A29B-1EA869791D68} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1812155880-2879728718-321869557-1001 => C:\Users\prede\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe (No File)
C:\DumpStack.log.tmp
AlternateDataStreams: C:\ProgramData:err [1116]
AlternateDataStreams: C:\Users\All Users:err [1116]
AlternateDataStreams: C:\ProgramData\Data aplikací:err [1116]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini:B1DA6C571C [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk:8F93AA8F75 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini:41964AA945 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Legion Arena.lnk:20903A5BF7 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk:F20EF51E1F [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk:F208FC6732 [3442]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [2668]
FirewallRules: [{E49D1AF7-A9BA-47D9-AE26-D14CACFDA865}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe => No File
FirewallRules: [{58D54970-42D1-4CA8-8828-7B04DACA05B2}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe => No File
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKU\S-1-5-21-1812155880-2879728718-321869557-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{65b6c973-48b6-11ec-a27e-841b77978b9f} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3C1C047A-D719-4845-9AB4-97074E7A3711}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3C1C047A-D719-4845-9AB4-97074E7A3711}" => removed successfully
C:\Windows\System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TVT\TVSUUpdateTask_UserLogOn" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CEF0A94B-202E-4414-A29B-1EA869791D68}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CEF0A94B-202E-4414-A29B-1EA869791D68}" => removed successfully
C:\Windows\System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1812155880-2879728718-321869557-1001 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Lenovo Service Bridge\S-1-5-21-1812155880-2879728718-321869557-1001" => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
C:\ProgramData => ":err" ADS removed successfully
"C:\Users\All Users" => ":err" ADS not found.
"C:\ProgramData\Data aplikací" => ":err" ADS not found.
C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini => ":B1DA6C571C" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk => ":8F93AA8F75" ADS removed successfully
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini" => ":41964AA945" ADS not found.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk => ":BE32D07BC5" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Legion Arena.lnk => ":20903A5BF7" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk => ":F20EF51E1F" ADS removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk => ":F208FC6732" ADS removed successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E49D1AF7-A9BA-47D9-AE26-D14CACFDA865}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{58D54970-42D1-4CA8-8828-7B04DACA05B2}" => removed successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 112880647 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 1105996070 B
Windows/system/drivers => 3526955 B
Edge => 0 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 346834 B
NetworkService => 346834 B
prede => 220778526 B
RecycleBin => 61389 B
EmptyTemp: => 1.3 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 03-03-2023 20:08:02)
C:\DumpStack.log.tmp => Could not move
==== End of Fixlog 20:08:02 ====
-
Rudy
- Site Admin
- Příspěvky: 118243
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Ukradený učet Discord
Smazáno, log by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Ukradený učet Discord
Moc Děkuji.
-
Rudy
- Site Admin
- Příspěvky: 118243
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Ukradený učet Discord
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?