Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-10-2023
Ran by Azareth (administrator) on AZARETH-PC (LENOVO 20091) (20-10-2023 13:31:18)
Running from C:\Users\Azareth\Downloads\FRST64.exe
Loaded Profiles: Azareth
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X64) Language: Angličtina (Spojené státy) -> Čeština (Česká republika)
Default browser: IE
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <3>
(C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE ->) (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\JetBrains\IntelliJ IDEA Community Edition 2021.2.2\bin\idea64.exe ->) (JetBrains s.r.o. -> ) C:\Program Files\JetBrains\IntelliJ IDEA Community Edition 2021.2.2\lib\pty4j-native\win\x86-64\winpty-agent.exe
(C:\Program Files\JetBrains\IntelliJ IDEA Community Edition 2021.2.2\bin\idea64.exe ->) (JetBrains s.r.o. -> JetBrains s.r.o.) C:\Program Files\JetBrains\IntelliJ IDEA Community Edition 2021.2.2\bin\fsnotifier.exe
(C:\Program Files\JetBrains\IntelliJ IDEA Community Edition 2021.2.2\lib\pty4j-native\win\x86-64\winpty-agent.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(C:\Users\Azareth\AppData\Roaming\uTorrent Web\utweb.exe ->) (Rainberry Inc -> BitTorrent Inc.) C:\Users\Azareth\AppData\Roaming\uTorrent Web\helper\helper.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(explorer.exe ->) (DT Soft Ltd -> DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\68.0.2.0\crashpad_handler.exe <3>
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <46>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(explorer.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(explorer.exe ->) (JetBrains s.r.o. -> JetBrains s.r.o.) C:\Program Files\JetBrains\IntelliJ IDEA Community Edition 2021.2.2\bin\idea64.exe
(explorer.exe ->) (Lenovo (Beijing) Limited -> Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(explorer.exe ->) (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(explorer.exe ->) (Rainberry Inc -> BitTorrent Inc.) C:\Users\Azareth\AppData\Roaming\uTorrent Web\utweb.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (LAVASOFT SOFTWARE CANADA INC -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2020-04-27] (Lenovo (Beijing) Limited -> Lenovo)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11786344 2011-03-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9753024 2020-04-27] (Lenovo (Beijing) Limited -> Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2020-04-27] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [255896 2023-09-28] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [270912 2015-06-17] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2023-01-11] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2023-01-11] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd -> DT Soft Ltd)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [42727840 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [49958368 2022-02-01] (Google LLC -> )
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91016568 2020-12-02] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Azareth\AppData\Local\Microsoft\Teams\Update.exe [2589872 2023-10-10] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [8520168 2021-03-01] (LAVASOFT SOFTWARE CANADA INC -> Lavasoft) <==== ATTENTION
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2023-01-11] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4375912 2023-09-29] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [utweb] => C:\Users\Azareth\AppData\Roaming\uTorrent Web\utweb.exe [6418944 2023-08-06] (Rainberry Inc -> BitTorrent Inc.)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\MountPoints2: {1b68cac0-8921-11ea-98fb-806e6f6e6963} - F:\setupx64.bat
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2023-01-11] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2020-04-28] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon MG3000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDG.DLL [30720 2016-06-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3000 series: C:\Windows\system32\CNMLMDG.DLL [485376 2016-06-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3000 series XPS: C:\Windows\system32\CNMXLMDG.DLL [487424 2016-05-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\109.0.19987.122\Installer\chrmstp.exe [2023-01-31] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\109.0.5414.120\Installer\chrmstp.exe [2023-01-28] (Google LLC -> Google LLC)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [182784 2018-03-25] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [159704 2018-03-25] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {923317A8-2671-4B9A-8081-65CBC53C8EB4} - System32\Tasks\{53B35AF0-6B3A-4A0A-BBB3-97A8DE7CFD65} => C:\Drivers\Camera driver(Bison,Chicony,Suyin,Liteon)\Setup.exe [33136 2010-09-02] (Compal Electronics, Inc. -> COMPAL)
Task: {3F64947B-0BFC-4249-8F30-4A4D2AE60BEF} - System32\Tasks\{90CD3027-AF77-49E0-9F3A-AD9891C3106C} => C:\Drivers\Camera driver(Bison,Chicony,Suyin,Liteon)\Setup.exe [33136 2010-09-02] (Compal Electronics, Inc. -> COMPAL)
Task: {18987115-B4F6-4055-80CE-47DBFF185A32} - System32\Tasks\{C966908C-75CA-4106-92A2-F79AA11CA6A1} => C:\Windows\system32\pcalua.exe [9728 2019-06-12] (Microsoft Windows -> Microsoft Corporation) -> -a "C:\Drivers\Camera driver(Bison,Chicony,Suyin,Liteon)\Setup.exe" -d "C:\Drivers\Camera driver(Bison,Chicony,Suyin,Liteon)"
Task: {42CCA8EE-2276-4ADC-8291-ADCD1FD8A02B} - System32\Tasks\{DA1F993B-7319-461F-9278-B9D8AB7812A7} => C:\Windows\system32\pcalua.exe [9728 2019-06-12] (Microsoft Windows -> Microsoft Corporation) -> -a "C:\Program Files\Microsoft Office\root\integration\OneDriveSetup.exe" -d F:\Office -c C:\Program Files\Microsoft Office\root\integration\OneDriveSetup.exe /silent /permachine /silent /childprocess /cusid:S-1-5-21-1201691987-3798675826-3542024472-1000
Task: {27E9919E-F8BB-41C1-9135-683FAE6AF2B0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {6649E94D-1A19-4322-9EAF-C72C6E83F7D9} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-08] (Adobe Inc. -> Adobe)
Task: {C4A2D2B9-1433-4075-A2A6-3A768876FD06} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
Task: {C91BEE1E-BC16-45F7-AC90-22A9E538785E} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5135256 2023-09-28] (Avast Software s.r.o. -> AVAST Software)
Task: {5162A659-4F69-4AA1-8CAE-6BAD8CF61603} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-01] (Avast Software s.r.o. -> Avast Software)
Task: {BEDFC920-770E-437F-8F70-86088733828F} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [275136 2022-07-18] (Bluestack Systems, Inc -> BlueStack Systems, Inc.)
Task: {687E0CF6-F8FC-4078-A71F-F1C2F9569251} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3277472 2023-01-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {2FDAEBD1-A20F-4E82-8071-6B36A9FBFAEB} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3277472 2023-01-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {AE0EEFD8-37C2-4324-A5D1-6B69707EBDC4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {E0947491-92A9-43AD-A3D0-647EE26906B9} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "e12937ae-5955-4604-a50e-a3518a5b1f27" --version "6.17.10746" --silent
Task: {6A4A364E-2141-4984-9051-CD3DB89974B7} - System32\Tasks\CCleanerSkipUAC - Azareth => C:\Program Files\CCleaner\CCleaner.exe [35664800 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {5527D957-AE4A-43E8-A770-2CA166124586} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {B0D29E00-7FE3-45C3-A026-DC0DB6C9D3F1} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {14C505B1-1E44-44B6-8909-D19467D02217} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-27] (Google LLC -> Google LLC)
Task: {9E69560B-BA5E-4D82-B658-B0B8E8297143} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-27] (Google LLC -> Google LLC)
Task: {F0909D45-F39D-4EC9-8184-C4EF1B137CE3} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24614400 2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {FC5E0655-A474-4152-8FB8-C6C1BF377C68} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24614400 2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {949170DE-A988-4FA5-8517-D093D1D4E715} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [160728 2023-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {4AB78676-5E61-45FE-8D86-A668242536B0} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [160728 2023-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0F9C67D-BA7B-4137-AB30-AFA0F1A6B70B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6160864 2023-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {6243AE14-B145-4E7A-96AA-B78E5E77D444} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6160864 2023-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {F03088C5-701F-4D4E-97B1-48A1FCC8F00D} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task (No File)
Task: {93548985-FF8C-4C36-A395-088E1B30D8BC} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [815 2022-11-22] () [File not signed]
Task: {5D5501B6-99BD-46B6-9E9D-C9733642A16F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {E496C2CC-8100-438D-9FF4-305B94A79E58} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1542080 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B6570DB5-E2BE-4C5E-AA47-A2FD4CF1F8B0} - System32\Tasks\NVIDIA GeForceNow_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Users\Azareth\AppData\Local\NVIDIA Corporation\GeForceNOW\CEF\GeForceNOW.exe [3848744 2023-06-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {34366116-F5B1-4C10-BD07-58ADB2E7ADEF} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [960448 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2A174470-37C1-4EC3-915D-8E49BB9E88E8} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [655296 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {808F8A44-EC3C-4BD3-BC62-7546DC571CFF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [655296 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5CDE6BFF-F762-4AEE-B3A3-1925C8751B5A} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436160 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {041946D5-DA89-49A5-AD2F-EEF631429721} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728000 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {84A1BD23-864B-44DE-9E12-5D4DBEEA299A} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728000 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {80B9B50A-1D2B-44F2-9D05-C91080F59169} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [1174016 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{7AC04196-1B18-439A-9168-5D688B3C4E15}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{7AC04196-1B18-439A-9168-5D688B3C4E15}: [DhcpNameServer] 31.30.90.11 31.30.90.12
Edge:
=======
Edge Profile: C:\Users\Azareth\AppData\Local\Microsoft\Edge\User Data\Default [2023-07-07]
FireFox:
========
FF DefaultProfile: 9ckfsfhp.default
FF ProfilePath: C:\Users\Azareth\AppData\Roaming\Mozilla\Firefox\Profiles\9ckfsfhp.default [2020-04-27]
FF ProfilePath: C:\Users\Azareth\AppData\Roaming\Mozilla\Firefox\Profiles\gz5r0ri9.default-release [2023-10-20]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Azareth\AppData\Roaming\Mozilla\Firefox\Profiles\gz5r0ri9.default-release\Extensions\sp@avast.com.xpi [2020-04-27]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-07-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-07-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-04-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2019-07-02] (CANON INC.) [File not signed]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-04-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-10-09] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Azareth\AppData\Local\Google\Chrome\User Data\Default [2023-10-20]
CHR DefaultSearchURL: Default -> hxxps://search.seznam.cz/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> seznam.cz
CHR DefaultSuggestURL: Default -> hxxps://suggest.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Extension: (Dokumenty Google offline) - C:\Users\Azareth\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-30]
CHR Extension: (FormApps Extension) - C:\Users\Azareth\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2022-10-20]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\Azareth\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-01-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Azareth\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-03]
CHR HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
Opera:
=======
OPR Profile: C:\Users\Azareth\AppData\Roaming\Opera Software\Opera Stable [2023-07-07]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 ActiveSMART Service; C:\Program Files (x86)\ActiveSMART 2.12.0\ASmartService.exe [2551544 2020-08-02] (Ariolic Software Ltd -> Ariolic Software, Ltd. (hxxp://www.ariolic.com))
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [9090968 2023-09-28] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [776088 2023-09-28] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [796568 2023-09-28] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-05-20] (Avast Software s.r.o. -> AVAST Software)
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\109.0.19987.122\elevation_service.exe [1802832 2023-01-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11139576 2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2020-08-10] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [445432 2021-04-19] (Canon Inc. -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12835096 2021-01-28] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [28136 2021-03-01] (LAVASOFT SOFTWARE CANADA INC -> ) <==== ATTENTION
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [31528 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [240176 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [392984 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [297992 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [96064 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [39760 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [275168 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [559696 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [23472 2023-04-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [105248 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [80416 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [950696 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [708048 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [213192 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [319560 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [321792 2022-07-18] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 cpuz157; C:\Windows\temp\cpuz157\cpuz157_x64.sys [43016 2023-09-23] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2020-04-28] (DT Soft Ltd -> DT Soft Ltd)
R1 googledrivefs3758; C:\Windows\System32\DRIVERS\googledrivefs3758.sys [386632 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R1 npcap; C:\Windows\System32\DRIVERS\npcap.sys [67536 2023-07-19] (Insecure.Com LLC -> Insecure.Com LLC.)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [513080 2020-04-28] () [File not signed] [File is in use]
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [74048 2020-08-04] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
U3 al7xo9mw; C:\Windows\System32\Drivers\al7xo9mw.sys [0 0000-00-00] (Advanced Micro Devices) <==== ATTENTION [zero byte File/Folder]
U4 npcap_wifi; no ImagePath
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-10-20 13:31 - 2023-10-20 13:32 - 000032316 _____ C:\Users\Azareth\Downloads\FRST.txt
2023-10-17 14:47 - 2023-10-20 13:32 - 000000000 ____D C:\FRST
2023-10-17 14:47 - 2023-10-17 14:47 - 002383360 _____ (Farbar) C:\Users\Azareth\Downloads\FRST64.exe
2023-10-15 20:21 - 2023-10-15 20:30 - 3184589596 _____ C:\Users\Azareth\Downloads\Nepotvrzeno 19152.crdownload
2023-10-14 09:08 - 2023-10-14 09:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2023-10-14 09:05 - 2023-10-14 09:06 - 044112056 _____ (The Git Development Community ) C:\Users\Azareth\Downloads\Git-2.19.2-64-bit.exe
2023-10-12 16:17 - 2023-10-12 16:32 - 012187975 _____ C:\Users\Azareth\Downloads\aircrack-ng-1.7-win.zip
2023-10-12 12:40 - 2023-10-12 12:41 - 001498192 _____ C:\Users\Azareth\Downloads\Osobni dotaznik NAKIT (1).pdf
2023-10-10 12:46 - 2023-10-10 12:46 - 000002263 _____ C:\Users\Azareth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams classic.lnk
2023-10-10 12:46 - 2023-10-10 12:46 - 000002255 _____ C:\Users\Azareth\Desktop\Microsoft Teams classic.lnk
2023-10-10 12:36 - 2023-10-10 13:58 - 001497536 _____ C:\Users\Azareth\Downloads\Osobni dotaznik NAKIT.pdf
2023-10-10 12:15 - 2023-10-10 12:15 - 009010962 _____ C:\Users\Azareth\Downloads\Predpisy NAKIT.zip
2023-10-06 14:53 - 2023-10-06 14:53 - 009841291 _____ C:\Users\Azareth\Downloads\Smlouva CAIS_A.pdf
2023-10-05 23:08 - 2023-10-05 23:08 - 000000000 ____D C:\Users\Azareth\AppData\Local\WinSparkle
2023-10-05 12:22 - 2023-10-05 12:22 - 000195320 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000014042641903.pdf
2023-10-05 12:22 - 2023-10-05 12:22 - 000195311 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000013719355344.pdf
2023-10-05 12:22 - 2023-10-05 12:22 - 000194985 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000013390863630.pdf
2023-10-05 11:32 - 2023-10-05 11:32 - 000497973 _____ C:\Users\Azareth\Downloads\Predpis_zaloh_1_1_2023 (2).pdf
2023-10-04 17:44 - 2023-10-04 17:44 - 000522792 _____ C:\Windows\Minidump\100423-12901-01.dmp
2023-10-02 14:14 - 2023-10-02 14:14 - 000211175 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000013615339957.pdf
2023-10-02 14:14 - 2023-10-02 14:14 - 000211022 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000013941301191.pdf
2023-10-02 14:14 - 2023-10-02 14:14 - 000000162 ____H C:\Users\Azareth\Downloads\~$5108000000002188222113_2000013615339957.pdf
2023-10-02 14:13 - 2023-10-02 14:13 - 000210973 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000013298338381.pdf
2023-09-29 17:25 - 2023-10-15 21:38 - 000003416 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1201691987-3798675826-3542024472-1000
2023-09-29 17:25 - 2023-10-15 21:38 - 000003182 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1201691987-3798675826-3542024472-1000
2023-09-29 17:25 - 2023-09-29 17:25 - 000000000 ____D C:\Users\Azareth\AppData\Local\OneDrive
2023-09-28 09:32 - 2023-09-28 09:32 - 000313240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2023-09-27 20:19 - 2023-09-27 20:19 - 000107770 _____ C:\Users\Azareth\Downloads\DevOps Engineer (5).pdf
2023-09-27 15:13 - 2023-09-27 15:13 - 000107770 _____ C:\Users\Azareth\Downloads\DevOps Engineer (4).pdf
2023-09-26 19:17 - 2023-09-26 19:17 - 036745567 _____ C:\Users\Azareth\Downloads\minikube-installer.exe
2023-09-26 19:17 - 2023-09-26 19:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kubernetes
2023-09-26 19:17 - 2023-09-26 19:17 - 000000000 ____D C:\Program Files\Kubernetes
2023-09-26 14:03 - 2023-09-26 14:03 - 000006260 _____ C:\Users\Azareth\Downloads\BBCPie 23 09 23 Melanie Marie Sauna Temptation XXX 480p MP4-XXX [XC].torrent
2023-09-23 19:53 - 2023-10-02 23:08 - 000000000 ____D C:\Users\Azareth\AppData\Roaming\Wireshark
2023-09-23 19:52 - 2023-10-15 21:38 - 000003100 _____ C:\Windows\system32\Tasks\npcapwatchdog
2023-09-23 19:52 - 2023-09-23 19:52 - 000000000 ____D C:\Windows\SysWOW64\Npcap
2023-09-23 19:52 - 2023-09-23 19:52 - 000000000 ____D C:\Windows\system32\Npcap
2023-09-23 19:52 - 2023-09-23 19:52 - 000000000 ____D C:\Program Files\Npcap
2023-09-23 19:49 - 2023-09-23 19:49 - 000000000 ____D C:\Users\Azareth\Downloads\WiresharkPortable64
2023-09-23 19:47 - 2023-09-23 19:48 - 045811360 _____ (PortableApps.com) C:\Users\Azareth\Downloads\WiresharkPortable64_4.0.8.paf.exe
2023-09-23 19:39 - 2023-09-23 19:39 - 000568128 _____ C:\Windows\Minidump\092323-13384-01.dmp
2023-09-22 14:59 - 2023-09-22 14:59 - 000151405 _____ C:\Users\Azareth\Downloads\Doklad SIPO_202305_8010808982.pdf
2023-09-22 14:59 - 2023-09-22 14:59 - 000151254 _____ C:\Users\Azareth\Downloads\Doklad SIPO_202306_8010808982.pdf
2023-09-22 14:58 - 2023-09-22 14:58 - 000195387 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000013081263080.pdf
2023-09-22 14:58 - 2023-09-22 14:58 - 000195327 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000012762573297.pdf
2023-09-22 14:58 - 2023-09-22 14:58 - 000151414 _____ C:\Users\Azareth\Downloads\Doklad SIPO_202304_8010808982.pdf
2023-09-22 14:57 - 2023-09-22 14:57 - 000195178 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000012422169327.pdf
2023-09-22 12:27 - 2023-09-22 12:27 - 000211158 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000012990785061.pdf
2023-09-22 12:26 - 2023-09-22 12:26 - 000211226 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000012636871118.pdf
2023-09-22 12:24 - 2023-09-22 12:25 - 000211262 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000012333991923.pdf
2023-09-22 12:18 - 2023-09-22 12:19 - 000155471 _____ C:\Users\Azareth\Downloads\Vypis_z_uctu_0-2188222113_z_20230430.pdf
2023-09-21 13:16 - 2023-09-21 13:16 - 000451142 _____ C:\Users\Azareth\Downloads\Predpis_zaloh_1_1_2023 (1).pdf
2023-09-20 17:01 - 2023-09-20 17:01 - 000275025 _____ C:\Users\Azareth\Documents\IMG_20230920_0001.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-10-20 13:05 - 2020-04-27 15:33 - 000000000 ____D C:\Program Files (x86)\Google
2023-10-20 12:46 - 2020-09-23 12:22 - 000000000 ____D C:\Users\Azareth\AppData\Roaming\Microsoft\Teams
2023-10-20 11:36 - 2009-07-14 06:45 - 000024416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2023-10-20 11:36 - 2009-07-14 06:45 - 000024416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2023-10-20 11:33 - 2020-04-27 16:09 - 000668850 _____ C:\Windows\system32\perfh005.dat
2023-10-20 11:33 - 2020-04-27 16:09 - 000141464 _____ C:\Windows\system32\perfc005.dat
2023-10-20 11:33 - 2009-07-14 07:13 - 001583374 _____ C:\Windows\system32\PerfStringBackup.INI
2023-10-20 11:33 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2023-10-20 11:27 - 2023-09-02 10:45 - 000000000 ____D C:\Users\Azareth\AppData\Roaming\uTorrent Web
2023-10-20 11:27 - 2023-06-30 13:11 - 000000000 ____D C:\Program Files (x86)\Steam
2023-10-20 11:27 - 2021-08-19 17:11 - 000000000 ____D C:\Users\Azareth\AppData\Local\BitTorrentHelper
2023-10-20 11:27 - 2020-04-28 17:53 - 000000000 ____D C:\Program Files\CCleaner
2023-10-20 11:27 - 2020-04-27 15:26 - 000356217 _____ C:\Windows\system32\fastboot.set
2023-10-20 11:26 - 2020-10-05 20:56 - 000000000 ___HD C:\ProgramData\ActiveSMART
2023-10-20 11:26 - 2020-04-27 21:13 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2023-10-20 11:26 - 2020-04-27 16:21 - 000000000 ____D C:\ProgramData\Avast Software
2023-10-20 11:26 - 2020-04-27 15:34 - 000000000 ____D C:\ProgramData\NVIDIA
2023-10-20 11:26 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-10-19 17:59 - 2021-05-23 11:45 - 000000000 ____D C:\Users\Azareth\AppData\Local\Avast Software
2023-10-19 17:40 - 2022-10-20 17:40 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-10-19 12:17 - 2022-11-02 13:36 - 000003360 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-10-19 12:17 - 2020-04-28 17:53 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-10-18 11:30 - 2020-11-14 19:57 - 000000400 __RSH C:\ProgramData\ntuser.pol
2023-10-17 19:59 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2023-10-17 13:37 - 2020-04-30 17:09 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2023-10-17 13:36 - 2022-10-31 14:49 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2023-10-15 21:38 - 2023-07-01 16:44 - 000003694 _____ C:\Windows\system32\Tasks\NVIDIA GeForceNow_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-10-15 21:38 - 2022-07-23 11:04 - 000003856 _____ C:\Windows\system32\Tasks\BlueStacksHelper_nxt
2023-10-15 21:38 - 2021-08-19 17:06 - 000002816 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Azareth
2023-10-15 21:38 - 2021-06-20 20:41 - 000003540 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-10-15 21:38 - 2021-06-20 20:41 - 000003412 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-10-15 21:38 - 2020-04-28 17:54 - 000003726 _____ C:\Windows\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2023-10-15 21:38 - 2020-04-28 17:53 - 000003438 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineUA
2023-10-15 21:38 - 2020-04-28 17:53 - 000003310 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineCore
2023-10-15 21:38 - 2020-04-27 19:28 - 000003682 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2023-10-15 21:38 - 2020-04-27 19:28 - 000003554 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2023-10-15 21:38 - 2020-04-27 16:21 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2023-10-14 09:08 - 2020-10-06 21:37 - 000000000 ____D C:\Program Files\Git
2023-10-14 09:08 - 2020-10-06 21:14 - 000000000 ____D C:\ProgramData\Git
2023-10-12 02:57 - 2020-04-30 08:00 - 000000000 ____D C:\Windows\system32\MRT
2023-10-12 02:52 - 2020-04-30 08:00 - 181553176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-10-10 13:53 - 2020-04-28 11:51 - 000000000 ____D C:\Users\Azareth\AppData\Roaming\Microsoft\Word
2023-10-09 18:06 - 2020-04-27 19:17 - 000000000 ____D C:\Users\Azareth\AppData\Local\CrashDumps
2023-10-05 22:22 - 2020-10-26 19:34 - 000000000 ____D C:\Users\Azareth\AppData\Roaming\Code
2023-10-04 17:44 - 2023-07-07 22:55 - 723126580 _____ C:\Windows\MEMORY.DMP
2023-10-04 17:44 - 2020-07-05 09:28 - 000000000 ____D C:\Windows\Minidump
2023-10-02 14:16 - 2020-05-07 08:28 - 000000000 ____D C:\ProgramData\CanonIJPLM
2023-09-29 17:25 - 2020-04-28 09:45 - 000002126 _____ C:\Users\Azareth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2023-09-28 09:32 - 2020-10-15 19:48 - 000275168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000950696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000708048 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000559696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000392984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000319560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000297992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000240176 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000105248 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000096064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000080416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000039760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000031528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000003910 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2023-09-25 14:29 - 2023-08-03 13:38 - 000000905 _____ C:\Users\Public\Desktop\ChatGPT.lnk
2023-09-25 14:29 - 2023-08-03 13:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChatGPT
2023-09-25 14:29 - 2023-08-03 13:38 - 000000000 ____D C:\Program Files\ChatGPT
2023-09-22 15:01 - 2020-11-30 18:02 - 000000000 ____D C:\Users\Azareth\Desktop\Atyla
==================== Files in the root of some directories ========
2020-07-26 16:04 - 2020-07-26 18:45 - 000000128 _____ () C:\Users\Azareth\AppData\Roaming\winscp.rnd
2020-04-28 08:07 - 2020-04-28 08:07 - 000001500 _____ () C:\Users\Azareth\AppData\Local\PDLSetup.20200428.080709.txt
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2023-10-20 00:00
==================== End of FRST.txt ========================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu podezření na nabourání se do PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu podezření na nabourání se do PC
Zdravím!
Spusťte tuto utilitu:¨
Spusťte tuto utilitu:¨
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu podezření na nabourání se do PC
# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-20-2023
# Duration: 00:00:04
# OS: Windows 7 Service Pack 1
# Cleaned: 18
# Failed: 0
***** [ Services ] *****
Deleted WCAssistantService
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Lavasoft\Web Companion
Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted C:\ProgramData\Lavasoft\Web Companion
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted C:\Users\Azareth\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG
Deleted C:\Users\Azareth\AppData\Roaming\Lavasoft\Web Companion
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7dbfba5f-07b8-4adf-942a-d8d2deab819a}|DisplayIcon
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7dbfba5f-07b8-4adf-942a-d8d2deab819a}|DisplayName
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7dbfba5f-07b8-4adf-942a-d8d2deab819a}|UninstallString
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKU\.DEFAULT\Software\Mozilla\NativeMessagingHosts\com.webcompanion.native
Deleted HKU\S-1-5-18\SOFTWARE\Mozilla\NativeMessagingHosts\com.webcompanion.native
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [4204 octets] - [20/10/2023 21:00:24]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-20-2023
# Duration: 00:00:04
# OS: Windows 7 Service Pack 1
# Cleaned: 18
# Failed: 0
***** [ Services ] *****
Deleted WCAssistantService
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Lavasoft\Web Companion
Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted C:\ProgramData\Lavasoft\Web Companion
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted C:\Users\Azareth\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG
Deleted C:\Users\Azareth\AppData\Roaming\Lavasoft\Web Companion
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7dbfba5f-07b8-4adf-942a-d8d2deab819a}|DisplayIcon
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7dbfba5f-07b8-4adf-942a-d8d2deab819a}|DisplayName
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7dbfba5f-07b8-4adf-942a-d8d2deab819a}|UninstallString
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKU\.DEFAULT\Software\Mozilla\NativeMessagingHosts\com.webcompanion.native
Deleted HKU\S-1-5-18\SOFTWARE\Mozilla\NativeMessagingHosts\com.webcompanion.native
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [4204 octets] - [20/10/2023 21:00:24]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu podezření na nabourání se do PC
OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu podezření na nabourání se do PC
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2023
Ran by Azareth (21-10-2023 18:23:31)
Running from C:\Users\Azareth\Downloads
Microsoft Windows 7 Ultimate Service Pack 1 (X64) (2020-04-27 13:25:53)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1201691987-3798675826-3542024472-500 - Administrator - Disabled)
Azareth (S-1-5-21-1201691987-3798675826-3542024472-1000 - Administrator - Enabled) => C:\Users\Azareth
Guest (S-1-5-21-1201691987-3798675826-3542024472-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
µTorrent (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\uTorrent) (Version: 3.5.5.45798 - BitTorrent Inc.)
ActiveSMART (HKLM-x32\...\ActiveSMART) (Version: 2.12.0 - Ariolic Software, Ltd.)
Adobe Acrobat Reader - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 23.006.20360 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AdoptOpenJDK JDK with Hotspot 15.0.0.36 (x64) (HKLM\...\{6FD8794F-74A7-4D10-95C0-0908CFDD571B}) (Version: 15.0.0.36 - AdoptOpenJDK)
Apache NetBeans IDE 12.1 (HKLM\...\nbi-nb-all-12.1.0.0.200825) (Version: 12.1 - Apache NetBeans)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 23.9.6082 - Avast Software)
Backup and Sync from Google (HKLM\...\{696895F7-52C7-4C9E-998B-C7E0CC907092}) (Version: 3.57.4256.0809 - Google, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BitTorrent Web (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\btweb) (Version: 1.3.0 - Rainberry, Inc.)
BlueStacks 5 (HKLM\...\BlueStacks_nxt) (Version: 5.9.0.1062 - BlueStack Systems, Inc.)
BlueStacks X (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\BlueStacks X) (Version: 0.17.1.1 - BlueStack Systems, Inc.)
Broadcom Gigabit Integrated Controller (HKLM\...\{F2205345-FA8D-474F-A2D9-FB31DB9663DF}) (Version: 12.32.01 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.5.1 - Broadcom Corporation)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.0.19 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.3.1.4 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.4.0 - Canon Inc.)
Canon MG3000 series Elektronická příručka (HKLM-x32\...\Canon MG3000 series Elektronická příručka) (Version: 1.3.0 - Canon Inc.)
Canon MG3000 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3000_series) (Version: 1.03 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.4 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.17 - Piriform)
CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 109.0.19987.122 - Autoři prohlížeče CCleaner Browser)
CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1067.0 - Piriform Software) Hidden
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1583.3 - Piriform Software) Hidden
CPUID CPU-Z 2.05 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.05 - CPUID, Inc.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.40.2.0131 - DT Soft Ltd)
DivX Total Pack (HKLM-x32\...\DivX Total Pack) (Version: - )
Docker Toolbox version 19.03.1 (HKLM\...\{FC4417F0-D7F3-48DB-BCE1-F5ED5BAFFD91}_is1) (Version: 19.03.1 - Docker)
Energy Management (HKLM-x32\...\{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.0 - Lenovo) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.0 - Lenovo)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FormApps Signing Extension (HKLM-x32\...\{2ADAFEB7-56C5-497F-8960-67DA46A81838}) (Version: 2.27.0.46 - Software602 a.s.)
Git version 2.19.2 (HKLM\...\Git_is1) (Version: 2.19.2 - The Git Development Community)
GitHub Desktop (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\GitHubDesktop) (Version: 2.7.1 - GitHub, Inc.)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 68.0.2.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 109.0.5414.120 - Google LLC)
ChatGPT (HKLM\...\{DB96D069-D23D-4B36-BC7C-949F4D9B06E7}) (Version: 1.1.0 - lencx)
inSSIDer (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\inSSIDer) (Version: 5.5.0 - MetaGeek, LLC)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
IntelliJ IDEA Community Edition 2021.2.2 (HKLM-x32\...\IntelliJ IDEA Community Edition 2021.2.2) (Version: 212.5284.40 - JetBrains s.r.o.)
Java 8 Update 251 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180251F0}) (Version: 8.0.2510.8 - Oracle Corporation)
Kubernetes - Minikube - A Local Kubernetes Development Environment (HKLM-x32\...\Kubernetes Minikube) (Version: 1.31.2 - Kubernetes)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0333}) (Version: 1.10.1209.1 - Lenovo EasyCamera)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.7 - Lenovo)
Microsoft .NET Framework 4.8 (CSY) (HKLM\...\{39DC4515-B8C1-3AD9-AA88-D7C8A333612F}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{16735AF7-1D8D-3681-94A5-C578A61EC832}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.50 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 109.0.1518.140 - Microsoft Corporation)
Microsoft Office Standard 2016 - cs-cz (HKLM\...\StandardRetail - cs-cz) (Version: 16.0.12527.22286 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Microsoft Power BI Desktop (x64) (HKLM\...\{c60894d7-4f03-4ab0-9087-8f08eaa7e605}) (Version: 2.86.902.0 - Microsoft Corporation) Hidden
Microsoft PowerBI Desktop (x64) (HKLM-x32\...\{faca4f6e-ba68-429d-80e5-6699b9fa8601}) (Version: 2.86.902.0 - Microsoft Corporation)
Microsoft Teams classic (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Teams) (Version: 1.6.00.27573 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.22.27821 (HKLM\...\{6E2C7A8E-B17A-4637-9CE9-F0B1157CF378}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.22.27821 (HKLM\...\{0093C20C-273D-4397-B623-515CB8616CB9}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.22.27821 (HKLM-x32\...\{3BDE80F7-7EC9-448E-8160-4ADA0CDA8879}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.22.27821 (HKLM-x32\...\{1E6FC929-567E-4D22-9206-C5B83F0A21B9}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.70.3 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Npcap (HKLM-x32\...\NpcapInst) (Version: 1.76 - Nmap Project)
NVIDIA 3D Vision Controller Driver (HKLM-x32\...\NVIDIA StereoUSB Driver) (Version: 266.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation)
NVIDIA GeForce NOW 2.0.53.154 (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GeForceNOW) (Version: 2.0.53.154 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12527.22270 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12527.22270 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.12527.22270 - Microsoft Corporation) Hidden
Pilulka (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\7956b9e08e731279722fe8fef4672f96) (Version: 1.0 - Google\Chrome)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 5.0.3.377 - Jan Fiala)
Python 3.8.6 (64-bit) (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\{fef707d7-d438-4dd9-bb0f-5788ee658f4f}) (Version: 3.8.6150.0 - Python Software Foundation)
Python 3.8.6 Add to Path (64-bit) (HKLM\...\{0CD35A78-6567-46C1-BC82-E258D6C3D66C}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python 3.8.6 Core Interpreter (64-bit) (HKLM\...\{DE282FFC-F4AD-416A-8479-F3C72F94C967}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python 3.8.6 Development Libraries (64-bit) (HKLM\...\{59704C10-77A1-4D72-A97B-8FB2A933985B}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python 3.8.6 Documentation (64-bit) (HKLM\...\{558E2EFE-87D5-4E3F-B050-D4DEC548EA02}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python 3.8.6 Executables (64-bit) (HKLM\...\{7F55BD37-4437-47EE-8C82-3103E19DB114}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python 3.8.6 pip Bootstrap (64-bit) (HKLM\...\{28B1EC39-1C9F-482C-BFF7-4D347CE5ADED}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python 3.8.6 Standard Library (64-bit) (HKLM\...\{04BA74DE-13BE-477C-8FE5-19F247C0D555}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python 3.8.6 Tcl/Tk Support (64-bit) (HKLM\...\{79C40B8F-BC99-4FFF-8E1E-F05D246E772C}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python 3.8.6 Test Suite (64-bit) (HKLM\...\{3968C4C7-904D-4571-BC22-1CD8B87549D7}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python 3.8.6 Utility Scripts (64-bit) (HKLM\...\{0A041F8F-4124-46CC-B021-AB8E70A873EC}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{3B82A91D-DB48-4160-94D2-0B8C6D2B1710}) (Version: 3.8.7205.0 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6339 - Realtek Semiconductor Corp.)
REDlauncher (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - GOG.com)
Registrace uživatele zařízení Canon MG3000 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG3000 series) (Version: - Canon Inc.)
Skype verze 8.67 (HKLM-x32\...\Skype_is1) (Version: 8.67 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
StarLeaf (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\StarLeaf) (Version: - StarLeaf)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.3 - TeamSpeak Systems GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.14.5 - TeamViewer)
uTorrent Web (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\utweb) (Version: 1.3.0 - Rainberry, Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Windows Driver Package - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo)
WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)
WinSCP 5.17.7 (HKLM-x32\...\winscp3_is1) (Version: 5.17.7 - Martin Prikryl)
Wondershare Filmora 12(Build 12.3.7.2586) (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Wondershare Filmora 12_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
XAMPP (HKLM\...\xampp) (Version: 7.4.11-0 - Bitnami)
Zoom (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\ZoomUMX) (Version: 5.10.4 (5035) - Zoom Video Communications, Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1201691987-3798675826-3542024472-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Azareth\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll => No File
CustomCLSID: HKU\S-1-5-21-1201691987-3798675826-3542024472-1000_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Azareth\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.23241.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1201691987-3798675826-3542024472-1000_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2023-01-11] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2023-01-11] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2023-01-11] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2023-01-11] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-09-28] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-09-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-09-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2023-01-11] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-09-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2023-01-11] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2023-01-11] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-06-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-09-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-1201691987-3798675826-3542024472-1000: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\SysWOW64\DivXa32.acm [291408 2000-04-01] (Hacked With Joy !) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Azareth\Desktop\Jitsi Meet.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=jlaadppkhiohgnkipndimgjkoeifjhfm
ShortcutWithArgument: C:\Users\Azareth\Desktop\Pilulka.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hpdppkdegfmnmgbgceebhigdehgbingn
ShortcutWithArgument: C:\Users\Azareth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Jitsi Meet.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=jlaadppkhiohgnkipndimgjkoeifjhfm
ShortcutWithArgument: C:\Users\Azareth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Pilulka.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hpdppkdegfmnmgbgceebhigdehgbingn
==================== Loaded Modules (Whitelisted) =============
2023-08-17 15:17 - 2016-07-21 10:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2023-08-17 15:17 - 2017-09-12 10:34 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2023-10-21 16:45 - 2023-10-21 16:45 - 000114176 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\_ctypes.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000172544 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\_elementtree.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 002255872 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\_hashlib.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000032256 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\_multiprocessing.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000046080 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\_psutil_windows.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000047616 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\_socket.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 002825216 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\_ssl.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000026112 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\_yappi.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000080896 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\bz2.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000015872 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\common.time34.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000007680 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\hashobjs_ext.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000301568 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\PIL._imaging.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000168448 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\pyexpat.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 001084416 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\pysqlite2._sqlite.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000548864 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\pythoncom27.dll
2023-10-21 16:45 - 2023-10-21 16:45 - 000137728 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\pywintypes27.dll
2023-10-21 16:45 - 2023-10-21 16:45 - 000010752 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\select.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000020992 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\thumbnails_ext.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000689664 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\unicodedata.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000119808 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\usb_ext.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000128512 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\win32api.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000438784 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\win32com.shell.shell.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000011776 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\win32crypt.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000023040 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\win32event.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000149504 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\win32file.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000223232 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\win32gui.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000048128 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\win32inet.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000029696 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\win32pdh.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000027648 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\win32pipe.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000044032 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\win32process.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000020480 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\win32profile.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000136192 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\win32security.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000026624 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\win32ts.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000034304 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\windows.conditional.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000037888 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\windows.connectivity.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000071680 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\windows.device_monitor.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000103936 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\windows.volumes.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000019968 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\windows.winwrap.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 001325056 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\wx._controls_.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 001489408 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\wx._core_.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 001007104 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\wx._gdi_.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000103424 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\wx._html2.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000916992 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\wx._misc_.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 001039872 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\wx._windows_.pyd
2023-08-06 23:51 - 2023-08-06 23:51 - 001490944 _____ () [File not signed] C:\Users\Azareth\AppData\Roaming\uTorrent Web\avcodec-58.dll
2023-08-06 23:51 - 2023-08-06 23:51 - 000949248 _____ () [File not signed] C:\Users\Azareth\AppData\Roaming\uTorrent Web\avformat-58.dll
2023-08-06 23:51 - 2023-08-06 23:51 - 000635392 _____ () [File not signed] C:\Users\Azareth\AppData\Roaming\uTorrent Web\avutil-56.dll
2023-08-06 23:51 - 2023-08-06 23:51 - 000153088 _____ () [File not signed] C:\Users\Azareth\AppData\Roaming\uTorrent Web\swresample-3.dll
2020-05-07 08:33 - 2017-07-05 13:49 - 000593920 _____ (CANON INC.) [File not signed] [File is in use] C:\Program Files (x86)\Canon\Quick Menu\CNQMMWRP.dll
2022-01-27 12:15 - 2015-06-17 17:01 - 000008192 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_CSY.DLL
2022-01-27 12:15 - 2015-06-17 17:00 - 000104960 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_IMG.dll
2020-05-07 08:33 - 2017-07-05 13:43 - 000561152 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\Quick Menu\CCL.dll
2021-11-07 17:52 - 2021-11-07 17:52 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2021-11-07 17:52 - 2021-11-07 17:52 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2021-11-07 17:52 - 2021-11-07 17:52 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2021-11-07 17:52 - 2021-11-07 17:52 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2021-11-07 17:52 - 2021-11-07 17:52 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2021-11-07 17:52 - 2021-11-07 17:52 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2021-11-07 17:52 - 2021-11-07 17:52 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll
2021-11-07 17:52 - 2021-11-07 17:52 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll
2021-11-07 17:52 - 2021-11-07 17:52 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2021-11-07 17:52 - 2021-11-07 17:52 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2021-11-07 17:52 - 2021-11-07 17:52 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\msvcp140.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\MSVCP140.dll
2021-11-07 17:52 - 2021-11-07 17:52 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\ucrtbase.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\ucrtbase.DLL
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\ucrtbase.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\ucrtbase.DLL
2021-11-07 17:52 - 2021-11-07 17:52 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\vcruntime140.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\VCRUNTIME140.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\vcruntime140.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\VCRUNTIME140.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\vcruntime140_1.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\VCRUNTIME140_1.dll
2023-10-21 16:45 - 2023-10-21 16:45 - 003043328 _____ (Python Software Foundation) [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\python27.dll
2023-08-06 23:51 - 2023-08-06 23:51 - 002554880 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Users\Azareth\AppData\Roaming\uTorrent Web\libcrypto-1_1.dll
2023-08-06 23:51 - 2023-08-06 23:51 - 000537600 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Users\Azareth\AppData\Roaming\uTorrent Web\libssl-1_1.dll
2023-08-17 15:17 - 2017-09-12 10:36 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll
2023-10-21 16:45 - 2023-10-21 16:45 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\wxbase30u_net_vc90_x64.dll
2023-10-21 16:45 - 2023-10-21 16:45 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\wxbase30u_vc90_x64.dll
2023-10-21 16:45 - 2023-10-21 16:45 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\wxmsw30u_adv_vc90_x64.dll
2023-10-21 16:45 - 2023-10-21 16:45 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\wxmsw30u_core_vc90_x64.dll
2023-10-21 16:45 - 2023-10-21 16:45 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\wxmsw30u_html_vc90_x64.dll
2023-10-21 16:45 - 2023-10-21 16:45 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\wxmsw30u_webview_vc90_x64.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:B755D674 [134]
AlternateDataStreams: C:\Users\Azareth\Application Data:6699d3ee8dd9cf775caae782c8f44f03 [394]
AlternateDataStreams: C:\Users\Azareth\AppData\Roaming:6699d3ee8dd9cf775caae782c8f44f03 [394]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [490]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Version 11) (Whitelisted) ==========
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_251\bin\ssv.dll [2020-07-08] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2021-07-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-07-08] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-04-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2021-07-19] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-20] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\localhost -> localhost
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\AdoptOpenJDK\jdk-15.0.0.36-hotspot\bin;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Git\cmd
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Azareth\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 1.1.1.1 - 1.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: ) (ConsentPromptBehaviorUser: ) (EnableLUA: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{C3D0169D-E423-43B2-A9F1-82D90F808499}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{268EA943-A9F5-4B03-BC00-58EE35917216}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4463F500-2E0E-4F6F-8317-41CF5057EB01}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EEB87C4F-A862-4427-BD38-98C097439763}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{40B8E80C-C3FE-43BA-8A78-E56D8390219D}C:\users\azareth\desktop\utorrent\utorrent.exe] => (Allow) C:\users\azareth\desktop\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{64E36E68-B8EE-40AA-9C6C-123EADC1BBC5}C:\users\azareth\desktop\utorrent\utorrent.exe] => (Allow) C:\users\azareth\desktop\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{DEA8167A-1DD6-4FC4-B907-31D1B99F3F0B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{29FE9DDE-2341-4A34-8D18-1770CD73DC70}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{85B1774B-9F32-445F-B1C3-7C4BFF611B67}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{457DDB9B-5BCC-4189-A55A-44AF713435BA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{E69DB11A-1521-488C-A187-1B3F8E6B3C25}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{66EC055D-F17B-4856-8DA8-AD5C3D757A12}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1BE4A71F-AD12-4F0C-BD72-74758AD786D2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B9BF44AF-E01A-42B5-92FA-EFC16537B726}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B069DFCE-538A-4B1E-A017-4A553267608F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{5E3F6726-D520-408B-9250-22675EAB349A}C:\users\azareth\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\azareth\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{E60BE4A2-1AAE-46FC-81A2-E36E43A8835E}C:\users\azareth\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\azareth\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{F2D8D5DB-01E4-40D3-B147-87AC027934FC}C:\users\azareth\desktop\teamspeak3-server_win64\ts3server.exe] => (Allow) C:\users\azareth\desktop\teamspeak3-server_win64\ts3server.exe (TeamSpeak Systems GmbH -> TeamSpeak Systems GmbH)
FirewallRules: [UDP Query User{8BCC844E-D4D4-4748-AEE0-7DBFB89AC5F9}C:\users\azareth\desktop\teamspeak3-server_win64\ts3server.exe] => (Allow) C:\users\azareth\desktop\teamspeak3-server_win64\ts3server.exe (TeamSpeak Systems GmbH -> TeamSpeak Systems GmbH)
FirewallRules: [TCP Query User{E84DCF75-7CEC-455D-88A4-83108691E79F}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [UDP Query User{047E92EF-36A3-4441-B0F9-1A06FD0C5A9C}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [{06C84385-989D-4978-B3E2-D70937FF0E5D}] => (Allow) LPort=80
FirewallRules: [{7253B2E0-BDED-4CBF-AC8B-26085B50EFC4}] => (Allow) C:\xampp\xampp_start.exe (Apache Friends) [File not signed]
FirewallRules: [{686E685E-6D13-4B46-A210-CE0F2303876F}] => (Allow) C:\xampp\xampp_start.exe (Apache Friends) [File not signed]
FirewallRules: [{5315001D-1954-4B22-9BA6-285801726CCE}] => (Allow) C:\Users\Azareth\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{E323FD69-B750-4D16-BA26-5B79559194C2}] => (Allow) C:\Program Files\Microsoft Power BI Desktop\bin\msmdsrv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{55B5EFDC-96FC-46E2-B2A0-183A8BA12BFE}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9AB48081-31EB-4932-9AF1-CB654AA10E54}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C2D306FA-F535-49A2-B4FE-01D77D0764CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{F2F0CAFB-F961-423C-B600-B30790B57C30}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [TCP Query User{81E48AEF-C282-450A-9864-449D2F2D78B9}C:\program files\ascension launcher\ascension launcher.exe] => (Allow) C:\program files\ascension launcher\ascension launcher.exe => No File
FirewallRules: [UDP Query User{7724F964-2B78-43A9-8420-BDC72F05B43D}C:\program files\ascension launcher\ascension launcher.exe] => (Allow) C:\program files\ascension launcher\ascension launcher.exe => No File
FirewallRules: [{8F4A44DA-32E8-4D56-B293-618094546E94}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0EFD3AC2-E653-4DD7-A984-97C670C66D98}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7F7706E0-7590-47DC-9E6E-0A825F6EA77E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{12850751-BA5C-42A2-9788-4AAA6ED97C8A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F0513F4D-4AFA-437E-9637-0559A706D8C9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{8CD2F793-F1DA-4C7C-8FB9-C707F2DD68A5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A504E568-F569-40C2-B523-9E1C09520060}] => (Allow) C:\Users\Azareth\AppData\Local\StarLeaf\StarLeaf\1\StarLeafc.exe (StarLeaf Ltd -> StarLeaf Ltd.)
FirewallRules: [{77C1F7EF-8F66-4AA3-8DD9-CE80E5649313}] => (Allow) C:\Users\Azareth\AppData\Local\StarLeaf\StarLeaf\2\StarLeafc.exe (StarLeaf Ltd -> StarLeaf Ltd.)
FirewallRules: [{3CFF67EF-872A-46BB-9F6C-B26C03760541}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{068762B1-7D91-4A67-BBC7-2A1668DB12E8}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{5DEC74BC-F458-4274-91DB-D7CA5F479AEA}] => (Allow) C:\Users\Azareth\AppData\Roaming\BitTorrent Web\btweb.exe => No File
FirewallRules: [{31036023-DD38-41B3-96E9-B8904E31A245}] => (Allow) C:\Users\Azareth\AppData\Roaming\BitTorrent Web\btweb.exe => No File
FirewallRules: [{233F3575-972F-4593-95FC-1E8D110CA082}] => (Allow) C:\Users\Azareth\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{F7F01701-40F2-44E4-91FF-77F2E2B82866}] => (Allow) C:\Users\Azareth\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{A4214290-C2BE-4605-84F6-1F0E7C06FC14}] => (Allow) C:\Users\Azareth\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{C573431D-6297-4F10-B463-D4F0B5C2DE2C}C:\users\azareth\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\azareth\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{7FF8DEC8-397B-43C5-8DD7-63C5D0E7EFC6}C:\users\azareth\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\azareth\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{07EAE3FA-5D2B-4831-B0F1-5C5B9F8D240E}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.)
FirewallRules: [{1BC5E4DC-689F-40EC-9C25-A32A7689C132}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.)
FirewallRules: [{489A8295-0D52-4BF4-A054-A50E523A7C48}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe (Bluestack Systems, Inc -> BlueStack Systems)
FirewallRules: [{3355ECED-70C8-42EE-8215-BF7719056904}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{687AE984-3D1B-4D23-BE0D-344FD74BF811}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FirewallRules: [{FE68F7C5-FE57-4FFE-834F-EF01D6571919}] => (Allow) C:\Users\Azareth\AppData\Roaming\BitTorrent Web\btweb.exe => No File
FirewallRules: [{75B11104-2A44-48ED-BA37-ED62A780A296}] => (Allow) C:\Users\Azareth\AppData\Roaming\BitTorrent Web\btweb.exe => No File
FirewallRules: [TCP Query User{0D1B9709-71ED-4A82-AFF0-EBC6AF4D8B1A}C:\users\azareth\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\azareth\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{B8821249-2A57-4F8B-8881-0CF245F0AE01}C:\users\azareth\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\azareth\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EF5D316F-A085-4A2B-AAAA-0A9E42486166}] => (Allow) C:\Users\Azareth\AppData\Roaming\uTorrent Web\utweb.exe (Rainberry Inc -> BitTorrent Inc.)
FirewallRules: [{FBE1976B-05A5-4F39-95EE-D6F99F386EE1}] => (Allow) C:\Users\Azareth\AppData\Roaming\uTorrent Web\utweb.exe (Rainberry Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{9456E5CE-8F7F-42B8-8A26-6793EB108529}C:\program files\jetbrains\intellij idea community edition 2021.2.2\jbr\bin\java.exe] => (Allow) C:\program files\jetbrains\intellij idea community edition 2021.2.2\jbr\bin\java.exe
FirewallRules: [UDP Query User{28270238-FA7E-484E-9110-3083CC87C683}C:\program files\jetbrains\intellij idea community edition 2021.2.2\jbr\bin\java.exe] => (Allow) C:\program files\jetbrains\intellij idea community edition 2021.2.2\jbr\bin\java.exe
FirewallRules: [{A7723DCC-7340-40D3-BA86-A2CB3710DD42}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.140\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
06-10-2023 16:12:33 Scheduled Checkpoint
12-10-2023 02:52:21 Windows Update
20-10-2023 00:07:39 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
Name: VirtualBox Bridged Networking Driver Miniport #7
Description: VirtualBox Bridged Networking Driver Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetFlt
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (10/21/2023 04:45:43 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Lenovo\Boot Optimizer\MFC80UD.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (10/21/2023 09:11:38 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Lenovo\Boot Optimizer\MFC80UD.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (10/20/2023 11:26:18 PM) (Source: Software Protection Platform Service) (EventID: 1001) (User: )
Description: Spuštění služby Ochrana softwaru se nezdařilo. 0xD000010A
6.1.7601.17514
Error: (10/20/2023 11:26:18 PM) (Source: Software Protection Platform Service) (EventID: 1001) (User: )
Description: Spuštění služby Ochrana softwaru se nezdařilo. 0xD000010A
6.1.7601.17514
Error: (10/20/2023 11:26:13 PM) (Source: Software Protection Platform Service) (EventID: 1001) (User: )
Description: Spuštění služby Ochrana softwaru se nezdařilo. 0xD000010A
6.1.7601.17514
Error: (10/20/2023 11:26:12 PM) (Source: Software Protection Platform Service) (EventID: 1001) (User: )
Description: Spuštění služby Ochrana softwaru se nezdařilo. 0xD000010A
6.1.7601.17514
Error: (10/20/2023 11:26:12 PM) (Source: Software Protection Platform Service) (EventID: 1001) (User: )
Description: Spuštění služby Ochrana softwaru se nezdařilo. 0xD000010A
6.1.7601.17514
Error: (10/20/2023 06:01:38 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Lenovo\Boot Optimizer\MFC80UD.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
System errors:
=============
Error: (10/21/2023 06:26:52 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} se v daném časovém limitu neregistroval u služby DCOM.
Error: (10/21/2023 04:46:38 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Launch pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (Using LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/21/2023 04:45:48 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 80.
Error: (10/21/2023 04:45:46 PM) (Source: sptd) (EventID: 4) (User: )
Description: Ovladač zjistil interní chybu ve vlastní struktuře dat u .
Error: (10/21/2023 09:12:37 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Launch pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (Using LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/21/2023 09:11:44 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 80.
Error: (10/21/2023 09:11:41 AM) (Source: sptd) (EventID: 4) (User: )
Description: Ovladač zjistil interní chybu ve vlastní struktuře dat u .
Error: (10/21/2023 09:11:41 AM) (Source: sptd) (EventID: 4) (User: )
Description: Ovladač zjistil interní chybu ve vlastní struktuře dat u .
==================== Memory info ===========================
BIOS: LENOVO 47CN30WW(V2.08) 08/01/2011
Motherboard: LENOVO Base Board Product Name
Processor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Percentage of memory in use: 88%
Total physical RAM: 8135.86 MB
Available physical RAM: 974.77 MB
Total Virtual: 16269.86 MB
Available Virtual: 4589.45 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:223.47 GB) (Free:9.83 GB) (Model: KINGSTON SA400S37240G ATA Device) NTFS
Drive d: () (Fixed) (Total:29.82 GB) (Free:3.02 GB) (Model: SAMSUNG MMCRE32GEDXP-MVBL1 ATA Device) NTFS
\\?\Volume{0c0fbdce-888a-11ea-afec-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: E1E2FABC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (Size: 29.8 GB) (Disk ID: 6A205247)
No partition Table on disk 1.
==================== End of Addition.txt =======================
Ran by Azareth (21-10-2023 18:23:31)
Running from C:\Users\Azareth\Downloads
Microsoft Windows 7 Ultimate Service Pack 1 (X64) (2020-04-27 13:25:53)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1201691987-3798675826-3542024472-500 - Administrator - Disabled)
Azareth (S-1-5-21-1201691987-3798675826-3542024472-1000 - Administrator - Enabled) => C:\Users\Azareth
Guest (S-1-5-21-1201691987-3798675826-3542024472-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
µTorrent (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\uTorrent) (Version: 3.5.5.45798 - BitTorrent Inc.)
ActiveSMART (HKLM-x32\...\ActiveSMART) (Version: 2.12.0 - Ariolic Software, Ltd.)
Adobe Acrobat Reader - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 23.006.20360 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AdoptOpenJDK JDK with Hotspot 15.0.0.36 (x64) (HKLM\...\{6FD8794F-74A7-4D10-95C0-0908CFDD571B}) (Version: 15.0.0.36 - AdoptOpenJDK)
Apache NetBeans IDE 12.1 (HKLM\...\nbi-nb-all-12.1.0.0.200825) (Version: 12.1 - Apache NetBeans)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 23.9.6082 - Avast Software)
Backup and Sync from Google (HKLM\...\{696895F7-52C7-4C9E-998B-C7E0CC907092}) (Version: 3.57.4256.0809 - Google, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BitTorrent Web (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\btweb) (Version: 1.3.0 - Rainberry, Inc.)
BlueStacks 5 (HKLM\...\BlueStacks_nxt) (Version: 5.9.0.1062 - BlueStack Systems, Inc.)
BlueStacks X (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\BlueStacks X) (Version: 0.17.1.1 - BlueStack Systems, Inc.)
Broadcom Gigabit Integrated Controller (HKLM\...\{F2205345-FA8D-474F-A2D9-FB31DB9663DF}) (Version: 12.32.01 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.5.1 - Broadcom Corporation)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.0.19 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.3.1.4 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.4.0 - Canon Inc.)
Canon MG3000 series Elektronická příručka (HKLM-x32\...\Canon MG3000 series Elektronická příručka) (Version: 1.3.0 - Canon Inc.)
Canon MG3000 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3000_series) (Version: 1.03 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.4 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.17 - Piriform)
CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 109.0.19987.122 - Autoři prohlížeče CCleaner Browser)
CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1067.0 - Piriform Software) Hidden
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1583.3 - Piriform Software) Hidden
CPUID CPU-Z 2.05 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.05 - CPUID, Inc.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.40.2.0131 - DT Soft Ltd)
DivX Total Pack (HKLM-x32\...\DivX Total Pack) (Version: - )
Docker Toolbox version 19.03.1 (HKLM\...\{FC4417F0-D7F3-48DB-BCE1-F5ED5BAFFD91}_is1) (Version: 19.03.1 - Docker)
Energy Management (HKLM-x32\...\{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.0 - Lenovo) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.0 - Lenovo)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FormApps Signing Extension (HKLM-x32\...\{2ADAFEB7-56C5-497F-8960-67DA46A81838}) (Version: 2.27.0.46 - Software602 a.s.)
Git version 2.19.2 (HKLM\...\Git_is1) (Version: 2.19.2 - The Git Development Community)
GitHub Desktop (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\GitHubDesktop) (Version: 2.7.1 - GitHub, Inc.)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 68.0.2.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 109.0.5414.120 - Google LLC)
ChatGPT (HKLM\...\{DB96D069-D23D-4B36-BC7C-949F4D9B06E7}) (Version: 1.1.0 - lencx)
inSSIDer (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\inSSIDer) (Version: 5.5.0 - MetaGeek, LLC)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
IntelliJ IDEA Community Edition 2021.2.2 (HKLM-x32\...\IntelliJ IDEA Community Edition 2021.2.2) (Version: 212.5284.40 - JetBrains s.r.o.)
Java 8 Update 251 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180251F0}) (Version: 8.0.2510.8 - Oracle Corporation)
Kubernetes - Minikube - A Local Kubernetes Development Environment (HKLM-x32\...\Kubernetes Minikube) (Version: 1.31.2 - Kubernetes)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0333}) (Version: 1.10.1209.1 - Lenovo EasyCamera)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.7 - Lenovo)
Microsoft .NET Framework 4.8 (CSY) (HKLM\...\{39DC4515-B8C1-3AD9-AA88-D7C8A333612F}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{16735AF7-1D8D-3681-94A5-C578A61EC832}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.50 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 109.0.1518.140 - Microsoft Corporation)
Microsoft Office Standard 2016 - cs-cz (HKLM\...\StandardRetail - cs-cz) (Version: 16.0.12527.22286 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Microsoft Power BI Desktop (x64) (HKLM\...\{c60894d7-4f03-4ab0-9087-8f08eaa7e605}) (Version: 2.86.902.0 - Microsoft Corporation) Hidden
Microsoft PowerBI Desktop (x64) (HKLM-x32\...\{faca4f6e-ba68-429d-80e5-6699b9fa8601}) (Version: 2.86.902.0 - Microsoft Corporation)
Microsoft Teams classic (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Teams) (Version: 1.6.00.27573 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.22.27821 (HKLM\...\{6E2C7A8E-B17A-4637-9CE9-F0B1157CF378}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.22.27821 (HKLM\...\{0093C20C-273D-4397-B623-515CB8616CB9}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.22.27821 (HKLM-x32\...\{3BDE80F7-7EC9-448E-8160-4ADA0CDA8879}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.22.27821 (HKLM-x32\...\{1E6FC929-567E-4D22-9206-C5B83F0A21B9}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.70.3 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Npcap (HKLM-x32\...\NpcapInst) (Version: 1.76 - Nmap Project)
NVIDIA 3D Vision Controller Driver (HKLM-x32\...\NVIDIA StereoUSB Driver) (Version: 266.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation)
NVIDIA GeForce NOW 2.0.53.154 (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GeForceNOW) (Version: 2.0.53.154 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12527.22270 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12527.22270 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.12527.22270 - Microsoft Corporation) Hidden
Pilulka (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\7956b9e08e731279722fe8fef4672f96) (Version: 1.0 - Google\Chrome)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 5.0.3.377 - Jan Fiala)
Python 3.8.6 (64-bit) (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\{fef707d7-d438-4dd9-bb0f-5788ee658f4f}) (Version: 3.8.6150.0 - Python Software Foundation)
Python 3.8.6 Add to Path (64-bit) (HKLM\...\{0CD35A78-6567-46C1-BC82-E258D6C3D66C}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python 3.8.6 Core Interpreter (64-bit) (HKLM\...\{DE282FFC-F4AD-416A-8479-F3C72F94C967}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python 3.8.6 Development Libraries (64-bit) (HKLM\...\{59704C10-77A1-4D72-A97B-8FB2A933985B}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python 3.8.6 Documentation (64-bit) (HKLM\...\{558E2EFE-87D5-4E3F-B050-D4DEC548EA02}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python 3.8.6 Executables (64-bit) (HKLM\...\{7F55BD37-4437-47EE-8C82-3103E19DB114}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python 3.8.6 pip Bootstrap (64-bit) (HKLM\...\{28B1EC39-1C9F-482C-BFF7-4D347CE5ADED}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python 3.8.6 Standard Library (64-bit) (HKLM\...\{04BA74DE-13BE-477C-8FE5-19F247C0D555}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python 3.8.6 Tcl/Tk Support (64-bit) (HKLM\...\{79C40B8F-BC99-4FFF-8E1E-F05D246E772C}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python 3.8.6 Test Suite (64-bit) (HKLM\...\{3968C4C7-904D-4571-BC22-1CD8B87549D7}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python 3.8.6 Utility Scripts (64-bit) (HKLM\...\{0A041F8F-4124-46CC-B021-AB8E70A873EC}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{3B82A91D-DB48-4160-94D2-0B8C6D2B1710}) (Version: 3.8.7205.0 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6339 - Realtek Semiconductor Corp.)
REDlauncher (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - GOG.com)
Registrace uživatele zařízení Canon MG3000 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG3000 series) (Version: - Canon Inc.)
Skype verze 8.67 (HKLM-x32\...\Skype_is1) (Version: 8.67 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
StarLeaf (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\StarLeaf) (Version: - StarLeaf)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.3 - TeamSpeak Systems GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.14.5 - TeamViewer)
uTorrent Web (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\utweb) (Version: 1.3.0 - Rainberry, Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Windows Driver Package - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo)
WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)
WinSCP 5.17.7 (HKLM-x32\...\winscp3_is1) (Version: 5.17.7 - Martin Prikryl)
Wondershare Filmora 12(Build 12.3.7.2586) (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Wondershare Filmora 12_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
XAMPP (HKLM\...\xampp) (Version: 7.4.11-0 - Bitnami)
Zoom (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\ZoomUMX) (Version: 5.10.4 (5035) - Zoom Video Communications, Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1201691987-3798675826-3542024472-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Azareth\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll => No File
CustomCLSID: HKU\S-1-5-21-1201691987-3798675826-3542024472-1000_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Azareth\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.23241.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1201691987-3798675826-3542024472-1000_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2023-01-11] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2023-01-11] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2023-01-11] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2023-01-11] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-09-28] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-09-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-09-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2023-01-11] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-09-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2023-01-11] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2023-01-11] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-06-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-09-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-1201691987-3798675826-3542024472-1000: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\SysWOW64\DivXa32.acm [291408 2000-04-01] (Hacked With Joy !) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Azareth\Desktop\Jitsi Meet.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=jlaadppkhiohgnkipndimgjkoeifjhfm
ShortcutWithArgument: C:\Users\Azareth\Desktop\Pilulka.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hpdppkdegfmnmgbgceebhigdehgbingn
ShortcutWithArgument: C:\Users\Azareth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Jitsi Meet.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=jlaadppkhiohgnkipndimgjkoeifjhfm
ShortcutWithArgument: C:\Users\Azareth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Pilulka.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hpdppkdegfmnmgbgceebhigdehgbingn
==================== Loaded Modules (Whitelisted) =============
2023-08-17 15:17 - 2016-07-21 10:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2023-08-17 15:17 - 2017-09-12 10:34 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2023-10-21 16:45 - 2023-10-21 16:45 - 000114176 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\_ctypes.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000172544 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\_elementtree.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 002255872 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\_hashlib.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000032256 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\_multiprocessing.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000046080 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\_psutil_windows.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000047616 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\_socket.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 002825216 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\_ssl.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000026112 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\_yappi.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000080896 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\bz2.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000015872 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\common.time34.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000007680 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\hashobjs_ext.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000301568 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\PIL._imaging.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000168448 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\pyexpat.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 001084416 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\pysqlite2._sqlite.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000548864 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\pythoncom27.dll
2023-10-21 16:45 - 2023-10-21 16:45 - 000137728 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\pywintypes27.dll
2023-10-21 16:45 - 2023-10-21 16:45 - 000010752 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\select.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000020992 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\thumbnails_ext.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000689664 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\unicodedata.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000119808 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\usb_ext.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000128512 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\win32api.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000438784 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\win32com.shell.shell.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000011776 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\win32crypt.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000023040 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\win32event.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000149504 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\win32file.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000223232 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\win32gui.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000048128 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\win32inet.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000029696 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\win32pdh.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000027648 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\win32pipe.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000044032 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\win32process.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000020480 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\win32profile.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000136192 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\win32security.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000026624 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\win32ts.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000034304 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\windows.conditional.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000037888 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\windows.connectivity.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000071680 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\windows.device_monitor.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000103936 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\windows.volumes.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000019968 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\windows.winwrap.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 001325056 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\wx._controls_.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 001489408 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\wx._core_.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 001007104 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\wx._gdi_.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000103424 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\wx._html2.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000916992 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\wx._misc_.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 001039872 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\wx._windows_.pyd
2023-08-06 23:51 - 2023-08-06 23:51 - 001490944 _____ () [File not signed] C:\Users\Azareth\AppData\Roaming\uTorrent Web\avcodec-58.dll
2023-08-06 23:51 - 2023-08-06 23:51 - 000949248 _____ () [File not signed] C:\Users\Azareth\AppData\Roaming\uTorrent Web\avformat-58.dll
2023-08-06 23:51 - 2023-08-06 23:51 - 000635392 _____ () [File not signed] C:\Users\Azareth\AppData\Roaming\uTorrent Web\avutil-56.dll
2023-08-06 23:51 - 2023-08-06 23:51 - 000153088 _____ () [File not signed] C:\Users\Azareth\AppData\Roaming\uTorrent Web\swresample-3.dll
2020-05-07 08:33 - 2017-07-05 13:49 - 000593920 _____ (CANON INC.) [File not signed] [File is in use] C:\Program Files (x86)\Canon\Quick Menu\CNQMMWRP.dll
2022-01-27 12:15 - 2015-06-17 17:01 - 000008192 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_CSY.DLL
2022-01-27 12:15 - 2015-06-17 17:00 - 000104960 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_IMG.dll
2020-05-07 08:33 - 2017-07-05 13:43 - 000561152 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\Quick Menu\CCL.dll
2021-11-07 17:52 - 2021-11-07 17:52 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2021-11-07 17:52 - 2021-11-07 17:52 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2021-11-07 17:52 - 2021-11-07 17:52 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2021-11-07 17:52 - 2021-11-07 17:52 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2021-11-07 17:52 - 2021-11-07 17:52 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2021-11-07 17:52 - 2021-11-07 17:52 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2021-11-07 17:52 - 2021-11-07 17:52 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll
2021-11-07 17:52 - 2021-11-07 17:52 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll
2021-11-07 17:52 - 2021-11-07 17:52 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2021-11-07 17:52 - 2021-11-07 17:52 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2021-11-07 17:52 - 2021-11-07 17:52 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\msvcp140.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\MSVCP140.dll
2021-11-07 17:52 - 2021-11-07 17:52 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\ucrtbase.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\ucrtbase.DLL
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\ucrtbase.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\ucrtbase.DLL
2021-11-07 17:52 - 2021-11-07 17:52 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\vcruntime140.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\VCRUNTIME140.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\vcruntime140.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\VCRUNTIME140.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\vcruntime140_1.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\VCRUNTIME140_1.dll
2023-10-21 16:45 - 2023-10-21 16:45 - 003043328 _____ (Python Software Foundation) [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\python27.dll
2023-08-06 23:51 - 2023-08-06 23:51 - 002554880 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Users\Azareth\AppData\Roaming\uTorrent Web\libcrypto-1_1.dll
2023-08-06 23:51 - 2023-08-06 23:51 - 000537600 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Users\Azareth\AppData\Roaming\uTorrent Web\libssl-1_1.dll
2023-08-17 15:17 - 2017-09-12 10:36 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll
2023-10-21 16:45 - 2023-10-21 16:45 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\wxbase30u_net_vc90_x64.dll
2023-10-21 16:45 - 2023-10-21 16:45 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\wxbase30u_vc90_x64.dll
2023-10-21 16:45 - 2023-10-21 16:45 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\wxmsw30u_adv_vc90_x64.dll
2023-10-21 16:45 - 2023-10-21 16:45 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\wxmsw30u_core_vc90_x64.dll
2023-10-21 16:45 - 2023-10-21 16:45 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\wxmsw30u_html_vc90_x64.dll
2023-10-21 16:45 - 2023-10-21 16:45 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\wxmsw30u_webview_vc90_x64.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:B755D674 [134]
AlternateDataStreams: C:\Users\Azareth\Application Data:6699d3ee8dd9cf775caae782c8f44f03 [394]
AlternateDataStreams: C:\Users\Azareth\AppData\Roaming:6699d3ee8dd9cf775caae782c8f44f03 [394]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [490]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Version 11) (Whitelisted) ==========
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_251\bin\ssv.dll [2020-07-08] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2021-07-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-07-08] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-04-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2021-07-19] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-20] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\localhost -> localhost
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\AdoptOpenJDK\jdk-15.0.0.36-hotspot\bin;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Git\cmd
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Azareth\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 1.1.1.1 - 1.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: ) (ConsentPromptBehaviorUser: ) (EnableLUA: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{C3D0169D-E423-43B2-A9F1-82D90F808499}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{268EA943-A9F5-4B03-BC00-58EE35917216}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4463F500-2E0E-4F6F-8317-41CF5057EB01}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EEB87C4F-A862-4427-BD38-98C097439763}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{40B8E80C-C3FE-43BA-8A78-E56D8390219D}C:\users\azareth\desktop\utorrent\utorrent.exe] => (Allow) C:\users\azareth\desktop\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{64E36E68-B8EE-40AA-9C6C-123EADC1BBC5}C:\users\azareth\desktop\utorrent\utorrent.exe] => (Allow) C:\users\azareth\desktop\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{DEA8167A-1DD6-4FC4-B907-31D1B99F3F0B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{29FE9DDE-2341-4A34-8D18-1770CD73DC70}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{85B1774B-9F32-445F-B1C3-7C4BFF611B67}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{457DDB9B-5BCC-4189-A55A-44AF713435BA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{E69DB11A-1521-488C-A187-1B3F8E6B3C25}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{66EC055D-F17B-4856-8DA8-AD5C3D757A12}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1BE4A71F-AD12-4F0C-BD72-74758AD786D2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B9BF44AF-E01A-42B5-92FA-EFC16537B726}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B069DFCE-538A-4B1E-A017-4A553267608F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{5E3F6726-D520-408B-9250-22675EAB349A}C:\users\azareth\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\azareth\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{E60BE4A2-1AAE-46FC-81A2-E36E43A8835E}C:\users\azareth\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\azareth\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{F2D8D5DB-01E4-40D3-B147-87AC027934FC}C:\users\azareth\desktop\teamspeak3-server_win64\ts3server.exe] => (Allow) C:\users\azareth\desktop\teamspeak3-server_win64\ts3server.exe (TeamSpeak Systems GmbH -> TeamSpeak Systems GmbH)
FirewallRules: [UDP Query User{8BCC844E-D4D4-4748-AEE0-7DBFB89AC5F9}C:\users\azareth\desktop\teamspeak3-server_win64\ts3server.exe] => (Allow) C:\users\azareth\desktop\teamspeak3-server_win64\ts3server.exe (TeamSpeak Systems GmbH -> TeamSpeak Systems GmbH)
FirewallRules: [TCP Query User{E84DCF75-7CEC-455D-88A4-83108691E79F}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [UDP Query User{047E92EF-36A3-4441-B0F9-1A06FD0C5A9C}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [{06C84385-989D-4978-B3E2-D70937FF0E5D}] => (Allow) LPort=80
FirewallRules: [{7253B2E0-BDED-4CBF-AC8B-26085B50EFC4}] => (Allow) C:\xampp\xampp_start.exe (Apache Friends) [File not signed]
FirewallRules: [{686E685E-6D13-4B46-A210-CE0F2303876F}] => (Allow) C:\xampp\xampp_start.exe (Apache Friends) [File not signed]
FirewallRules: [{5315001D-1954-4B22-9BA6-285801726CCE}] => (Allow) C:\Users\Azareth\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{E323FD69-B750-4D16-BA26-5B79559194C2}] => (Allow) C:\Program Files\Microsoft Power BI Desktop\bin\msmdsrv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{55B5EFDC-96FC-46E2-B2A0-183A8BA12BFE}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9AB48081-31EB-4932-9AF1-CB654AA10E54}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C2D306FA-F535-49A2-B4FE-01D77D0764CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{F2F0CAFB-F961-423C-B600-B30790B57C30}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [TCP Query User{81E48AEF-C282-450A-9864-449D2F2D78B9}C:\program files\ascension launcher\ascension launcher.exe] => (Allow) C:\program files\ascension launcher\ascension launcher.exe => No File
FirewallRules: [UDP Query User{7724F964-2B78-43A9-8420-BDC72F05B43D}C:\program files\ascension launcher\ascension launcher.exe] => (Allow) C:\program files\ascension launcher\ascension launcher.exe => No File
FirewallRules: [{8F4A44DA-32E8-4D56-B293-618094546E94}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0EFD3AC2-E653-4DD7-A984-97C670C66D98}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7F7706E0-7590-47DC-9E6E-0A825F6EA77E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{12850751-BA5C-42A2-9788-4AAA6ED97C8A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F0513F4D-4AFA-437E-9637-0559A706D8C9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{8CD2F793-F1DA-4C7C-8FB9-C707F2DD68A5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A504E568-F569-40C2-B523-9E1C09520060}] => (Allow) C:\Users\Azareth\AppData\Local\StarLeaf\StarLeaf\1\StarLeafc.exe (StarLeaf Ltd -> StarLeaf Ltd.)
FirewallRules: [{77C1F7EF-8F66-4AA3-8DD9-CE80E5649313}] => (Allow) C:\Users\Azareth\AppData\Local\StarLeaf\StarLeaf\2\StarLeafc.exe (StarLeaf Ltd -> StarLeaf Ltd.)
FirewallRules: [{3CFF67EF-872A-46BB-9F6C-B26C03760541}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{068762B1-7D91-4A67-BBC7-2A1668DB12E8}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{5DEC74BC-F458-4274-91DB-D7CA5F479AEA}] => (Allow) C:\Users\Azareth\AppData\Roaming\BitTorrent Web\btweb.exe => No File
FirewallRules: [{31036023-DD38-41B3-96E9-B8904E31A245}] => (Allow) C:\Users\Azareth\AppData\Roaming\BitTorrent Web\btweb.exe => No File
FirewallRules: [{233F3575-972F-4593-95FC-1E8D110CA082}] => (Allow) C:\Users\Azareth\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{F7F01701-40F2-44E4-91FF-77F2E2B82866}] => (Allow) C:\Users\Azareth\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{A4214290-C2BE-4605-84F6-1F0E7C06FC14}] => (Allow) C:\Users\Azareth\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{C573431D-6297-4F10-B463-D4F0B5C2DE2C}C:\users\azareth\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\azareth\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{7FF8DEC8-397B-43C5-8DD7-63C5D0E7EFC6}C:\users\azareth\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\azareth\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{07EAE3FA-5D2B-4831-B0F1-5C5B9F8D240E}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.)
FirewallRules: [{1BC5E4DC-689F-40EC-9C25-A32A7689C132}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.)
FirewallRules: [{489A8295-0D52-4BF4-A054-A50E523A7C48}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe (Bluestack Systems, Inc -> BlueStack Systems)
FirewallRules: [{3355ECED-70C8-42EE-8215-BF7719056904}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{687AE984-3D1B-4D23-BE0D-344FD74BF811}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FirewallRules: [{FE68F7C5-FE57-4FFE-834F-EF01D6571919}] => (Allow) C:\Users\Azareth\AppData\Roaming\BitTorrent Web\btweb.exe => No File
FirewallRules: [{75B11104-2A44-48ED-BA37-ED62A780A296}] => (Allow) C:\Users\Azareth\AppData\Roaming\BitTorrent Web\btweb.exe => No File
FirewallRules: [TCP Query User{0D1B9709-71ED-4A82-AFF0-EBC6AF4D8B1A}C:\users\azareth\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\azareth\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{B8821249-2A57-4F8B-8881-0CF245F0AE01}C:\users\azareth\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\azareth\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EF5D316F-A085-4A2B-AAAA-0A9E42486166}] => (Allow) C:\Users\Azareth\AppData\Roaming\uTorrent Web\utweb.exe (Rainberry Inc -> BitTorrent Inc.)
FirewallRules: [{FBE1976B-05A5-4F39-95EE-D6F99F386EE1}] => (Allow) C:\Users\Azareth\AppData\Roaming\uTorrent Web\utweb.exe (Rainberry Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{9456E5CE-8F7F-42B8-8A26-6793EB108529}C:\program files\jetbrains\intellij idea community edition 2021.2.2\jbr\bin\java.exe] => (Allow) C:\program files\jetbrains\intellij idea community edition 2021.2.2\jbr\bin\java.exe
FirewallRules: [UDP Query User{28270238-FA7E-484E-9110-3083CC87C683}C:\program files\jetbrains\intellij idea community edition 2021.2.2\jbr\bin\java.exe] => (Allow) C:\program files\jetbrains\intellij idea community edition 2021.2.2\jbr\bin\java.exe
FirewallRules: [{A7723DCC-7340-40D3-BA86-A2CB3710DD42}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.140\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
06-10-2023 16:12:33 Scheduled Checkpoint
12-10-2023 02:52:21 Windows Update
20-10-2023 00:07:39 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
Name: VirtualBox Bridged Networking Driver Miniport #7
Description: VirtualBox Bridged Networking Driver Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetFlt
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (10/21/2023 04:45:43 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Lenovo\Boot Optimizer\MFC80UD.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (10/21/2023 09:11:38 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Lenovo\Boot Optimizer\MFC80UD.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (10/20/2023 11:26:18 PM) (Source: Software Protection Platform Service) (EventID: 1001) (User: )
Description: Spuštění služby Ochrana softwaru se nezdařilo. 0xD000010A
6.1.7601.17514
Error: (10/20/2023 11:26:18 PM) (Source: Software Protection Platform Service) (EventID: 1001) (User: )
Description: Spuštění služby Ochrana softwaru se nezdařilo. 0xD000010A
6.1.7601.17514
Error: (10/20/2023 11:26:13 PM) (Source: Software Protection Platform Service) (EventID: 1001) (User: )
Description: Spuštění služby Ochrana softwaru se nezdařilo. 0xD000010A
6.1.7601.17514
Error: (10/20/2023 11:26:12 PM) (Source: Software Protection Platform Service) (EventID: 1001) (User: )
Description: Spuštění služby Ochrana softwaru se nezdařilo. 0xD000010A
6.1.7601.17514
Error: (10/20/2023 11:26:12 PM) (Source: Software Protection Platform Service) (EventID: 1001) (User: )
Description: Spuštění služby Ochrana softwaru se nezdařilo. 0xD000010A
6.1.7601.17514
Error: (10/20/2023 06:01:38 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Lenovo\Boot Optimizer\MFC80UD.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
System errors:
=============
Error: (10/21/2023 06:26:52 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} se v daném časovém limitu neregistroval u služby DCOM.
Error: (10/21/2023 04:46:38 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Launch pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (Using LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/21/2023 04:45:48 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 80.
Error: (10/21/2023 04:45:46 PM) (Source: sptd) (EventID: 4) (User: )
Description: Ovladač zjistil interní chybu ve vlastní struktuře dat u .
Error: (10/21/2023 09:12:37 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Launch pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (Using LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/21/2023 09:11:44 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 80.
Error: (10/21/2023 09:11:41 AM) (Source: sptd) (EventID: 4) (User: )
Description: Ovladač zjistil interní chybu ve vlastní struktuře dat u .
Error: (10/21/2023 09:11:41 AM) (Source: sptd) (EventID: 4) (User: )
Description: Ovladač zjistil interní chybu ve vlastní struktuře dat u .
==================== Memory info ===========================
BIOS: LENOVO 47CN30WW(V2.08) 08/01/2011
Motherboard: LENOVO Base Board Product Name
Processor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Percentage of memory in use: 88%
Total physical RAM: 8135.86 MB
Available physical RAM: 974.77 MB
Total Virtual: 16269.86 MB
Available Virtual: 4589.45 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:223.47 GB) (Free:9.83 GB) (Model: KINGSTON SA400S37240G ATA Device) NTFS
Drive d: () (Fixed) (Total:29.82 GB) (Free:3.02 GB) (Model: SAMSUNG MMCRE32GEDXP-MVBL1 ATA Device) NTFS
\\?\Volume{0c0fbdce-888a-11ea-afec-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: E1E2FABC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (Size: 29.8 GB) (Disk ID: 6A205247)
No partition Table on disk 1.
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu podezření na nabourání se do PC
Kde je log FRST? Tohle je pouze Addáition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu podezření na nabourání se do PC
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-10-2023
Ran by Azareth (administrator) on AZARETH-PC (LENOVO 20091) (21-10-2023 18:22:16)
Running from C:\Users\Azareth\Downloads\FRST64 (1).exe
Loaded Profiles: Azareth
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X64) Language: Angličtina (Spojené státy) -> Čeština (Česká republika)
Default browser: IE
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <3>
(C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE ->) (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <6>
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(C:\Users\Azareth\AppData\Roaming\uTorrent Web\utweb.exe ->) (Rainberry Inc -> BitTorrent Inc.) C:\Users\Azareth\AppData\Roaming\uTorrent Web\helper\helper.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(explorer.exe ->) (DT Soft Ltd -> DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\68.0.2.0\crashpad_handler.exe <3>
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <37>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(explorer.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(explorer.exe ->) (Lenovo (Beijing) Limited -> Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(explorer.exe ->) (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(explorer.exe ->) (Rainberry Inc -> BitTorrent Inc.) C:\Users\Azareth\AppData\Roaming\uTorrent Web\utweb.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Azareth\AppData\Local\Microsoft\Teams\current\Teams.exe <6>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2020-04-27] (Lenovo (Beijing) Limited -> Lenovo)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11786344 2011-03-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9753024 2020-04-27] (Lenovo (Beijing) Limited -> Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2020-04-27] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [255896 2023-09-28] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [270912 2015-06-17] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2023-01-11] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2023-01-11] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd -> DT Soft Ltd)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [42727840 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [49958368 2022-02-01] (Google LLC -> )
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91016568 2020-12-02] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Azareth\AppData\Local\Microsoft\Teams\Update.exe [2589872 2023-10-10] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2023-01-11] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4375912 2023-09-29] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [utweb] => C:\Users\Azareth\AppData\Roaming\uTorrent Web\utweb.exe [6418944 2023-08-06] (Rainberry Inc -> BitTorrent Inc.)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\MountPoints2: {1b68cac0-8921-11ea-98fb-806e6f6e6963} - F:\setupx64.bat
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2023-01-11] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2020-04-28] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon MG3000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDG.DLL [30720 2016-06-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3000 series: C:\Windows\system32\CNMLMDG.DLL [485376 2016-06-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3000 series XPS: C:\Windows\system32\CNMXLMDG.DLL [487424 2016-05-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\109.0.19987.122\Installer\chrmstp.exe [2023-01-31] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\109.0.5414.120\Installer\chrmstp.exe [2023-01-28] (Google LLC -> Google LLC)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [182784 2018-03-25] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [159704 2018-03-25] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {923317A8-2671-4B9A-8081-65CBC53C8EB4} - System32\Tasks\{53B35AF0-6B3A-4A0A-BBB3-97A8DE7CFD65} => C:\Drivers\Camera driver(Bison,Chicony,Suyin,Liteon)\Setup.exe [33136 2010-09-02] (Compal Electronics, Inc. -> COMPAL)
Task: {3F64947B-0BFC-4249-8F30-4A4D2AE60BEF} - System32\Tasks\{90CD3027-AF77-49E0-9F3A-AD9891C3106C} => C:\Drivers\Camera driver(Bison,Chicony,Suyin,Liteon)\Setup.exe [33136 2010-09-02] (Compal Electronics, Inc. -> COMPAL)
Task: {18987115-B4F6-4055-80CE-47DBFF185A32} - System32\Tasks\{C966908C-75CA-4106-92A2-F79AA11CA6A1} => C:\Windows\system32\pcalua.exe [9728 2019-06-12] (Microsoft Windows -> Microsoft Corporation) -> -a "C:\Drivers\Camera driver(Bison,Chicony,Suyin,Liteon)\Setup.exe" -d "C:\Drivers\Camera driver(Bison,Chicony,Suyin,Liteon)"
Task: {42CCA8EE-2276-4ADC-8291-ADCD1FD8A02B} - System32\Tasks\{DA1F993B-7319-461F-9278-B9D8AB7812A7} => C:\Windows\system32\pcalua.exe [9728 2019-06-12] (Microsoft Windows -> Microsoft Corporation) -> -a "C:\Program Files\Microsoft Office\root\integration\OneDriveSetup.exe" -d F:\Office -c C:\Program Files\Microsoft Office\root\integration\OneDriveSetup.exe /silent /permachine /silent /childprocess /cusid:S-1-5-21-1201691987-3798675826-3542024472-1000
Task: {27E9919E-F8BB-41C1-9135-683FAE6AF2B0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {6649E94D-1A19-4322-9EAF-C72C6E83F7D9} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-08] (Adobe Inc. -> Adobe)
Task: {C4A2D2B9-1433-4075-A2A6-3A768876FD06} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
Task: {C91BEE1E-BC16-45F7-AC90-22A9E538785E} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5135256 2023-09-28] (Avast Software s.r.o. -> AVAST Software)
Task: {5162A659-4F69-4AA1-8CAE-6BAD8CF61603} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-01] (Avast Software s.r.o. -> Avast Software)
Task: {BEDFC920-770E-437F-8F70-86088733828F} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [275136 2022-07-18] (Bluestack Systems, Inc -> BlueStack Systems, Inc.)
Task: {687E0CF6-F8FC-4078-A71F-F1C2F9569251} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3277472 2023-01-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {2FDAEBD1-A20F-4E82-8071-6B36A9FBFAEB} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3277472 2023-01-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {AE0EEFD8-37C2-4324-A5D1-6B69707EBDC4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {E0947491-92A9-43AD-A3D0-647EE26906B9} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "e12937ae-5955-4604-a50e-a3518a5b1f27" --version "6.17.10746" --silent
Task: {6A4A364E-2141-4984-9051-CD3DB89974B7} - System32\Tasks\CCleanerSkipUAC - Azareth => C:\Program Files\CCleaner\CCleaner.exe [35664800 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {5527D957-AE4A-43E8-A770-2CA166124586} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {B0D29E00-7FE3-45C3-A026-DC0DB6C9D3F1} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {14C505B1-1E44-44B6-8909-D19467D02217} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-27] (Google LLC -> Google LLC)
Task: {9E69560B-BA5E-4D82-B658-B0B8E8297143} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-27] (Google LLC -> Google LLC)
Task: {F0909D45-F39D-4EC9-8184-C4EF1B137CE3} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24614400 2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {FC5E0655-A474-4152-8FB8-C6C1BF377C68} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24614400 2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {949170DE-A988-4FA5-8517-D093D1D4E715} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [160728 2023-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {4AB78676-5E61-45FE-8D86-A668242536B0} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [160728 2023-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0F9C67D-BA7B-4137-AB30-AFA0F1A6B70B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6160864 2023-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {6243AE14-B145-4E7A-96AA-B78E5E77D444} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6160864 2023-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {F03088C5-701F-4D4E-97B1-48A1FCC8F00D} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task (No File)
Task: {93548985-FF8C-4C36-A395-088E1B30D8BC} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [815 2022-11-22] () [File not signed]
Task: {5D5501B6-99BD-46B6-9E9D-C9733642A16F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {E496C2CC-8100-438D-9FF4-305B94A79E58} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1542080 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B6570DB5-E2BE-4C5E-AA47-A2FD4CF1F8B0} - System32\Tasks\NVIDIA GeForceNow_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Users\Azareth\AppData\Local\NVIDIA Corporation\GeForceNOW\CEF\GeForceNOW.exe [3848744 2023-06-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {34366116-F5B1-4C10-BD07-58ADB2E7ADEF} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [960448 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2A174470-37C1-4EC3-915D-8E49BB9E88E8} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [655296 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {808F8A44-EC3C-4BD3-BC62-7546DC571CFF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [655296 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5CDE6BFF-F762-4AEE-B3A3-1925C8751B5A} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436160 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {041946D5-DA89-49A5-AD2F-EEF631429721} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728000 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {84A1BD23-864B-44DE-9E12-5D4DBEEA299A} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728000 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {80B9B50A-1D2B-44F2-9D05-C91080F59169} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [1174016 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{7AC04196-1B18-439A-9168-5D688B3C4E15}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{7AC04196-1B18-439A-9168-5D688B3C4E15}: [DhcpNameServer] 31.30.90.11 31.30.90.12
Edge:
=======
Edge Profile: C:\Users\Azareth\AppData\Local\Microsoft\Edge\User Data\Default [2023-07-07]
FireFox:
========
FF DefaultProfile: 9ckfsfhp.default
FF ProfilePath: C:\Users\Azareth\AppData\Roaming\Mozilla\Firefox\Profiles\9ckfsfhp.default [2020-04-27]
FF ProfilePath: C:\Users\Azareth\AppData\Roaming\Mozilla\Firefox\Profiles\gz5r0ri9.default-release [2023-10-21]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Azareth\AppData\Roaming\Mozilla\Firefox\Profiles\gz5r0ri9.default-release\Extensions\sp@avast.com.xpi [2020-04-27]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-07-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-07-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-04-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2019-07-02] (CANON INC.) [File not signed]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-04-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-10-09] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Azareth\AppData\Local\Google\Chrome\User Data\Default [2023-10-21]
CHR DefaultSearchURL: Default -> hxxps://search.seznam.cz/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> seznam.cz
CHR DefaultSuggestURL: Default -> hxxps://suggest.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Extension: (Dokumenty Google offline) - C:\Users\Azareth\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-30]
CHR Extension: (FormApps Extension) - C:\Users\Azareth\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2022-10-20]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\Azareth\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-01-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Azareth\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-03]
CHR HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
Opera:
=======
OPR Profile: C:\Users\Azareth\AppData\Roaming\Opera Software\Opera Stable [2023-07-07]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 ActiveSMART Service; C:\Program Files (x86)\ActiveSMART 2.12.0\ASmartService.exe [2551544 2020-08-02] (Ariolic Software Ltd -> Ariolic Software, Ltd. (hxxp://www.ariolic.com))
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [9090968 2023-09-28] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [776088 2023-09-28] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [796568 2023-09-28] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-05-20] (Avast Software s.r.o. -> AVAST Software)
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\109.0.19987.122\elevation_service.exe [1802832 2023-01-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11139576 2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2020-08-10] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [445432 2021-04-19] (Canon Inc. -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12835096 2021-01-28] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [31528 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [240176 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [392984 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [297992 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [96064 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [39760 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [275168 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [559696 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [23472 2023-04-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [105248 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [80416 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [950696 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [708048 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [213192 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [319560 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [321792 2022-07-18] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 cpuz157; C:\Windows\temp\cpuz157\cpuz157_x64.sys [43016 2023-09-23] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2020-04-28] (DT Soft Ltd -> DT Soft Ltd)
R1 googledrivefs3758; C:\Windows\System32\DRIVERS\googledrivefs3758.sys [386632 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R1 npcap; C:\Windows\System32\DRIVERS\npcap.sys [67536 2023-07-19] (Insecure.Com LLC -> Insecure.Com LLC.)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [513080 2020-04-28] () [File not signed] [File is in use]
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [74048 2020-08-04] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
U3 ahoikiaj; C:\Windows\System32\Drivers\ahoikiaj.sys [0 0000-00-00] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
U4 npcap_wifi; no ImagePath
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-10-21 18:20 - 2023-10-21 18:21 - 002383360 _____ (Farbar) C:\Users\Azareth\Downloads\FRST64 (1).exe
2023-10-20 20:58 - 2023-10-20 21:02 - 000000000 ____D C:\AdwCleaner
2023-10-20 20:58 - 2023-10-20 20:58 - 008791352 _____ (Malwarebytes) C:\Users\Azareth\Downloads\adwcleaner.exe
2023-10-20 13:32 - 2023-10-20 13:37 - 000070080 _____ C:\Users\Azareth\Downloads\Addition.txt
2023-10-20 13:31 - 2023-10-21 18:23 - 000031532 _____ C:\Users\Azareth\Downloads\FRST.txt
2023-10-17 14:47 - 2023-10-21 18:22 - 000000000 ____D C:\FRST
2023-10-17 14:47 - 2023-10-17 14:47 - 002383360 _____ (Farbar) C:\Users\Azareth\Downloads\FRST64.exe
2023-10-15 20:21 - 2023-10-15 20:30 - 3184589596 _____ C:\Users\Azareth\Downloads\Nepotvrzeno 19152.crdownload
2023-10-14 09:08 - 2023-10-14 09:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2023-10-14 09:05 - 2023-10-14 09:06 - 044112056 _____ (The Git Development Community ) C:\Users\Azareth\Downloads\Git-2.19.2-64-bit.exe
2023-10-12 16:17 - 2023-10-12 16:32 - 012187975 _____ C:\Users\Azareth\Downloads\aircrack-ng-1.7-win.zip
2023-10-12 12:40 - 2023-10-12 12:41 - 001498192 _____ C:\Users\Azareth\Downloads\Osobni dotaznik NAKIT (1).pdf
2023-10-10 12:46 - 2023-10-10 12:46 - 000002263 _____ C:\Users\Azareth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams classic.lnk
2023-10-10 12:46 - 2023-10-10 12:46 - 000002255 _____ C:\Users\Azareth\Desktop\Microsoft Teams classic.lnk
2023-10-10 12:36 - 2023-10-10 13:58 - 001497536 _____ C:\Users\Azareth\Downloads\Osobni dotaznik NAKIT.pdf
2023-10-10 12:15 - 2023-10-10 12:15 - 009010962 _____ C:\Users\Azareth\Downloads\Predpisy NAKIT.zip
2023-10-06 14:53 - 2023-10-06 14:53 - 009841291 _____ C:\Users\Azareth\Downloads\Smlouva CAIS_A.pdf
2023-10-05 23:08 - 2023-10-05 23:08 - 000000000 ____D C:\Users\Azareth\AppData\Local\WinSparkle
2023-10-05 12:22 - 2023-10-05 12:22 - 000195320 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000014042641903.pdf
2023-10-05 12:22 - 2023-10-05 12:22 - 000195311 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000013719355344.pdf
2023-10-05 12:22 - 2023-10-05 12:22 - 000194985 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000013390863630.pdf
2023-10-05 11:32 - 2023-10-05 11:32 - 000497973 _____ C:\Users\Azareth\Downloads\Predpis_zaloh_1_1_2023 (2).pdf
2023-10-04 17:44 - 2023-10-04 17:44 - 000522792 _____ C:\Windows\Minidump\100423-12901-01.dmp
2023-10-02 14:14 - 2023-10-02 14:14 - 000211175 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000013615339957.pdf
2023-10-02 14:14 - 2023-10-02 14:14 - 000211022 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000013941301191.pdf
2023-10-02 14:14 - 2023-10-02 14:14 - 000000162 ____H C:\Users\Azareth\Downloads\~$5108000000002188222113_2000013615339957.pdf
2023-10-02 14:13 - 2023-10-02 14:13 - 000210973 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000013298338381.pdf
2023-09-29 17:25 - 2023-10-15 21:38 - 000003416 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1201691987-3798675826-3542024472-1000
2023-09-29 17:25 - 2023-10-15 21:38 - 000003182 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1201691987-3798675826-3542024472-1000
2023-09-29 17:25 - 2023-09-29 17:25 - 000000000 ____D C:\Users\Azareth\AppData\Local\OneDrive
2023-09-28 09:32 - 2023-09-28 09:32 - 000313240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2023-09-27 20:19 - 2023-09-27 20:19 - 000107770 _____ C:\Users\Azareth\Downloads\DevOps Engineer (5).pdf
2023-09-27 15:13 - 2023-09-27 15:13 - 000107770 _____ C:\Users\Azareth\Downloads\DevOps Engineer (4).pdf
2023-09-26 19:17 - 2023-09-26 19:17 - 036745567 _____ C:\Users\Azareth\Downloads\minikube-installer.exe
2023-09-26 19:17 - 2023-09-26 19:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kubernetes
2023-09-26 19:17 - 2023-09-26 19:17 - 000000000 ____D C:\Program Files\Kubernetes
2023-09-26 14:03 - 2023-09-26 14:03 - 000006260 _____ C:\Users\Azareth\Downloads\BBCPie 23 09 23 Melanie Marie Sauna Temptation XXX 480p MP4-XXX [XC].torrent
2023-09-23 19:53 - 2023-10-02 23:08 - 000000000 ____D C:\Users\Azareth\AppData\Roaming\Wireshark
2023-09-23 19:52 - 2023-10-15 21:38 - 000003100 _____ C:\Windows\system32\Tasks\npcapwatchdog
2023-09-23 19:52 - 2023-09-23 19:52 - 000000000 ____D C:\Windows\SysWOW64\Npcap
2023-09-23 19:52 - 2023-09-23 19:52 - 000000000 ____D C:\Windows\system32\Npcap
2023-09-23 19:52 - 2023-09-23 19:52 - 000000000 ____D C:\Program Files\Npcap
2023-09-23 19:49 - 2023-09-23 19:49 - 000000000 ____D C:\Users\Azareth\Downloads\WiresharkPortable64
2023-09-23 19:47 - 2023-09-23 19:48 - 045811360 _____ (PortableApps.com) C:\Users\Azareth\Downloads\WiresharkPortable64_4.0.8.paf.exe
2023-09-23 19:39 - 2023-09-23 19:39 - 000568128 _____ C:\Windows\Minidump\092323-13384-01.dmp
2023-09-22 14:59 - 2023-09-22 14:59 - 000151405 _____ C:\Users\Azareth\Downloads\Doklad SIPO_202305_8010808982.pdf
2023-09-22 14:59 - 2023-09-22 14:59 - 000151254 _____ C:\Users\Azareth\Downloads\Doklad SIPO_202306_8010808982.pdf
2023-09-22 14:58 - 2023-09-22 14:58 - 000195387 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000013081263080.pdf
2023-09-22 14:58 - 2023-09-22 14:58 - 000195327 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000012762573297.pdf
2023-09-22 14:58 - 2023-09-22 14:58 - 000151414 _____ C:\Users\Azareth\Downloads\Doklad SIPO_202304_8010808982.pdf
2023-09-22 14:57 - 2023-09-22 14:57 - 000195178 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000012422169327.pdf
2023-09-22 12:27 - 2023-09-22 12:27 - 000211158 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000012990785061.pdf
2023-09-22 12:26 - 2023-09-22 12:26 - 000211226 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000012636871118.pdf
2023-09-22 12:24 - 2023-09-22 12:25 - 000211262 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000012333991923.pdf
2023-09-22 12:18 - 2023-09-22 12:19 - 000155471 _____ C:\Users\Azareth\Downloads\Vypis_z_uctu_0-2188222113_z_20230430.pdf
2023-09-21 13:16 - 2023-09-21 13:16 - 000451142 _____ C:\Users\Azareth\Downloads\Predpis_zaloh_1_1_2023 (1).pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-10-21 18:22 - 2023-09-02 10:45 - 000000000 ____D C:\Users\Azareth\AppData\Roaming\uTorrent Web
2023-10-21 18:14 - 2023-06-30 13:11 - 000000000 ____D C:\Program Files (x86)\Steam
2023-10-21 18:05 - 2020-04-27 15:33 - 000000000 ____D C:\Program Files (x86)\Google
2023-10-21 17:40 - 2022-10-20 17:40 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-10-21 17:26 - 2020-09-23 12:22 - 000000000 ____D C:\Users\Azareth\AppData\Roaming\Microsoft\Teams
2023-10-21 16:53 - 2009-07-14 06:45 - 000024416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2023-10-21 16:53 - 2009-07-14 06:45 - 000024416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2023-10-21 16:51 - 2020-04-27 16:09 - 000668850 _____ C:\Windows\system32\perfh005.dat
2023-10-21 16:51 - 2020-04-27 16:09 - 000141464 _____ C:\Windows\system32\perfc005.dat
2023-10-21 16:51 - 2009-07-14 07:13 - 001583374 _____ C:\Windows\system32\PerfStringBackup.INI
2023-10-21 16:51 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2023-10-21 16:46 - 2021-08-19 17:11 - 000000000 ____D C:\Users\Azareth\AppData\Local\BitTorrentHelper
2023-10-21 16:46 - 2020-04-27 15:26 - 000387207 _____ C:\Windows\system32\fastboot.set
2023-10-21 16:45 - 2020-11-14 19:57 - 000000400 __RSH C:\ProgramData\ntuser.pol
2023-10-21 16:45 - 2020-10-05 20:56 - 000000000 ___HD C:\ProgramData\ActiveSMART
2023-10-21 16:45 - 2020-04-28 17:53 - 000000000 ____D C:\Program Files\CCleaner
2023-10-21 16:45 - 2020-04-27 21:13 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2023-10-21 16:45 - 2020-04-27 16:21 - 000000000 ____D C:\ProgramData\Avast Software
2023-10-21 16:45 - 2020-04-27 15:34 - 000000000 ____D C:\ProgramData\NVIDIA
2023-10-21 16:45 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-10-20 21:03 - 2020-10-26 19:34 - 000000000 ____D C:\Users\Azareth\AppData\Roaming\Code
2023-10-20 21:02 - 2020-10-28 15:09 - 000000000 ____D C:\Users\Azareth\AppData\Roaming\Lavasoft
2023-10-20 21:02 - 2020-10-28 15:09 - 000000000 ____D C:\Users\Azareth\AppData\Local\Lavasoft
2023-10-20 21:02 - 2020-10-28 15:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2023-10-20 21:02 - 2020-10-28 15:09 - 000000000 ____D C:\ProgramData\Lavasoft
2023-10-20 21:02 - 2020-10-28 15:09 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2023-10-20 20:30 - 2020-08-14 16:46 - 000000000 ____D C:\Users\Public\BBCPie - Chloe Temple - Creamed Skater Girl
2023-10-19 17:59 - 2021-05-23 11:45 - 000000000 ____D C:\Users\Azareth\AppData\Local\Avast Software
2023-10-19 12:17 - 2022-11-02 13:36 - 000003360 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-10-19 12:17 - 2020-04-28 17:53 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-10-17 19:59 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2023-10-17 13:37 - 2020-04-30 17:09 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2023-10-17 13:36 - 2022-10-31 14:49 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2023-10-15 21:38 - 2023-07-01 16:44 - 000003694 _____ C:\Windows\system32\Tasks\NVIDIA GeForceNow_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-10-15 21:38 - 2022-07-23 11:04 - 000003856 _____ C:\Windows\system32\Tasks\BlueStacksHelper_nxt
2023-10-15 21:38 - 2021-08-19 17:06 - 000002816 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Azareth
2023-10-15 21:38 - 2021-06-20 20:41 - 000003540 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-10-15 21:38 - 2021-06-20 20:41 - 000003412 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-10-15 21:38 - 2020-04-28 17:54 - 000003726 _____ C:\Windows\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2023-10-15 21:38 - 2020-04-28 17:53 - 000003438 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineUA
2023-10-15 21:38 - 2020-04-28 17:53 - 000003310 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineCore
2023-10-15 21:38 - 2020-04-27 19:28 - 000003682 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2023-10-15 21:38 - 2020-04-27 19:28 - 000003554 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2023-10-15 21:38 - 2020-04-27 16:21 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2023-10-14 09:08 - 2020-10-06 21:37 - 000000000 ____D C:\Program Files\Git
2023-10-14 09:08 - 2020-10-06 21:14 - 000000000 ____D C:\ProgramData\Git
2023-10-12 02:57 - 2020-04-30 08:00 - 000000000 ____D C:\Windows\system32\MRT
2023-10-12 02:52 - 2020-04-30 08:00 - 181553176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-10-10 13:53 - 2020-04-28 11:51 - 000000000 ____D C:\Users\Azareth\AppData\Roaming\Microsoft\Word
2023-10-09 18:06 - 2020-04-27 19:17 - 000000000 ____D C:\Users\Azareth\AppData\Local\CrashDumps
2023-10-04 17:44 - 2023-07-07 22:55 - 723126580 _____ C:\Windows\MEMORY.DMP
2023-10-04 17:44 - 2020-07-05 09:28 - 000000000 ____D C:\Windows\Minidump
2023-10-02 14:16 - 2020-05-07 08:28 - 000000000 ____D C:\ProgramData\CanonIJPLM
2023-09-29 17:25 - 2020-04-28 09:45 - 000002126 _____ C:\Users\Azareth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2023-09-28 09:32 - 2020-10-15 19:48 - 000275168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000950696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000708048 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000559696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000392984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000319560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000297992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000240176 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000105248 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000096064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000080416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000039760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000031528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000003910 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2023-09-25 14:29 - 2023-08-03 13:38 - 000000905 _____ C:\Users\Public\Desktop\ChatGPT.lnk
2023-09-25 14:29 - 2023-08-03 13:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChatGPT
2023-09-25 14:29 - 2023-08-03 13:38 - 000000000 ____D C:\Program Files\ChatGPT
2023-09-22 15:01 - 2020-11-30 18:02 - 000000000 ____D C:\Users\Azareth\Desktop\Atyla
==================== Files in the root of some directories ========
2020-07-26 16:04 - 2020-07-26 18:45 - 000000128 _____ () C:\Users\Azareth\AppData\Roaming\winscp.rnd
2020-04-28 08:07 - 2020-04-28 08:07 - 000001500 _____ () C:\Users\Azareth\AppData\Local\PDLSetup.20200428.080709.txt
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2023-10-20 00:00
==================== End of FRST.txt ========================
Ran by Azareth (administrator) on AZARETH-PC (LENOVO 20091) (21-10-2023 18:22:16)
Running from C:\Users\Azareth\Downloads\FRST64 (1).exe
Loaded Profiles: Azareth
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X64) Language: Angličtina (Spojené státy) -> Čeština (Česká republika)
Default browser: IE
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <3>
(C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE ->) (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <6>
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(C:\Users\Azareth\AppData\Roaming\uTorrent Web\utweb.exe ->) (Rainberry Inc -> BitTorrent Inc.) C:\Users\Azareth\AppData\Roaming\uTorrent Web\helper\helper.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(explorer.exe ->) (DT Soft Ltd -> DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\68.0.2.0\crashpad_handler.exe <3>
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <37>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(explorer.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(explorer.exe ->) (Lenovo (Beijing) Limited -> Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(explorer.exe ->) (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(explorer.exe ->) (Rainberry Inc -> BitTorrent Inc.) C:\Users\Azareth\AppData\Roaming\uTorrent Web\utweb.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Azareth\AppData\Local\Microsoft\Teams\current\Teams.exe <6>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2020-04-27] (Lenovo (Beijing) Limited -> Lenovo)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11786344 2011-03-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9753024 2020-04-27] (Lenovo (Beijing) Limited -> Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2020-04-27] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [255896 2023-09-28] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [270912 2015-06-17] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2023-01-11] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2023-01-11] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd -> DT Soft Ltd)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [42727840 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [49958368 2022-02-01] (Google LLC -> )
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91016568 2020-12-02] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Azareth\AppData\Local\Microsoft\Teams\Update.exe [2589872 2023-10-10] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2023-01-11] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4375912 2023-09-29] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [utweb] => C:\Users\Azareth\AppData\Roaming\uTorrent Web\utweb.exe [6418944 2023-08-06] (Rainberry Inc -> BitTorrent Inc.)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\MountPoints2: {1b68cac0-8921-11ea-98fb-806e6f6e6963} - F:\setupx64.bat
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2023-01-11] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2020-04-28] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon MG3000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDG.DLL [30720 2016-06-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3000 series: C:\Windows\system32\CNMLMDG.DLL [485376 2016-06-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3000 series XPS: C:\Windows\system32\CNMXLMDG.DLL [487424 2016-05-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\109.0.19987.122\Installer\chrmstp.exe [2023-01-31] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\109.0.5414.120\Installer\chrmstp.exe [2023-01-28] (Google LLC -> Google LLC)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [182784 2018-03-25] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [159704 2018-03-25] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {923317A8-2671-4B9A-8081-65CBC53C8EB4} - System32\Tasks\{53B35AF0-6B3A-4A0A-BBB3-97A8DE7CFD65} => C:\Drivers\Camera driver(Bison,Chicony,Suyin,Liteon)\Setup.exe [33136 2010-09-02] (Compal Electronics, Inc. -> COMPAL)
Task: {3F64947B-0BFC-4249-8F30-4A4D2AE60BEF} - System32\Tasks\{90CD3027-AF77-49E0-9F3A-AD9891C3106C} => C:\Drivers\Camera driver(Bison,Chicony,Suyin,Liteon)\Setup.exe [33136 2010-09-02] (Compal Electronics, Inc. -> COMPAL)
Task: {18987115-B4F6-4055-80CE-47DBFF185A32} - System32\Tasks\{C966908C-75CA-4106-92A2-F79AA11CA6A1} => C:\Windows\system32\pcalua.exe [9728 2019-06-12] (Microsoft Windows -> Microsoft Corporation) -> -a "C:\Drivers\Camera driver(Bison,Chicony,Suyin,Liteon)\Setup.exe" -d "C:\Drivers\Camera driver(Bison,Chicony,Suyin,Liteon)"
Task: {42CCA8EE-2276-4ADC-8291-ADCD1FD8A02B} - System32\Tasks\{DA1F993B-7319-461F-9278-B9D8AB7812A7} => C:\Windows\system32\pcalua.exe [9728 2019-06-12] (Microsoft Windows -> Microsoft Corporation) -> -a "C:\Program Files\Microsoft Office\root\integration\OneDriveSetup.exe" -d F:\Office -c C:\Program Files\Microsoft Office\root\integration\OneDriveSetup.exe /silent /permachine /silent /childprocess /cusid:S-1-5-21-1201691987-3798675826-3542024472-1000
Task: {27E9919E-F8BB-41C1-9135-683FAE6AF2B0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {6649E94D-1A19-4322-9EAF-C72C6E83F7D9} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-08] (Adobe Inc. -> Adobe)
Task: {C4A2D2B9-1433-4075-A2A6-3A768876FD06} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
Task: {C91BEE1E-BC16-45F7-AC90-22A9E538785E} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5135256 2023-09-28] (Avast Software s.r.o. -> AVAST Software)
Task: {5162A659-4F69-4AA1-8CAE-6BAD8CF61603} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-01] (Avast Software s.r.o. -> Avast Software)
Task: {BEDFC920-770E-437F-8F70-86088733828F} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [275136 2022-07-18] (Bluestack Systems, Inc -> BlueStack Systems, Inc.)
Task: {687E0CF6-F8FC-4078-A71F-F1C2F9569251} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3277472 2023-01-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {2FDAEBD1-A20F-4E82-8071-6B36A9FBFAEB} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3277472 2023-01-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {AE0EEFD8-37C2-4324-A5D1-6B69707EBDC4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {E0947491-92A9-43AD-A3D0-647EE26906B9} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "e12937ae-5955-4604-a50e-a3518a5b1f27" --version "6.17.10746" --silent
Task: {6A4A364E-2141-4984-9051-CD3DB89974B7} - System32\Tasks\CCleanerSkipUAC - Azareth => C:\Program Files\CCleaner\CCleaner.exe [35664800 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {5527D957-AE4A-43E8-A770-2CA166124586} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {B0D29E00-7FE3-45C3-A026-DC0DB6C9D3F1} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {14C505B1-1E44-44B6-8909-D19467D02217} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-27] (Google LLC -> Google LLC)
Task: {9E69560B-BA5E-4D82-B658-B0B8E8297143} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-27] (Google LLC -> Google LLC)
Task: {F0909D45-F39D-4EC9-8184-C4EF1B137CE3} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24614400 2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {FC5E0655-A474-4152-8FB8-C6C1BF377C68} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24614400 2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {949170DE-A988-4FA5-8517-D093D1D4E715} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [160728 2023-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {4AB78676-5E61-45FE-8D86-A668242536B0} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [160728 2023-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0F9C67D-BA7B-4137-AB30-AFA0F1A6B70B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6160864 2023-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {6243AE14-B145-4E7A-96AA-B78E5E77D444} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6160864 2023-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {F03088C5-701F-4D4E-97B1-48A1FCC8F00D} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task (No File)
Task: {93548985-FF8C-4C36-A395-088E1B30D8BC} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [815 2022-11-22] () [File not signed]
Task: {5D5501B6-99BD-46B6-9E9D-C9733642A16F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {E496C2CC-8100-438D-9FF4-305B94A79E58} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1542080 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B6570DB5-E2BE-4C5E-AA47-A2FD4CF1F8B0} - System32\Tasks\NVIDIA GeForceNow_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Users\Azareth\AppData\Local\NVIDIA Corporation\GeForceNOW\CEF\GeForceNOW.exe [3848744 2023-06-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {34366116-F5B1-4C10-BD07-58ADB2E7ADEF} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [960448 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2A174470-37C1-4EC3-915D-8E49BB9E88E8} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [655296 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {808F8A44-EC3C-4BD3-BC62-7546DC571CFF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [655296 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5CDE6BFF-F762-4AEE-B3A3-1925C8751B5A} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436160 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {041946D5-DA89-49A5-AD2F-EEF631429721} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728000 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {84A1BD23-864B-44DE-9E12-5D4DBEEA299A} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728000 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {80B9B50A-1D2B-44F2-9D05-C91080F59169} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [1174016 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{7AC04196-1B18-439A-9168-5D688B3C4E15}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{7AC04196-1B18-439A-9168-5D688B3C4E15}: [DhcpNameServer] 31.30.90.11 31.30.90.12
Edge:
=======
Edge Profile: C:\Users\Azareth\AppData\Local\Microsoft\Edge\User Data\Default [2023-07-07]
FireFox:
========
FF DefaultProfile: 9ckfsfhp.default
FF ProfilePath: C:\Users\Azareth\AppData\Roaming\Mozilla\Firefox\Profiles\9ckfsfhp.default [2020-04-27]
FF ProfilePath: C:\Users\Azareth\AppData\Roaming\Mozilla\Firefox\Profiles\gz5r0ri9.default-release [2023-10-21]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Azareth\AppData\Roaming\Mozilla\Firefox\Profiles\gz5r0ri9.default-release\Extensions\sp@avast.com.xpi [2020-04-27]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-07-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-07-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-04-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2019-07-02] (CANON INC.) [File not signed]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-04-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-10-09] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Azareth\AppData\Local\Google\Chrome\User Data\Default [2023-10-21]
CHR DefaultSearchURL: Default -> hxxps://search.seznam.cz/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> seznam.cz
CHR DefaultSuggestURL: Default -> hxxps://suggest.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Extension: (Dokumenty Google offline) - C:\Users\Azareth\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-30]
CHR Extension: (FormApps Extension) - C:\Users\Azareth\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2022-10-20]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\Azareth\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-01-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Azareth\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-03]
CHR HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
Opera:
=======
OPR Profile: C:\Users\Azareth\AppData\Roaming\Opera Software\Opera Stable [2023-07-07]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 ActiveSMART Service; C:\Program Files (x86)\ActiveSMART 2.12.0\ASmartService.exe [2551544 2020-08-02] (Ariolic Software Ltd -> Ariolic Software, Ltd. (hxxp://www.ariolic.com))
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [9090968 2023-09-28] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [776088 2023-09-28] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [796568 2023-09-28] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-05-20] (Avast Software s.r.o. -> AVAST Software)
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\109.0.19987.122\elevation_service.exe [1802832 2023-01-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11139576 2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2020-08-10] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [445432 2021-04-19] (Canon Inc. -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12835096 2021-01-28] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [31528 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [240176 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [392984 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [297992 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [96064 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [39760 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [275168 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [559696 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [23472 2023-04-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [105248 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [80416 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [950696 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [708048 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [213192 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [319560 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [321792 2022-07-18] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 cpuz157; C:\Windows\temp\cpuz157\cpuz157_x64.sys [43016 2023-09-23] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2020-04-28] (DT Soft Ltd -> DT Soft Ltd)
R1 googledrivefs3758; C:\Windows\System32\DRIVERS\googledrivefs3758.sys [386632 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R1 npcap; C:\Windows\System32\DRIVERS\npcap.sys [67536 2023-07-19] (Insecure.Com LLC -> Insecure.Com LLC.)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [513080 2020-04-28] () [File not signed] [File is in use]
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [74048 2020-08-04] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
U3 ahoikiaj; C:\Windows\System32\Drivers\ahoikiaj.sys [0 0000-00-00] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
U4 npcap_wifi; no ImagePath
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-10-21 18:20 - 2023-10-21 18:21 - 002383360 _____ (Farbar) C:\Users\Azareth\Downloads\FRST64 (1).exe
2023-10-20 20:58 - 2023-10-20 21:02 - 000000000 ____D C:\AdwCleaner
2023-10-20 20:58 - 2023-10-20 20:58 - 008791352 _____ (Malwarebytes) C:\Users\Azareth\Downloads\adwcleaner.exe
2023-10-20 13:32 - 2023-10-20 13:37 - 000070080 _____ C:\Users\Azareth\Downloads\Addition.txt
2023-10-20 13:31 - 2023-10-21 18:23 - 000031532 _____ C:\Users\Azareth\Downloads\FRST.txt
2023-10-17 14:47 - 2023-10-21 18:22 - 000000000 ____D C:\FRST
2023-10-17 14:47 - 2023-10-17 14:47 - 002383360 _____ (Farbar) C:\Users\Azareth\Downloads\FRST64.exe
2023-10-15 20:21 - 2023-10-15 20:30 - 3184589596 _____ C:\Users\Azareth\Downloads\Nepotvrzeno 19152.crdownload
2023-10-14 09:08 - 2023-10-14 09:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2023-10-14 09:05 - 2023-10-14 09:06 - 044112056 _____ (The Git Development Community ) C:\Users\Azareth\Downloads\Git-2.19.2-64-bit.exe
2023-10-12 16:17 - 2023-10-12 16:32 - 012187975 _____ C:\Users\Azareth\Downloads\aircrack-ng-1.7-win.zip
2023-10-12 12:40 - 2023-10-12 12:41 - 001498192 _____ C:\Users\Azareth\Downloads\Osobni dotaznik NAKIT (1).pdf
2023-10-10 12:46 - 2023-10-10 12:46 - 000002263 _____ C:\Users\Azareth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams classic.lnk
2023-10-10 12:46 - 2023-10-10 12:46 - 000002255 _____ C:\Users\Azareth\Desktop\Microsoft Teams classic.lnk
2023-10-10 12:36 - 2023-10-10 13:58 - 001497536 _____ C:\Users\Azareth\Downloads\Osobni dotaznik NAKIT.pdf
2023-10-10 12:15 - 2023-10-10 12:15 - 009010962 _____ C:\Users\Azareth\Downloads\Predpisy NAKIT.zip
2023-10-06 14:53 - 2023-10-06 14:53 - 009841291 _____ C:\Users\Azareth\Downloads\Smlouva CAIS_A.pdf
2023-10-05 23:08 - 2023-10-05 23:08 - 000000000 ____D C:\Users\Azareth\AppData\Local\WinSparkle
2023-10-05 12:22 - 2023-10-05 12:22 - 000195320 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000014042641903.pdf
2023-10-05 12:22 - 2023-10-05 12:22 - 000195311 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000013719355344.pdf
2023-10-05 12:22 - 2023-10-05 12:22 - 000194985 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000013390863630.pdf
2023-10-05 11:32 - 2023-10-05 11:32 - 000497973 _____ C:\Users\Azareth\Downloads\Predpis_zaloh_1_1_2023 (2).pdf
2023-10-04 17:44 - 2023-10-04 17:44 - 000522792 _____ C:\Windows\Minidump\100423-12901-01.dmp
2023-10-02 14:14 - 2023-10-02 14:14 - 000211175 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000013615339957.pdf
2023-10-02 14:14 - 2023-10-02 14:14 - 000211022 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000013941301191.pdf
2023-10-02 14:14 - 2023-10-02 14:14 - 000000162 ____H C:\Users\Azareth\Downloads\~$5108000000002188222113_2000013615339957.pdf
2023-10-02 14:13 - 2023-10-02 14:13 - 000210973 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000013298338381.pdf
2023-09-29 17:25 - 2023-10-15 21:38 - 000003416 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1201691987-3798675826-3542024472-1000
2023-09-29 17:25 - 2023-10-15 21:38 - 000003182 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1201691987-3798675826-3542024472-1000
2023-09-29 17:25 - 2023-09-29 17:25 - 000000000 ____D C:\Users\Azareth\AppData\Local\OneDrive
2023-09-28 09:32 - 2023-09-28 09:32 - 000313240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2023-09-27 20:19 - 2023-09-27 20:19 - 000107770 _____ C:\Users\Azareth\Downloads\DevOps Engineer (5).pdf
2023-09-27 15:13 - 2023-09-27 15:13 - 000107770 _____ C:\Users\Azareth\Downloads\DevOps Engineer (4).pdf
2023-09-26 19:17 - 2023-09-26 19:17 - 036745567 _____ C:\Users\Azareth\Downloads\minikube-installer.exe
2023-09-26 19:17 - 2023-09-26 19:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kubernetes
2023-09-26 19:17 - 2023-09-26 19:17 - 000000000 ____D C:\Program Files\Kubernetes
2023-09-26 14:03 - 2023-09-26 14:03 - 000006260 _____ C:\Users\Azareth\Downloads\BBCPie 23 09 23 Melanie Marie Sauna Temptation XXX 480p MP4-XXX [XC].torrent
2023-09-23 19:53 - 2023-10-02 23:08 - 000000000 ____D C:\Users\Azareth\AppData\Roaming\Wireshark
2023-09-23 19:52 - 2023-10-15 21:38 - 000003100 _____ C:\Windows\system32\Tasks\npcapwatchdog
2023-09-23 19:52 - 2023-09-23 19:52 - 000000000 ____D C:\Windows\SysWOW64\Npcap
2023-09-23 19:52 - 2023-09-23 19:52 - 000000000 ____D C:\Windows\system32\Npcap
2023-09-23 19:52 - 2023-09-23 19:52 - 000000000 ____D C:\Program Files\Npcap
2023-09-23 19:49 - 2023-09-23 19:49 - 000000000 ____D C:\Users\Azareth\Downloads\WiresharkPortable64
2023-09-23 19:47 - 2023-09-23 19:48 - 045811360 _____ (PortableApps.com) C:\Users\Azareth\Downloads\WiresharkPortable64_4.0.8.paf.exe
2023-09-23 19:39 - 2023-09-23 19:39 - 000568128 _____ C:\Windows\Minidump\092323-13384-01.dmp
2023-09-22 14:59 - 2023-09-22 14:59 - 000151405 _____ C:\Users\Azareth\Downloads\Doklad SIPO_202305_8010808982.pdf
2023-09-22 14:59 - 2023-09-22 14:59 - 000151254 _____ C:\Users\Azareth\Downloads\Doklad SIPO_202306_8010808982.pdf
2023-09-22 14:58 - 2023-09-22 14:58 - 000195387 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000013081263080.pdf
2023-09-22 14:58 - 2023-09-22 14:58 - 000195327 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000012762573297.pdf
2023-09-22 14:58 - 2023-09-22 14:58 - 000151414 _____ C:\Users\Azareth\Downloads\Doklad SIPO_202304_8010808982.pdf
2023-09-22 14:57 - 2023-09-22 14:57 - 000195178 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000012422169327.pdf
2023-09-22 12:27 - 2023-09-22 12:27 - 000211158 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000012990785061.pdf
2023-09-22 12:26 - 2023-09-22 12:26 - 000211226 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000012636871118.pdf
2023-09-22 12:24 - 2023-09-22 12:25 - 000211262 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000012333991923.pdf
2023-09-22 12:18 - 2023-09-22 12:19 - 000155471 _____ C:\Users\Azareth\Downloads\Vypis_z_uctu_0-2188222113_z_20230430.pdf
2023-09-21 13:16 - 2023-09-21 13:16 - 000451142 _____ C:\Users\Azareth\Downloads\Predpis_zaloh_1_1_2023 (1).pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-10-21 18:22 - 2023-09-02 10:45 - 000000000 ____D C:\Users\Azareth\AppData\Roaming\uTorrent Web
2023-10-21 18:14 - 2023-06-30 13:11 - 000000000 ____D C:\Program Files (x86)\Steam
2023-10-21 18:05 - 2020-04-27 15:33 - 000000000 ____D C:\Program Files (x86)\Google
2023-10-21 17:40 - 2022-10-20 17:40 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-10-21 17:26 - 2020-09-23 12:22 - 000000000 ____D C:\Users\Azareth\AppData\Roaming\Microsoft\Teams
2023-10-21 16:53 - 2009-07-14 06:45 - 000024416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2023-10-21 16:53 - 2009-07-14 06:45 - 000024416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2023-10-21 16:51 - 2020-04-27 16:09 - 000668850 _____ C:\Windows\system32\perfh005.dat
2023-10-21 16:51 - 2020-04-27 16:09 - 000141464 _____ C:\Windows\system32\perfc005.dat
2023-10-21 16:51 - 2009-07-14 07:13 - 001583374 _____ C:\Windows\system32\PerfStringBackup.INI
2023-10-21 16:51 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2023-10-21 16:46 - 2021-08-19 17:11 - 000000000 ____D C:\Users\Azareth\AppData\Local\BitTorrentHelper
2023-10-21 16:46 - 2020-04-27 15:26 - 000387207 _____ C:\Windows\system32\fastboot.set
2023-10-21 16:45 - 2020-11-14 19:57 - 000000400 __RSH C:\ProgramData\ntuser.pol
2023-10-21 16:45 - 2020-10-05 20:56 - 000000000 ___HD C:\ProgramData\ActiveSMART
2023-10-21 16:45 - 2020-04-28 17:53 - 000000000 ____D C:\Program Files\CCleaner
2023-10-21 16:45 - 2020-04-27 21:13 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2023-10-21 16:45 - 2020-04-27 16:21 - 000000000 ____D C:\ProgramData\Avast Software
2023-10-21 16:45 - 2020-04-27 15:34 - 000000000 ____D C:\ProgramData\NVIDIA
2023-10-21 16:45 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-10-20 21:03 - 2020-10-26 19:34 - 000000000 ____D C:\Users\Azareth\AppData\Roaming\Code
2023-10-20 21:02 - 2020-10-28 15:09 - 000000000 ____D C:\Users\Azareth\AppData\Roaming\Lavasoft
2023-10-20 21:02 - 2020-10-28 15:09 - 000000000 ____D C:\Users\Azareth\AppData\Local\Lavasoft
2023-10-20 21:02 - 2020-10-28 15:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2023-10-20 21:02 - 2020-10-28 15:09 - 000000000 ____D C:\ProgramData\Lavasoft
2023-10-20 21:02 - 2020-10-28 15:09 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2023-10-20 20:30 - 2020-08-14 16:46 - 000000000 ____D C:\Users\Public\BBCPie - Chloe Temple - Creamed Skater Girl
2023-10-19 17:59 - 2021-05-23 11:45 - 000000000 ____D C:\Users\Azareth\AppData\Local\Avast Software
2023-10-19 12:17 - 2022-11-02 13:36 - 000003360 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-10-19 12:17 - 2020-04-28 17:53 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-10-17 19:59 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2023-10-17 13:37 - 2020-04-30 17:09 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2023-10-17 13:36 - 2022-10-31 14:49 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2023-10-15 21:38 - 2023-07-01 16:44 - 000003694 _____ C:\Windows\system32\Tasks\NVIDIA GeForceNow_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-10-15 21:38 - 2022-07-23 11:04 - 000003856 _____ C:\Windows\system32\Tasks\BlueStacksHelper_nxt
2023-10-15 21:38 - 2021-08-19 17:06 - 000002816 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Azareth
2023-10-15 21:38 - 2021-06-20 20:41 - 000003540 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-10-15 21:38 - 2021-06-20 20:41 - 000003412 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-10-15 21:38 - 2020-04-28 17:54 - 000003726 _____ C:\Windows\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2023-10-15 21:38 - 2020-04-28 17:53 - 000003438 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineUA
2023-10-15 21:38 - 2020-04-28 17:53 - 000003310 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineCore
2023-10-15 21:38 - 2020-04-27 19:28 - 000003682 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2023-10-15 21:38 - 2020-04-27 19:28 - 000003554 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2023-10-15 21:38 - 2020-04-27 16:21 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2023-10-14 09:08 - 2020-10-06 21:37 - 000000000 ____D C:\Program Files\Git
2023-10-14 09:08 - 2020-10-06 21:14 - 000000000 ____D C:\ProgramData\Git
2023-10-12 02:57 - 2020-04-30 08:00 - 000000000 ____D C:\Windows\system32\MRT
2023-10-12 02:52 - 2020-04-30 08:00 - 181553176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-10-10 13:53 - 2020-04-28 11:51 - 000000000 ____D C:\Users\Azareth\AppData\Roaming\Microsoft\Word
2023-10-09 18:06 - 2020-04-27 19:17 - 000000000 ____D C:\Users\Azareth\AppData\Local\CrashDumps
2023-10-04 17:44 - 2023-07-07 22:55 - 723126580 _____ C:\Windows\MEMORY.DMP
2023-10-04 17:44 - 2020-07-05 09:28 - 000000000 ____D C:\Windows\Minidump
2023-10-02 14:16 - 2020-05-07 08:28 - 000000000 ____D C:\ProgramData\CanonIJPLM
2023-09-29 17:25 - 2020-04-28 09:45 - 000002126 _____ C:\Users\Azareth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2023-09-28 09:32 - 2020-10-15 19:48 - 000275168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000950696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000708048 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000559696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000392984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000319560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000297992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000240176 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000105248 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000096064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000080416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000039760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000031528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000003910 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2023-09-25 14:29 - 2023-08-03 13:38 - 000000905 _____ C:\Users\Public\Desktop\ChatGPT.lnk
2023-09-25 14:29 - 2023-08-03 13:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChatGPT
2023-09-25 14:29 - 2023-08-03 13:38 - 000000000 ____D C:\Program Files\ChatGPT
2023-09-22 15:01 - 2020-11-30 18:02 - 000000000 ____D C:\Users\Azareth\Desktop\Atyla
==================== Files in the root of some directories ========
2020-07-26 16:04 - 2020-07-26 18:45 - 000000128 _____ () C:\Users\Azareth\AppData\Roaming\winscp.rnd
2020-04-28 08:07 - 2020-04-28 08:07 - 000001500 _____ () C:\Users\Azareth\AppData\Local\PDLSetup.20200428.080709.txt
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2023-10-20 00:00
==================== End of FRST.txt ========================
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu podezření na nabourání se do PC
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
CustomCLSID: HKU\S-1-5-21-1201691987-3798675826-3542024472-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Azareth\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll => No File
C:\Users\Azareth\AppData\Local\Temp
AlternateDataStreams: C:\ProgramData\TEMP:B755D674 [134]
AlternateDataStreams: C:\Users\Azareth\Application Data:6699d3ee8dd9cf775caae782c8f44f03 [394]
AlternateDataStreams: C:\Users\Azareth\AppData\Roaming:6699d3ee8dd9cf775caae782c8f44f03 [394]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [490]
FirewallRules: [{85B1774B-9F32-445F-B1C3-7C4BFF611B67}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{457DDB9B-5BCC-4189-A55A-44AF713435BA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{81E48AEF-C282-450A-9864-449D2F2D78B9}C:\program files\ascension launcher\ascension launcher.exe] => (Allow) C:\program files\ascension launcher\ascension launcher.exe => No File
FirewallRules: [UDP Query User{7724F964-2B78-43A9-8420-BDC72F05B43D}C:\program files\ascension launcher\ascension launcher.exe] => (Allow) C:\program files\ascension launcher\ascension launcher.exe => No File
FirewallRules: [{5DEC74BC-F458-4274-91DB-D7CA5F479AEA}] => (Allow) C:\Users\Azareth\AppData\Roaming\BitTorrent Web\btweb.exe => No File
FirewallRules: [{31036023-DD38-41B3-96E9-B8904E31A245}] => (Allow) C:\Users\Azareth\AppData\Roaming\BitTorrent Web\btweb.exe => No File
FirewallRules: [{FE68F7C5-FE57-4FFE-834F-EF01D6571919}] => (Allow) C:\Users\Azareth\AppData\Roaming\BitTorrent Web\btweb.exe => No File
FirewallRules: [{75B11104-2A44-48ED-BA37-ED62A780A296}] => (Allow) C:\Users\Azareth\AppData\Roaming\BitTorrent Web\btweb.exe => No File
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\MountPoints2: {1b68cac0-8921-11ea-98fb-806e6f6e6963} - F:\setupx64.bat
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {14C505B1-1E44-44B6-8909-D19467D02217} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-27] (Google LLC -> Google LLC)
Task: {9E69560B-BA5E-4D82-B658-B0B8E8297143} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-27] (Google LLC -> Google LLC)
Task: {F03088C5-701F-4D4E-97B1-48A1FCC8F00D} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task (No File)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
F Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
U4 npcap_wifi; no ImagePath
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?