VIRY.CZ

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-10-2023
Ran by Azareth (administrator) on AZARETH-PC (LENOVO 20091) (20-10-2023 13:31:18)
Running from C:\Users\Azareth\Downloads\FRST64.exe
Loaded Profiles: Azareth
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X64) Language: Angličtina (Spojené státy) -> Čeština (Česká republika)
Default browser: IE
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <3>
(C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE ->) (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\JetBrains\IntelliJ IDEA Community Edition 2021.2.2\bin\idea64.exe ->) (JetBrains s.r.o. -> ) C:\Program Files\JetBrains\IntelliJ IDEA Community Edition 2021.2.2\lib\pty4j-native\win\x86-64\winpty-agent.exe
(C:\Program Files\JetBrains\IntelliJ IDEA Community Edition 2021.2.2\bin\idea64.exe ->) (JetBrains s.r.o. -> JetBrains s.r.o.) C:\Program Files\JetBrains\IntelliJ IDEA Community Edition 2021.2.2\bin\fsnotifier.exe
(C:\Program Files\JetBrains\IntelliJ IDEA Community Edition 2021.2.2\lib\pty4j-native\win\x86-64\winpty-agent.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(C:\Users\Azareth\AppData\Roaming\uTorrent Web\utweb.exe ->) (Rainberry Inc -> BitTorrent Inc.) C:\Users\Azareth\AppData\Roaming\uTorrent Web\helper\helper.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(explorer.exe ->) (DT Soft Ltd -> DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\68.0.2.0\crashpad_handler.exe <3>
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <46>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(explorer.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(explorer.exe ->) (JetBrains s.r.o. -> JetBrains s.r.o.) C:\Program Files\JetBrains\IntelliJ IDEA Community Edition 2021.2.2\bin\idea64.exe
(explorer.exe ->) (Lenovo (Beijing) Limited -> Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(explorer.exe ->) (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(explorer.exe ->) (Rainberry Inc -> BitTorrent Inc.) C:\Users\Azareth\AppData\Roaming\uTorrent Web\utweb.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (LAVASOFT SOFTWARE CANADA INC -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2020-04-27] (Lenovo (Beijing) Limited -> Lenovo)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11786344 2011-03-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9753024 2020-04-27] (Lenovo (Beijing) Limited -> Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2020-04-27] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [255896 2023-09-28] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [270912 2015-06-17] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2023-01-11] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2023-01-11] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd -> DT Soft Ltd)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [42727840 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [49958368 2022-02-01] (Google LLC -> )
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91016568 2020-12-02] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Azareth\AppData\Local\Microsoft\Teams\Update.exe [2589872 2023-10-10] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [8520168 2021-03-01] (LAVASOFT SOFTWARE CANADA INC -> Lavasoft) <==== ATTENTION
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2023-01-11] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4375912 2023-09-29] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [utweb] => C:\Users\Azareth\AppData\Roaming\uTorrent Web\utweb.exe [6418944 2023-08-06] (Rainberry Inc -> BitTorrent Inc.)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\MountPoints2: {1b68cac0-8921-11ea-98fb-806e6f6e6963} - F:\setupx64.bat
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2023-01-11] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2020-04-28] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon MG3000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDG.DLL [30720 2016-06-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3000 series: C:\Windows\system32\CNMLMDG.DLL [485376 2016-06-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3000 series XPS: C:\Windows\system32\CNMXLMDG.DLL [487424 2016-05-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\109.0.19987.122\Installer\chrmstp.exe [2023-01-31] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\109.0.5414.120\Installer\chrmstp.exe [2023-01-28] (Google LLC -> Google LLC)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [182784 2018-03-25] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [159704 2018-03-25] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {923317A8-2671-4B9A-8081-65CBC53C8EB4} - System32\Tasks\{53B35AF0-6B3A-4A0A-BBB3-97A8DE7CFD65} => C:\Drivers\Camera driver(Bison,Chicony,Suyin,Liteon)\Setup.exe [33136 2010-09-02] (Compal Electronics, Inc. -> COMPAL)
Task: {3F64947B-0BFC-4249-8F30-4A4D2AE60BEF} - System32\Tasks\{90CD3027-AF77-49E0-9F3A-AD9891C3106C} => C:\Drivers\Camera driver(Bison,Chicony,Suyin,Liteon)\Setup.exe [33136 2010-09-02] (Compal Electronics, Inc. -> COMPAL)
Task: {18987115-B4F6-4055-80CE-47DBFF185A32} - System32\Tasks\{C966908C-75CA-4106-92A2-F79AA11CA6A1} => C:\Windows\system32\pcalua.exe [9728 2019-06-12] (Microsoft Windows -> Microsoft Corporation) -> -a "C:\Drivers\Camera driver(Bison,Chicony,Suyin,Liteon)\Setup.exe" -d "C:\Drivers\Camera driver(Bison,Chicony,Suyin,Liteon)"
Task: {42CCA8EE-2276-4ADC-8291-ADCD1FD8A02B} - System32\Tasks\{DA1F993B-7319-461F-9278-B9D8AB7812A7} => C:\Windows\system32\pcalua.exe [9728 2019-06-12] (Microsoft Windows -> Microsoft Corporation) -> -a "C:\Program Files\Microsoft Office\root\integration\OneDriveSetup.exe" -d F:\Office -c C:\Program Files\Microsoft Office\root\integration\OneDriveSetup.exe /silent /permachine /silent /childprocess /cusid:S-1-5-21-1201691987-3798675826-3542024472-1000
Task: {27E9919E-F8BB-41C1-9135-683FAE6AF2B0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {6649E94D-1A19-4322-9EAF-C72C6E83F7D9} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-08] (Adobe Inc. -> Adobe)
Task: {C4A2D2B9-1433-4075-A2A6-3A768876FD06} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
Task: {C91BEE1E-BC16-45F7-AC90-22A9E538785E} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5135256 2023-09-28] (Avast Software s.r.o. -> AVAST Software)
Task: {5162A659-4F69-4AA1-8CAE-6BAD8CF61603} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-01] (Avast Software s.r.o. -> Avast Software)
Task: {BEDFC920-770E-437F-8F70-86088733828F} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [275136 2022-07-18] (Bluestack Systems, Inc -> BlueStack Systems, Inc.)
Task: {687E0CF6-F8FC-4078-A71F-F1C2F9569251} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3277472 2023-01-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {2FDAEBD1-A20F-4E82-8071-6B36A9FBFAEB} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3277472 2023-01-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {AE0EEFD8-37C2-4324-A5D1-6B69707EBDC4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {E0947491-92A9-43AD-A3D0-647EE26906B9} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "e12937ae-5955-4604-a50e-a3518a5b1f27" --version "6.17.10746" --silent
Task: {6A4A364E-2141-4984-9051-CD3DB89974B7} - System32\Tasks\CCleanerSkipUAC - Azareth => C:\Program Files\CCleaner\CCleaner.exe [35664800 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {5527D957-AE4A-43E8-A770-2CA166124586} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {B0D29E00-7FE3-45C3-A026-DC0DB6C9D3F1} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {14C505B1-1E44-44B6-8909-D19467D02217} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-27] (Google LLC -> Google LLC)
Task: {9E69560B-BA5E-4D82-B658-B0B8E8297143} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-27] (Google LLC -> Google LLC)
Task: {F0909D45-F39D-4EC9-8184-C4EF1B137CE3} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24614400 2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {FC5E0655-A474-4152-8FB8-C6C1BF377C68} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24614400 2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {949170DE-A988-4FA5-8517-D093D1D4E715} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [160728 2023-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {4AB78676-5E61-45FE-8D86-A668242536B0} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [160728 2023-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0F9C67D-BA7B-4137-AB30-AFA0F1A6B70B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6160864 2023-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {6243AE14-B145-4E7A-96AA-B78E5E77D444} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6160864 2023-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {F03088C5-701F-4D4E-97B1-48A1FCC8F00D} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task (No File)
Task: {93548985-FF8C-4C36-A395-088E1B30D8BC} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [815 2022-11-22] () [File not signed]
Task: {5D5501B6-99BD-46B6-9E9D-C9733642A16F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {E496C2CC-8100-438D-9FF4-305B94A79E58} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1542080 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B6570DB5-E2BE-4C5E-AA47-A2FD4CF1F8B0} - System32\Tasks\NVIDIA GeForceNow_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Users\Azareth\AppData\Local\NVIDIA Corporation\GeForceNOW\CEF\GeForceNOW.exe [3848744 2023-06-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {34366116-F5B1-4C10-BD07-58ADB2E7ADEF} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [960448 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2A174470-37C1-4EC3-915D-8E49BB9E88E8} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [655296 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {808F8A44-EC3C-4BD3-BC62-7546DC571CFF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [655296 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5CDE6BFF-F762-4AEE-B3A3-1925C8751B5A} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436160 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {041946D5-DA89-49A5-AD2F-EEF631429721} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728000 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {84A1BD23-864B-44DE-9E12-5D4DBEEA299A} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728000 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {80B9B50A-1D2B-44F2-9D05-C91080F59169} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [1174016 2010-11-20] (Microsoft Windows -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{7AC04196-1B18-439A-9168-5D688B3C4E15}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{7AC04196-1B18-439A-9168-5D688B3C4E15}: [DhcpNameServer] 31.30.90.11 31.30.90.12

Edge:
=======
Edge Profile: C:\Users\Azareth\AppData\Local\Microsoft\Edge\User Data\Default [2023-07-07]

FireFox:
========
FF DefaultProfile: 9ckfsfhp.default
FF ProfilePath: C:\Users\Azareth\AppData\Roaming\Mozilla\Firefox\Profiles\9ckfsfhp.default [2020-04-27]
FF ProfilePath: C:\Users\Azareth\AppData\Roaming\Mozilla\Firefox\Profiles\gz5r0ri9.default-release [2023-10-20]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Azareth\AppData\Roaming\Mozilla\Firefox\Profiles\gz5r0ri9.default-release\Extensions\sp@avast.com.xpi [2020-04-27]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-07-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-07-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-04-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2019-07-02] (CANON INC.) [File not signed]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-04-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-10-09] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Azareth\AppData\Local\Google\Chrome\User Data\Default [2023-10-20]
CHR DefaultSearchURL: Default -> hxxps://search.seznam.cz/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> seznam.cz
CHR DefaultSuggestURL: Default -> hxxps://suggest.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Extension: (Dokumenty Google offline) - C:\Users\Azareth\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-30]
CHR Extension: (FormApps Extension) - C:\Users\Azareth\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2022-10-20]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\Azareth\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-01-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Azareth\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-03]
CHR HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

Opera:
=======
OPR Profile: C:\Users\Azareth\AppData\Roaming\Opera Software\Opera Stable [2023-07-07]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 ActiveSMART Service; C:\Program Files (x86)\ActiveSMART 2.12.0\ASmartService.exe [2551544 2020-08-02] (Ariolic Software Ltd -> Ariolic Software, Ltd. (hxxp://www.ariolic.com))
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [9090968 2023-09-28] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [776088 2023-09-28] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [796568 2023-09-28] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-05-20] (Avast Software s.r.o. -> AVAST Software)
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\109.0.19987.122\elevation_service.exe [1802832 2023-01-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11139576 2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2020-08-10] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [445432 2021-04-19] (Canon Inc. -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12835096 2021-01-28] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [28136 2021-03-01] (LAVASOFT SOFTWARE CANADA INC -> ) <==== ATTENTION
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [31528 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [240176 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [392984 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [297992 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [96064 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [39760 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [275168 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [559696 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [23472 2023-04-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [105248 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [80416 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [950696 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [708048 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [213192 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [319560 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [321792 2022-07-18] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 cpuz157; C:\Windows\temp\cpuz157\cpuz157_x64.sys [43016 2023-09-23] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2020-04-28] (DT Soft Ltd -> DT Soft Ltd)
R1 googledrivefs3758; C:\Windows\System32\DRIVERS\googledrivefs3758.sys [386632 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R1 npcap; C:\Windows\System32\DRIVERS\npcap.sys [67536 2023-07-19] (Insecure.Com LLC -> Insecure.Com LLC.)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [513080 2020-04-28] () [File not signed] [File is in use]
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [74048 2020-08-04] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
U3 al7xo9mw; C:\Windows\System32\Drivers\al7xo9mw.sys [0 0000-00-00] (Advanced Micro Devices) <==== ATTENTION [zero byte File/Folder]
U4 npcap_wifi; no ImagePath
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-10-20 13:31 - 2023-10-20 13:32 - 000032316 _____ C:\Users\Azareth\Downloads\FRST.txt
2023-10-17 14:47 - 2023-10-20 13:32 - 000000000 ____D C:\FRST
2023-10-17 14:47 - 2023-10-17 14:47 - 002383360 _____ (Farbar) C:\Users\Azareth\Downloads\FRST64.exe
2023-10-15 20:21 - 2023-10-15 20:30 - 3184589596 _____ C:\Users\Azareth\Downloads\Nepotvrzeno 19152.crdownload
2023-10-14 09:08 - 2023-10-14 09:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2023-10-14 09:05 - 2023-10-14 09:06 - 044112056 _____ (The Git Development Community ) C:\Users\Azareth\Downloads\Git-2.19.2-64-bit.exe
2023-10-12 16:17 - 2023-10-12 16:32 - 012187975 _____ C:\Users\Azareth\Downloads\aircrack-ng-1.7-win.zip
2023-10-12 12:40 - 2023-10-12 12:41 - 001498192 _____ C:\Users\Azareth\Downloads\Osobni dotaznik NAKIT (1).pdf
2023-10-10 12:46 - 2023-10-10 12:46 - 000002263 _____ C:\Users\Azareth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams classic.lnk
2023-10-10 12:46 - 2023-10-10 12:46 - 000002255 _____ C:\Users\Azareth\Desktop\Microsoft Teams classic.lnk
2023-10-10 12:36 - 2023-10-10 13:58 - 001497536 _____ C:\Users\Azareth\Downloads\Osobni dotaznik NAKIT.pdf
2023-10-10 12:15 - 2023-10-10 12:15 - 009010962 _____ C:\Users\Azareth\Downloads\Predpisy NAKIT.zip
2023-10-06 14:53 - 2023-10-06 14:53 - 009841291 _____ C:\Users\Azareth\Downloads\Smlouva CAIS_A.pdf
2023-10-05 23:08 - 2023-10-05 23:08 - 000000000 ____D C:\Users\Azareth\AppData\Local\WinSparkle
2023-10-05 12:22 - 2023-10-05 12:22 - 000195320 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000014042641903.pdf
2023-10-05 12:22 - 2023-10-05 12:22 - 000195311 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000013719355344.pdf
2023-10-05 12:22 - 2023-10-05 12:22 - 000194985 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000013390863630.pdf
2023-10-05 11:32 - 2023-10-05 11:32 - 000497973 _____ C:\Users\Azareth\Downloads\Predpis_zaloh_1_1_2023 (2).pdf
2023-10-04 17:44 - 2023-10-04 17:44 - 000522792 _____ C:\Windows\Minidump\100423-12901-01.dmp
2023-10-02 14:14 - 2023-10-02 14:14 - 000211175 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000013615339957.pdf
2023-10-02 14:14 - 2023-10-02 14:14 - 000211022 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000013941301191.pdf
2023-10-02 14:14 - 2023-10-02 14:14 - 000000162 ____H C:\Users\Azareth\Downloads\~$5108000000002188222113_2000013615339957.pdf
2023-10-02 14:13 - 2023-10-02 14:13 - 000210973 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000013298338381.pdf
2023-09-29 17:25 - 2023-10-15 21:38 - 000003416 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1201691987-3798675826-3542024472-1000
2023-09-29 17:25 - 2023-10-15 21:38 - 000003182 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1201691987-3798675826-3542024472-1000
2023-09-29 17:25 - 2023-09-29 17:25 - 000000000 ____D C:\Users\Azareth\AppData\Local\OneDrive
2023-09-28 09:32 - 2023-09-28 09:32 - 000313240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2023-09-27 20:19 - 2023-09-27 20:19 - 000107770 _____ C:\Users\Azareth\Downloads\DevOps Engineer (5).pdf
2023-09-27 15:13 - 2023-09-27 15:13 - 000107770 _____ C:\Users\Azareth\Downloads\DevOps Engineer (4).pdf
2023-09-26 19:17 - 2023-09-26 19:17 - 036745567 _____ C:\Users\Azareth\Downloads\minikube-installer.exe
2023-09-26 19:17 - 2023-09-26 19:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kubernetes
2023-09-26 19:17 - 2023-09-26 19:17 - 000000000 ____D C:\Program Files\Kubernetes
2023-09-26 14:03 - 2023-09-26 14:03 - 000006260 _____ C:\Users\Azareth\Downloads\BBCPie 23 09 23 Melanie Marie Sauna Temptation XXX 480p MP4-XXX [XC].torrent
2023-09-23 19:53 - 2023-10-02 23:08 - 000000000 ____D C:\Users\Azareth\AppData\Roaming\Wireshark
2023-09-23 19:52 - 2023-10-15 21:38 - 000003100 _____ C:\Windows\system32\Tasks\npcapwatchdog
2023-09-23 19:52 - 2023-09-23 19:52 - 000000000 ____D C:\Windows\SysWOW64\Npcap
2023-09-23 19:52 - 2023-09-23 19:52 - 000000000 ____D C:\Windows\system32\Npcap
2023-09-23 19:52 - 2023-09-23 19:52 - 000000000 ____D C:\Program Files\Npcap
2023-09-23 19:49 - 2023-09-23 19:49 - 000000000 ____D C:\Users\Azareth\Downloads\WiresharkPortable64
2023-09-23 19:47 - 2023-09-23 19:48 - 045811360 _____ (PortableApps.com) C:\Users\Azareth\Downloads\WiresharkPortable64_4.0.8.paf.exe
2023-09-23 19:39 - 2023-09-23 19:39 - 000568128 _____ C:\Windows\Minidump\092323-13384-01.dmp
2023-09-22 14:59 - 2023-09-22 14:59 - 000151405 _____ C:\Users\Azareth\Downloads\Doklad SIPO_202305_8010808982.pdf
2023-09-22 14:59 - 2023-09-22 14:59 - 000151254 _____ C:\Users\Azareth\Downloads\Doklad SIPO_202306_8010808982.pdf
2023-09-22 14:58 - 2023-09-22 14:58 - 000195387 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000013081263080.pdf
2023-09-22 14:58 - 2023-09-22 14:58 - 000195327 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000012762573297.pdf
2023-09-22 14:58 - 2023-09-22 14:58 - 000151414 _____ C:\Users\Azareth\Downloads\Doklad SIPO_202304_8010808982.pdf
2023-09-22 14:57 - 2023-09-22 14:57 - 000195178 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000012422169327.pdf
2023-09-22 12:27 - 2023-09-22 12:27 - 000211158 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000012990785061.pdf
2023-09-22 12:26 - 2023-09-22 12:26 - 000211226 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000012636871118.pdf
2023-09-22 12:24 - 2023-09-22 12:25 - 000211262 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000012333991923.pdf
2023-09-22 12:18 - 2023-09-22 12:19 - 000155471 _____ C:\Users\Azareth\Downloads\Vypis_z_uctu_0-2188222113_z_20230430.pdf
2023-09-21 13:16 - 2023-09-21 13:16 - 000451142 _____ C:\Users\Azareth\Downloads\Predpis_zaloh_1_1_2023 (1).pdf
2023-09-20 17:01 - 2023-09-20 17:01 - 000275025 _____ C:\Users\Azareth\Documents\IMG_20230920_0001.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-10-20 13:05 - 2020-04-27 15:33 - 000000000 ____D C:\Program Files (x86)\Google
2023-10-20 12:46 - 2020-09-23 12:22 - 000000000 ____D C:\Users\Azareth\AppData\Roaming\Microsoft\Teams
2023-10-20 11:36 - 2009-07-14 06:45 - 000024416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2023-10-20 11:36 - 2009-07-14 06:45 - 000024416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2023-10-20 11:33 - 2020-04-27 16:09 - 000668850 _____ C:\Windows\system32\perfh005.dat
2023-10-20 11:33 - 2020-04-27 16:09 - 000141464 _____ C:\Windows\system32\perfc005.dat
2023-10-20 11:33 - 2009-07-14 07:13 - 001583374 _____ C:\Windows\system32\PerfStringBackup.INI
2023-10-20 11:33 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2023-10-20 11:27 - 2023-09-02 10:45 - 000000000 ____D C:\Users\Azareth\AppData\Roaming\uTorrent Web
2023-10-20 11:27 - 2023-06-30 13:11 - 000000000 ____D C:\Program Files (x86)\Steam
2023-10-20 11:27 - 2021-08-19 17:11 - 000000000 ____D C:\Users\Azareth\AppData\Local\BitTorrentHelper
2023-10-20 11:27 - 2020-04-28 17:53 - 000000000 ____D C:\Program Files\CCleaner
2023-10-20 11:27 - 2020-04-27 15:26 - 000356217 _____ C:\Windows\system32\fastboot.set
2023-10-20 11:26 - 2020-10-05 20:56 - 000000000 ___HD C:\ProgramData\ActiveSMART
2023-10-20 11:26 - 2020-04-27 21:13 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2023-10-20 11:26 - 2020-04-27 16:21 - 000000000 ____D C:\ProgramData\Avast Software
2023-10-20 11:26 - 2020-04-27 15:34 - 000000000 ____D C:\ProgramData\NVIDIA
2023-10-20 11:26 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-10-19 17:59 - 2021-05-23 11:45 - 000000000 ____D C:\Users\Azareth\AppData\Local\Avast Software
2023-10-19 17:40 - 2022-10-20 17:40 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-10-19 12:17 - 2022-11-02 13:36 - 000003360 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-10-19 12:17 - 2020-04-28 17:53 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-10-18 11:30 - 2020-11-14 19:57 - 000000400 __RSH C:\ProgramData\ntuser.pol
2023-10-17 19:59 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2023-10-17 13:37 - 2020-04-30 17:09 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2023-10-17 13:36 - 2022-10-31 14:49 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2023-10-15 21:38 - 2023-07-01 16:44 - 000003694 _____ C:\Windows\system32\Tasks\NVIDIA GeForceNow_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-10-15 21:38 - 2022-07-23 11:04 - 000003856 _____ C:\Windows\system32\Tasks\BlueStacksHelper_nxt
2023-10-15 21:38 - 2021-08-19 17:06 - 000002816 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Azareth
2023-10-15 21:38 - 2021-06-20 20:41 - 000003540 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-10-15 21:38 - 2021-06-20 20:41 - 000003412 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-10-15 21:38 - 2020-04-28 17:54 - 000003726 _____ C:\Windows\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2023-10-15 21:38 - 2020-04-28 17:53 - 000003438 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineUA
2023-10-15 21:38 - 2020-04-28 17:53 - 000003310 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineCore
2023-10-15 21:38 - 2020-04-27 19:28 - 000003682 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2023-10-15 21:38 - 2020-04-27 19:28 - 000003554 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2023-10-15 21:38 - 2020-04-27 16:21 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2023-10-14 09:08 - 2020-10-06 21:37 - 000000000 ____D C:\Program Files\Git
2023-10-14 09:08 - 2020-10-06 21:14 - 000000000 ____D C:\ProgramData\Git
2023-10-12 02:57 - 2020-04-30 08:00 - 000000000 ____D C:\Windows\system32\MRT
2023-10-12 02:52 - 2020-04-30 08:00 - 181553176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-10-10 13:53 - 2020-04-28 11:51 - 000000000 ____D C:\Users\Azareth\AppData\Roaming\Microsoft\Word
2023-10-09 18:06 - 2020-04-27 19:17 - 000000000 ____D C:\Users\Azareth\AppData\Local\CrashDumps
2023-10-05 22:22 - 2020-10-26 19:34 - 000000000 ____D C:\Users\Azareth\AppData\Roaming\Code
2023-10-04 17:44 - 2023-07-07 22:55 - 723126580 _____ C:\Windows\MEMORY.DMP
2023-10-04 17:44 - 2020-07-05 09:28 - 000000000 ____D C:\Windows\Minidump
2023-10-02 14:16 - 2020-05-07 08:28 - 000000000 ____D C:\ProgramData\CanonIJPLM
2023-09-29 17:25 - 2020-04-28 09:45 - 000002126 _____ C:\Users\Azareth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2023-09-28 09:32 - 2020-10-15 19:48 - 000275168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000950696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000708048 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000559696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000392984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000319560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000297992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000240176 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000105248 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000096064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000080416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000039760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000031528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000003910 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2023-09-25 14:29 - 2023-08-03 13:38 - 000000905 _____ C:\Users\Public\Desktop\ChatGPT.lnk
2023-09-25 14:29 - 2023-08-03 13:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChatGPT
2023-09-25 14:29 - 2023-08-03 13:38 - 000000000 ____D C:\Program Files\ChatGPT
2023-09-22 15:01 - 2020-11-30 18:02 - 000000000 ____D C:\Users\Azareth\Desktop\Atyla

==================== Files in the root of some directories ========

2020-07-26 16:04 - 2020-07-26 18:45 - 000000128 _____ () C:\Users\Azareth\AppData\Roaming\winscp.rnd
2020-04-28 08:07 - 2020-04-28 08:07 - 000001500 _____ () C:\Users\Azareth\AppData\Local\PDLSetup.20200428.080709.txt

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2023-10-20 00:00
==================== End of FRST.txt ========================

Zdravím!
Spusťte tuto utilitu:¨

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-20-2023
# Duration: 00:00:04
# OS: Windows 7 Service Pack 1
# Cleaned: 18
# Failed: 0


***** [ Services ] *****

Deleted WCAssistantService

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Lavasoft\Web Companion
Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted C:\ProgramData\Lavasoft\Web Companion
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted C:\Users\Azareth\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG
Deleted C:\Users\Azareth\AppData\Roaming\Lavasoft\Web Companion

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7dbfba5f-07b8-4adf-942a-d8d2deab819a}|DisplayIcon
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7dbfba5f-07b8-4adf-942a-d8d2deab819a}|DisplayName
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7dbfba5f-07b8-4adf-942a-d8d2deab819a}|UninstallString
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKU\.DEFAULT\Software\Mozilla\NativeMessagingHosts\com.webcompanion.native
Deleted HKU\S-1-5-18\SOFTWARE\Mozilla\NativeMessagingHosts\com.webcompanion.native
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [4204 octets] - [20/10/2023 21:00:24]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

OK. Dejte nové logy FRST+Addition.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2023
Ran by Azareth (21-10-2023 18:23:31)
Running from C:\Users\Azareth\Downloads
Microsoft Windows 7 Ultimate Service Pack 1 (X64) (2020-04-27 13:25:53)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1201691987-3798675826-3542024472-500 - Administrator - Disabled)
Azareth (S-1-5-21-1201691987-3798675826-3542024472-1000 - Administrator - Enabled) => C:\Users\Azareth
Guest (S-1-5-21-1201691987-3798675826-3542024472-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
µTorrent (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\uTorrent) (Version: 3.5.5.45798 - BitTorrent Inc.)
ActiveSMART (HKLM-x32\...\ActiveSMART) (Version: 2.12.0 - Ariolic Software, Ltd.)
Adobe Acrobat Reader - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 23.006.20360 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601053}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AdoptOpenJDK JDK with Hotspot 15.0.0.36 (x64) (HKLM\...\{6FD8794F-74A7-4D10-95C0-0908CFDD571B}) (Version: 15.0.0.36 - AdoptOpenJDK)
Apache NetBeans IDE 12.1 (HKLM\...\nbi-nb-all-12.1.0.0.200825) (Version: 12.1 - Apache NetBeans)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 23.9.6082 - Avast Software)
Backup and Sync from Google (HKLM\...\{696895F7-52C7-4C9E-998B-C7E0CC907092}) (Version: 3.57.4256.0809 - Google, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BitTorrent Web (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\btweb) (Version: 1.3.0 - Rainberry, Inc.)
BlueStacks 5 (HKLM\...\BlueStacks_nxt) (Version: 5.9.0.1062 - BlueStack Systems, Inc.)
BlueStacks X (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\BlueStacks X) (Version: 0.17.1.1 - BlueStack Systems, Inc.)
Broadcom Gigabit Integrated Controller (HKLM\...\{F2205345-FA8D-474F-A2D9-FB31DB9663DF}) (Version: 12.32.01 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.5.1 - Broadcom Corporation)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.0.19 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.3.1.4 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.4.0 - Canon Inc.)
Canon MG3000 series Elektronická příručka (HKLM-x32\...\Canon MG3000 series Elektronická příručka) (Version: 1.3.0 - Canon Inc.)
Canon MG3000 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3000_series) (Version: 1.03 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.4 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.17 - Piriform)
CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 109.0.19987.122 - Autoři prohlížeče CCleaner Browser)
CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1067.0 - Piriform Software) Hidden
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1583.3 - Piriform Software) Hidden
CPUID CPU-Z 2.05 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.05 - CPUID, Inc.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.40.2.0131 - DT Soft Ltd)
DivX Total Pack (HKLM-x32\...\DivX Total Pack) (Version: - )
Docker Toolbox version 19.03.1 (HKLM\...\{FC4417F0-D7F3-48DB-BCE1-F5ED5BAFFD91}_is1) (Version: 19.03.1 - Docker)
Energy Management (HKLM-x32\...\{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.0 - Lenovo) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.0 - Lenovo)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FormApps Signing Extension (HKLM-x32\...\{2ADAFEB7-56C5-497F-8960-67DA46A81838}) (Version: 2.27.0.46 - Software602 a.s.)
Git version 2.19.2 (HKLM\...\Git_is1) (Version: 2.19.2 - The Git Development Community)
GitHub Desktop (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\GitHubDesktop) (Version: 2.7.1 - GitHub, Inc.)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 68.0.2.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 109.0.5414.120 - Google LLC)
ChatGPT (HKLM\...\{DB96D069-D23D-4B36-BC7C-949F4D9B06E7}) (Version: 1.1.0 - lencx)
inSSIDer (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\inSSIDer) (Version: 5.5.0 - MetaGeek, LLC)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
IntelliJ IDEA Community Edition 2021.2.2 (HKLM-x32\...\IntelliJ IDEA Community Edition 2021.2.2) (Version: 212.5284.40 - JetBrains s.r.o.)
Java 8 Update 251 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180251F0}) (Version: 8.0.2510.8 - Oracle Corporation)
Kubernetes - Minikube - A Local Kubernetes Development Environment (HKLM-x32\...\Kubernetes Minikube) (Version: 1.31.2 - Kubernetes)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0333}) (Version: 1.10.1209.1 - Lenovo EasyCamera)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.7 - Lenovo)
Microsoft .NET Framework 4.8 (CSY) (HKLM\...\{39DC4515-B8C1-3AD9-AA88-D7C8A333612F}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{16735AF7-1D8D-3681-94A5-C578A61EC832}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.50 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 109.0.1518.140 - Microsoft Corporation)
Microsoft Office Standard 2016 - cs-cz (HKLM\...\StandardRetail - cs-cz) (Version: 16.0.12527.22286 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Microsoft Power BI Desktop (x64) (HKLM\...\{c60894d7-4f03-4ab0-9087-8f08eaa7e605}) (Version: 2.86.902.0 - Microsoft Corporation) Hidden
Microsoft PowerBI Desktop (x64) (HKLM-x32\...\{faca4f6e-ba68-429d-80e5-6699b9fa8601}) (Version: 2.86.902.0 - Microsoft Corporation)
Microsoft Teams classic (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Teams) (Version: 1.6.00.27573 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.22.27821 (HKLM\...\{6E2C7A8E-B17A-4637-9CE9-F0B1157CF378}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.22.27821 (HKLM\...\{0093C20C-273D-4397-B623-515CB8616CB9}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.22.27821 (HKLM-x32\...\{3BDE80F7-7EC9-448E-8160-4ADA0CDA8879}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.22.27821 (HKLM-x32\...\{1E6FC929-567E-4D22-9206-C5B83F0A21B9}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.70.3 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Npcap (HKLM-x32\...\NpcapInst) (Version: 1.76 - Nmap Project)
NVIDIA 3D Vision Controller Driver (HKLM-x32\...\NVIDIA StereoUSB Driver) (Version: 266.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation)
NVIDIA GeForce NOW 2.0.53.154 (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GeForceNOW) (Version: 2.0.53.154 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12527.22270 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12527.22270 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.12527.22270 - Microsoft Corporation) Hidden
Pilulka (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\7956b9e08e731279722fe8fef4672f96) (Version: 1.0 - Google\Chrome)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 5.0.3.377 - Jan Fiala)
Python 3.8.6 (64-bit) (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\{fef707d7-d438-4dd9-bb0f-5788ee658f4f}) (Version: 3.8.6150.0 - Python Software Foundation)
Python 3.8.6 Add to Path (64-bit) (HKLM\...\{0CD35A78-6567-46C1-BC82-E258D6C3D66C}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python 3.8.6 Core Interpreter (64-bit) (HKLM\...\{DE282FFC-F4AD-416A-8479-F3C72F94C967}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python 3.8.6 Development Libraries (64-bit) (HKLM\...\{59704C10-77A1-4D72-A97B-8FB2A933985B}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python 3.8.6 Documentation (64-bit) (HKLM\...\{558E2EFE-87D5-4E3F-B050-D4DEC548EA02}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python 3.8.6 Executables (64-bit) (HKLM\...\{7F55BD37-4437-47EE-8C82-3103E19DB114}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python 3.8.6 pip Bootstrap (64-bit) (HKLM\...\{28B1EC39-1C9F-482C-BFF7-4D347CE5ADED}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python 3.8.6 Standard Library (64-bit) (HKLM\...\{04BA74DE-13BE-477C-8FE5-19F247C0D555}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python 3.8.6 Tcl/Tk Support (64-bit) (HKLM\...\{79C40B8F-BC99-4FFF-8E1E-F05D246E772C}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python 3.8.6 Test Suite (64-bit) (HKLM\...\{3968C4C7-904D-4571-BC22-1CD8B87549D7}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python 3.8.6 Utility Scripts (64-bit) (HKLM\...\{0A041F8F-4124-46CC-B021-AB8E70A873EC}) (Version: 3.8.6150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{3B82A91D-DB48-4160-94D2-0B8C6D2B1710}) (Version: 3.8.7205.0 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6339 - Realtek Semiconductor Corp.)
REDlauncher (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - GOG.com)
Registrace uživatele zařízení Canon MG3000 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG3000 series) (Version: - ‭Canon Inc.)
Skype verze 8.67 (HKLM-x32\...\Skype_is1) (Version: 8.67 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
StarLeaf (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\StarLeaf) (Version: - StarLeaf)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.3 - TeamSpeak Systems GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.14.5 - TeamViewer)
uTorrent Web (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\utweb) (Version: 1.3.0 - Rainberry, Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Windows Driver Package - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo)
WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)
WinSCP 5.17.7 (HKLM-x32\...\winscp3_is1) (Version: 5.17.7 - Martin Prikryl)
Wondershare Filmora 12(Build 12.3.7.2586) (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Wondershare Filmora 12_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
XAMPP (HKLM\...\xampp) (Version: 7.4.11-0 - Bitnami)
Zoom (HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\ZoomUMX) (Version: 5.10.4 (5035) - Zoom Video Communications, Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1201691987-3798675826-3542024472-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Azareth\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll => No File
CustomCLSID: HKU\S-1-5-21-1201691987-3798675826-3542024472-1000_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Azareth\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.23241.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1201691987-3798675826-3542024472-1000_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2023-01-11] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2023-01-11] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2023-01-11] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2023-01-11] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-09-28] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-09-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-09-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2023-01-11] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-09-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2023-01-11] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\68.0.2.0\drivefsext.dll [2023-01-11] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-06-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2023-09-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-03-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-1201691987-3798675826-3542024472-1000: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\SysWOW64\DivXa32.acm [291408 2000-04-01] (Hacked With Joy !) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Azareth\Desktop\Jitsi Meet.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=jlaadppkhiohgnkipndimgjkoeifjhfm
ShortcutWithArgument: C:\Users\Azareth\Desktop\Pilulka.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hpdppkdegfmnmgbgceebhigdehgbingn
ShortcutWithArgument: C:\Users\Azareth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Jitsi Meet.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=jlaadppkhiohgnkipndimgjkoeifjhfm
ShortcutWithArgument: C:\Users\Azareth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Pilulka.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hpdppkdegfmnmgbgceebhigdehgbingn

==================== Loaded Modules (Whitelisted) =============

2023-08-17 15:17 - 2016-07-21 10:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2023-08-17 15:17 - 2017-09-12 10:34 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2023-10-21 16:45 - 2023-10-21 16:45 - 000114176 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\_ctypes.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000172544 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\_elementtree.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 002255872 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\_hashlib.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000032256 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\_multiprocessing.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000046080 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\_psutil_windows.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000047616 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\_socket.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 002825216 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\_ssl.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000026112 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\_yappi.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000080896 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\bz2.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000015872 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\common.time34.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000007680 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\hashobjs_ext.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000301568 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\PIL._imaging.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000168448 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\pyexpat.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 001084416 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\pysqlite2._sqlite.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000548864 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\pythoncom27.dll
2023-10-21 16:45 - 2023-10-21 16:45 - 000137728 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\pywintypes27.dll
2023-10-21 16:45 - 2023-10-21 16:45 - 000010752 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\select.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000020992 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\thumbnails_ext.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000689664 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\unicodedata.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000119808 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\usb_ext.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000128512 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\win32api.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000438784 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\win32com.shell.shell.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000011776 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\win32crypt.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000023040 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\win32event.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000149504 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\win32file.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000223232 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\win32gui.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000048128 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\win32inet.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000029696 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\win32pdh.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000027648 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\win32pipe.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000044032 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\win32process.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000020480 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\win32profile.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000136192 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\win32security.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000026624 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\win32ts.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000034304 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\windows.conditional.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000037888 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\windows.connectivity.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000071680 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\windows.device_monitor.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000103936 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\windows.volumes.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000019968 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\windows.winwrap.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 001325056 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\wx._controls_.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 001489408 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\wx._core_.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 001007104 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\wx._gdi_.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000103424 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\wx._html2.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 000916992 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\wx._misc_.pyd
2023-10-21 16:45 - 2023-10-21 16:45 - 001039872 _____ () [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\wx._windows_.pyd
2023-08-06 23:51 - 2023-08-06 23:51 - 001490944 _____ () [File not signed] C:\Users\Azareth\AppData\Roaming\uTorrent Web\avcodec-58.dll
2023-08-06 23:51 - 2023-08-06 23:51 - 000949248 _____ () [File not signed] C:\Users\Azareth\AppData\Roaming\uTorrent Web\avformat-58.dll
2023-08-06 23:51 - 2023-08-06 23:51 - 000635392 _____ () [File not signed] C:\Users\Azareth\AppData\Roaming\uTorrent Web\avutil-56.dll
2023-08-06 23:51 - 2023-08-06 23:51 - 000153088 _____ () [File not signed] C:\Users\Azareth\AppData\Roaming\uTorrent Web\swresample-3.dll
2020-05-07 08:33 - 2017-07-05 13:49 - 000593920 _____ (CANON INC.) [File not signed] [File is in use] C:\Program Files (x86)\Canon\Quick Menu\CNQMMWRP.dll
2022-01-27 12:15 - 2015-06-17 17:01 - 000008192 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_CSY.DLL
2022-01-27 12:15 - 2015-06-17 17:00 - 000104960 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_IMG.dll
2020-05-07 08:33 - 2017-07-05 13:43 - 000561152 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\Quick Menu\CCL.dll
2021-11-07 17:52 - 2021-11-07 17:52 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2021-11-07 17:52 - 2021-11-07 17:52 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2021-11-07 17:52 - 2021-11-07 17:52 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2021-11-07 17:52 - 2021-11-07 17:52 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2021-11-07 17:52 - 2021-11-07 17:52 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2021-11-07 17:52 - 2021-11-07 17:52 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2021-11-07 17:52 - 2021-11-07 17:52 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll
2021-11-07 17:52 - 2021-11-07 17:52 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll
2021-11-07 17:52 - 2021-11-07 17:52 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2021-11-07 17:52 - 2021-11-07 17:52 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2021-11-07 17:52 - 2021-11-07 17:52 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\msvcp140.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\MSVCP140.dll
2021-11-07 17:52 - 2021-11-07 17:52 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\ucrtbase.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\ucrtbase.DLL
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\ucrtbase.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\ucrtbase.DLL
2021-11-07 17:52 - 2021-11-07 17:52 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\vcruntime140.dll] C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\VCRUNTIME140.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\vcruntime140.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\VCRUNTIME140.dll
2023-10-19 21:28 - 2023-10-19 21:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\vcruntime140_1.dll] C:\Program Files\Avast Software\Avast\defs\23101906\avast.local_vc142.crt\VCRUNTIME140_1.dll
2023-10-21 16:45 - 2023-10-21 16:45 - 003043328 _____ (Python Software Foundation) [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\python27.dll
2023-08-06 23:51 - 2023-08-06 23:51 - 002554880 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Users\Azareth\AppData\Roaming\uTorrent Web\libcrypto-1_1.dll
2023-08-06 23:51 - 2023-08-06 23:51 - 000537600 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Users\Azareth\AppData\Roaming\uTorrent Web\libssl-1_1.dll
2023-08-17 15:17 - 2017-09-12 10:36 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll
2023-10-21 16:45 - 2023-10-21 16:45 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\wxbase30u_net_vc90_x64.dll
2023-10-21 16:45 - 2023-10-21 16:45 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\wxbase30u_vc90_x64.dll
2023-10-21 16:45 - 2023-10-21 16:45 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\wxmsw30u_adv_vc90_x64.dll
2023-10-21 16:45 - 2023-10-21 16:45 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\wxmsw30u_core_vc90_x64.dll
2023-10-21 16:45 - 2023-10-21 16:45 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\wxmsw30u_html_vc90_x64.dll
2023-10-21 16:45 - 2023-10-21 16:45 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Azareth\AppData\Local\Temp\_MEI52282\wxmsw30u_webview_vc90_x64.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:B755D674 [134]
AlternateDataStreams: C:\Users\Azareth\Application Data:6699d3ee8dd9cf775caae782c8f44f03 [394]
AlternateDataStreams: C:\Users\Azareth\AppData\Roaming:6699d3ee8dd9cf775caae782c8f44f03 [394]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [490]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 11) (Whitelisted) ==========

BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_251\bin\ssv.dll [2020-07-08] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2021-07-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-07-08] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-04-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2021-07-19] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-09-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-09-20] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\AdoptOpenJDK\jdk-15.0.0.36-hotspot\bin;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Git\cmd
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Azareth\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 1.1.1.1 - 1.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: ) (ConsentPromptBehaviorUser: ) (EnableLUA: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C3D0169D-E423-43B2-A9F1-82D90F808499}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{268EA943-A9F5-4B03-BC00-58EE35917216}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4463F500-2E0E-4F6F-8317-41CF5057EB01}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EEB87C4F-A862-4427-BD38-98C097439763}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{40B8E80C-C3FE-43BA-8A78-E56D8390219D}C:\users\azareth\desktop\utorrent\utorrent.exe] => (Allow) C:\users\azareth\desktop\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{64E36E68-B8EE-40AA-9C6C-123EADC1BBC5}C:\users\azareth\desktop\utorrent\utorrent.exe] => (Allow) C:\users\azareth\desktop\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{DEA8167A-1DD6-4FC4-B907-31D1B99F3F0B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{29FE9DDE-2341-4A34-8D18-1770CD73DC70}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{85B1774B-9F32-445F-B1C3-7C4BFF611B67}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{457DDB9B-5BCC-4189-A55A-44AF713435BA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{E69DB11A-1521-488C-A187-1B3F8E6B3C25}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{66EC055D-F17B-4856-8DA8-AD5C3D757A12}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1BE4A71F-AD12-4F0C-BD72-74758AD786D2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B9BF44AF-E01A-42B5-92FA-EFC16537B726}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B069DFCE-538A-4B1E-A017-4A553267608F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{5E3F6726-D520-408B-9250-22675EAB349A}C:\users\azareth\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\azareth\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{E60BE4A2-1AAE-46FC-81A2-E36E43A8835E}C:\users\azareth\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\azareth\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{F2D8D5DB-01E4-40D3-B147-87AC027934FC}C:\users\azareth\desktop\teamspeak3-server_win64\ts3server.exe] => (Allow) C:\users\azareth\desktop\teamspeak3-server_win64\ts3server.exe (TeamSpeak Systems GmbH -> TeamSpeak Systems GmbH)
FirewallRules: [UDP Query User{8BCC844E-D4D4-4748-AEE0-7DBFB89AC5F9}C:\users\azareth\desktop\teamspeak3-server_win64\ts3server.exe] => (Allow) C:\users\azareth\desktop\teamspeak3-server_win64\ts3server.exe (TeamSpeak Systems GmbH -> TeamSpeak Systems GmbH)
FirewallRules: [TCP Query User{E84DCF75-7CEC-455D-88A4-83108691E79F}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [UDP Query User{047E92EF-36A3-4441-B0F9-1A06FD0C5A9C}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [{06C84385-989D-4978-B3E2-D70937FF0E5D}] => (Allow) LPort=80
FirewallRules: [{7253B2E0-BDED-4CBF-AC8B-26085B50EFC4}] => (Allow) C:\xampp\xampp_start.exe (Apache Friends) [File not signed]
FirewallRules: [{686E685E-6D13-4B46-A210-CE0F2303876F}] => (Allow) C:\xampp\xampp_start.exe (Apache Friends) [File not signed]
FirewallRules: [{5315001D-1954-4B22-9BA6-285801726CCE}] => (Allow) C:\Users\Azareth\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{E323FD69-B750-4D16-BA26-5B79559194C2}] => (Allow) C:\Program Files\Microsoft Power BI Desktop\bin\msmdsrv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{55B5EFDC-96FC-46E2-B2A0-183A8BA12BFE}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9AB48081-31EB-4932-9AF1-CB654AA10E54}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C2D306FA-F535-49A2-B4FE-01D77D0764CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [{F2F0CAFB-F961-423C-B600-B30790B57C30}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe => No File
FirewallRules: [TCP Query User{81E48AEF-C282-450A-9864-449D2F2D78B9}C:\program files\ascension launcher\ascension launcher.exe] => (Allow) C:\program files\ascension launcher\ascension launcher.exe => No File
FirewallRules: [UDP Query User{7724F964-2B78-43A9-8420-BDC72F05B43D}C:\program files\ascension launcher\ascension launcher.exe] => (Allow) C:\program files\ascension launcher\ascension launcher.exe => No File
FirewallRules: [{8F4A44DA-32E8-4D56-B293-618094546E94}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0EFD3AC2-E653-4DD7-A984-97C670C66D98}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7F7706E0-7590-47DC-9E6E-0A825F6EA77E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{12850751-BA5C-42A2-9788-4AAA6ED97C8A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F0513F4D-4AFA-437E-9637-0559A706D8C9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{8CD2F793-F1DA-4C7C-8FB9-C707F2DD68A5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A504E568-F569-40C2-B523-9E1C09520060}] => (Allow) C:\Users\Azareth\AppData\Local\StarLeaf\StarLeaf\1\StarLeafc.exe (StarLeaf Ltd -> StarLeaf Ltd.)
FirewallRules: [{77C1F7EF-8F66-4AA3-8DD9-CE80E5649313}] => (Allow) C:\Users\Azareth\AppData\Local\StarLeaf\StarLeaf\2\StarLeafc.exe (StarLeaf Ltd -> StarLeaf Ltd.)
FirewallRules: [{3CFF67EF-872A-46BB-9F6C-B26C03760541}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{068762B1-7D91-4A67-BBC7-2A1668DB12E8}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{5DEC74BC-F458-4274-91DB-D7CA5F479AEA}] => (Allow) C:\Users\Azareth\AppData\Roaming\BitTorrent Web\btweb.exe => No File
FirewallRules: [{31036023-DD38-41B3-96E9-B8904E31A245}] => (Allow) C:\Users\Azareth\AppData\Roaming\BitTorrent Web\btweb.exe => No File
FirewallRules: [{233F3575-972F-4593-95FC-1E8D110CA082}] => (Allow) C:\Users\Azareth\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{F7F01701-40F2-44E4-91FF-77F2E2B82866}] => (Allow) C:\Users\Azareth\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{A4214290-C2BE-4605-84F6-1F0E7C06FC14}] => (Allow) C:\Users\Azareth\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{C573431D-6297-4F10-B463-D4F0B5C2DE2C}C:\users\azareth\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\azareth\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{7FF8DEC8-397B-43C5-8DD7-63C5D0E7EFC6}C:\users\azareth\appdata\local\programs\microsoft vs code\code.exe] => (Allow) C:\users\azareth\appdata\local\programs\microsoft vs code\code.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{07EAE3FA-5D2B-4831-B0F1-5C5B9F8D240E}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.)
FirewallRules: [{1BC5E4DC-689F-40EC-9C25-A32A7689C132}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.)
FirewallRules: [{489A8295-0D52-4BF4-A054-A50E523A7C48}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe (Bluestack Systems, Inc -> BlueStack Systems)
FirewallRules: [{3355ECED-70C8-42EE-8215-BF7719056904}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{687AE984-3D1B-4D23-BE0D-344FD74BF811}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FirewallRules: [{FE68F7C5-FE57-4FFE-834F-EF01D6571919}] => (Allow) C:\Users\Azareth\AppData\Roaming\BitTorrent Web\btweb.exe => No File
FirewallRules: [{75B11104-2A44-48ED-BA37-ED62A780A296}] => (Allow) C:\Users\Azareth\AppData\Roaming\BitTorrent Web\btweb.exe => No File
FirewallRules: [TCP Query User{0D1B9709-71ED-4A82-AFF0-EBC6AF4D8B1A}C:\users\azareth\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\azareth\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{B8821249-2A57-4F8B-8881-0CF245F0AE01}C:\users\azareth\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\azareth\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EF5D316F-A085-4A2B-AAAA-0A9E42486166}] => (Allow) C:\Users\Azareth\AppData\Roaming\uTorrent Web\utweb.exe (Rainberry Inc -> BitTorrent Inc.)
FirewallRules: [{FBE1976B-05A5-4F39-95EE-D6F99F386EE1}] => (Allow) C:\Users\Azareth\AppData\Roaming\uTorrent Web\utweb.exe (Rainberry Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{9456E5CE-8F7F-42B8-8A26-6793EB108529}C:\program files\jetbrains\intellij idea community edition 2021.2.2\jbr\bin\java.exe] => (Allow) C:\program files\jetbrains\intellij idea community edition 2021.2.2\jbr\bin\java.exe
FirewallRules: [UDP Query User{28270238-FA7E-484E-9110-3083CC87C683}C:\program files\jetbrains\intellij idea community edition 2021.2.2\jbr\bin\java.exe] => (Allow) C:\program files\jetbrains\intellij idea community edition 2021.2.2\jbr\bin\java.exe
FirewallRules: [{A7723DCC-7340-40D3-BA86-A2CB3710DD42}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.140\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

06-10-2023 16:12:33 Scheduled Checkpoint
12-10-2023 02:52:21 Windows Update
20-10-2023 00:07:39 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============

Name: VirtualBox Bridged Networking Driver Miniport #7
Description: VirtualBox Bridged Networking Driver Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetFlt
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (10/21/2023 04:45:43 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Lenovo\Boot Optimizer\MFC80UD.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (10/21/2023 09:11:38 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Lenovo\Boot Optimizer\MFC80UD.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (10/20/2023 11:26:18 PM) (Source: Software Protection Platform Service) (EventID: 1001) (User: )
Description: Spuštění služby Ochrana softwaru se nezdařilo. 0xD000010A
6.1.7601.17514

Error: (10/20/2023 11:26:18 PM) (Source: Software Protection Platform Service) (EventID: 1001) (User: )
Description: Spuštění služby Ochrana softwaru se nezdařilo. 0xD000010A
6.1.7601.17514

Error: (10/20/2023 11:26:13 PM) (Source: Software Protection Platform Service) (EventID: 1001) (User: )
Description: Spuštění služby Ochrana softwaru se nezdařilo. 0xD000010A
6.1.7601.17514

Error: (10/20/2023 11:26:12 PM) (Source: Software Protection Platform Service) (EventID: 1001) (User: )
Description: Spuštění služby Ochrana softwaru se nezdařilo. 0xD000010A
6.1.7601.17514

Error: (10/20/2023 11:26:12 PM) (Source: Software Protection Platform Service) (EventID: 1001) (User: )
Description: Spuštění služby Ochrana softwaru se nezdařilo. 0xD000010A
6.1.7601.17514

Error: (10/20/2023 06:01:38 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Lenovo\Boot Optimizer\MFC80UD.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.


System errors:
=============
Error: (10/21/2023 06:26:52 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} se v daném časovém limitu neregistroval u služby DCOM.

Error: (10/21/2023 04:46:38 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Launch pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (Using LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/21/2023 04:45:48 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 80.

Error: (10/21/2023 04:45:46 PM) (Source: sptd) (EventID: 4) (User: )
Description: Ovladač zjistil interní chybu ve vlastní struktuře dat u .

Error: (10/21/2023 09:12:37 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Launch pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (Using LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/21/2023 09:11:44 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 80.

Error: (10/21/2023 09:11:41 AM) (Source: sptd) (EventID: 4) (User: )
Description: Ovladač zjistil interní chybu ve vlastní struktuře dat u .

Error: (10/21/2023 09:11:41 AM) (Source: sptd) (EventID: 4) (User: )
Description: Ovladač zjistil interní chybu ve vlastní struktuře dat u .


==================== Memory info ===========================

BIOS: LENOVO 47CN30WW(V2.08) 08/01/2011
Motherboard: LENOVO Base Board Product Name
Processor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Percentage of memory in use: 88%
Total physical RAM: 8135.86 MB
Available physical RAM: 974.77 MB
Total Virtual: 16269.86 MB
Available Virtual: 4589.45 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:223.47 GB) (Free:9.83 GB) (Model: KINGSTON SA400S37240G ATA Device) NTFS
Drive d: () (Fixed) (Total:29.82 GB) (Free:3.02 GB) (Model: SAMSUNG MMCRE32GEDXP-MVBL1 ATA Device) NTFS

\\?\Volume{0c0fbdce-888a-11ea-afec-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: E1E2FABC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Size: 29.8 GB) (Disk ID: 6A205247)
No partition Table on disk 1.

==================== End of Addition.txt =======================

Kde je log FRST? Tohle je pouze Addáition.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-10-2023
Ran by Azareth (administrator) on AZARETH-PC (LENOVO 20091) (21-10-2023 18:22:16)
Running from C:\Users\Azareth\Downloads\FRST64 (1).exe
Loaded Profiles: Azareth
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X64) Language: Angličtina (Spojené státy) -> Čeština (Česká republika)
Default browser: IE
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <3>
(C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE ->) (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <6>
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(C:\Users\Azareth\AppData\Roaming\uTorrent Web\utweb.exe ->) (Rainberry Inc -> BitTorrent Inc.) C:\Users\Azareth\AppData\Roaming\uTorrent Web\helper\helper.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(explorer.exe ->) (DT Soft Ltd -> DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\68.0.2.0\crashpad_handler.exe <3>
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <37>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(explorer.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(explorer.exe ->) (Lenovo (Beijing) Limited -> Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(explorer.exe ->) (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(explorer.exe ->) (Rainberry Inc -> BitTorrent Inc.) C:\Users\Azareth\AppData\Roaming\uTorrent Web\utweb.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Azareth\AppData\Local\Microsoft\Teams\current\Teams.exe <6>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2020-04-27] (Lenovo (Beijing) Limited -> Lenovo)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11786344 2011-03-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9753024 2020-04-27] (Lenovo (Beijing) Limited -> Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2020-04-27] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [255896 2023-09-28] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [270912 2015-06-17] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2023-01-11] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2023-01-11] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd -> DT Soft Ltd)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [42727840 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [49958368 2022-02-01] (Google LLC -> )
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91016568 2020-12-02] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Azareth\AppData\Local\Microsoft\Teams\Update.exe [2589872 2023-10-10] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2023-01-11] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4375912 2023-09-29] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\Run: [utweb] => C:\Users\Azareth\AppData\Roaming\uTorrent Web\utweb.exe [6418944 2023-08-06] (Rainberry Inc -> BitTorrent Inc.)
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\MountPoints2: {1b68cac0-8921-11ea-98fb-806e6f6e6963} - F:\setupx64.bat
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\68.0.2.0\GoogleDriveFS.exe [50728728 2023-01-11] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2020-04-28] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon MG3000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDG.DLL [30720 2016-06-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3000 series: C:\Windows\system32\CNMLMDG.DLL [485376 2016-06-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3000 series XPS: C:\Windows\system32\CNMXLMDG.DLL [487424 2016-05-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\109.0.19987.122\Installer\chrmstp.exe [2023-01-31] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\109.0.5414.120\Installer\chrmstp.exe [2023-01-28] (Google LLC -> Google LLC)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [182784 2018-03-25] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [159704 2018-03-25] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {923317A8-2671-4B9A-8081-65CBC53C8EB4} - System32\Tasks\{53B35AF0-6B3A-4A0A-BBB3-97A8DE7CFD65} => C:\Drivers\Camera driver(Bison,Chicony,Suyin,Liteon)\Setup.exe [33136 2010-09-02] (Compal Electronics, Inc. -> COMPAL)
Task: {3F64947B-0BFC-4249-8F30-4A4D2AE60BEF} - System32\Tasks\{90CD3027-AF77-49E0-9F3A-AD9891C3106C} => C:\Drivers\Camera driver(Bison,Chicony,Suyin,Liteon)\Setup.exe [33136 2010-09-02] (Compal Electronics, Inc. -> COMPAL)
Task: {18987115-B4F6-4055-80CE-47DBFF185A32} - System32\Tasks\{C966908C-75CA-4106-92A2-F79AA11CA6A1} => C:\Windows\system32\pcalua.exe [9728 2019-06-12] (Microsoft Windows -> Microsoft Corporation) -> -a "C:\Drivers\Camera driver(Bison,Chicony,Suyin,Liteon)\Setup.exe" -d "C:\Drivers\Camera driver(Bison,Chicony,Suyin,Liteon)"
Task: {42CCA8EE-2276-4ADC-8291-ADCD1FD8A02B} - System32\Tasks\{DA1F993B-7319-461F-9278-B9D8AB7812A7} => C:\Windows\system32\pcalua.exe [9728 2019-06-12] (Microsoft Windows -> Microsoft Corporation) -> -a "C:\Program Files\Microsoft Office\root\integration\OneDriveSetup.exe" -d F:\Office -c C:\Program Files\Microsoft Office\root\integration\OneDriveSetup.exe /silent /permachine /silent /childprocess /cusid:S-1-5-21-1201691987-3798675826-3542024472-1000
Task: {27E9919E-F8BB-41C1-9135-683FAE6AF2B0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {6649E94D-1A19-4322-9EAF-C72C6E83F7D9} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-08] (Adobe Inc. -> Adobe)
Task: {C4A2D2B9-1433-4075-A2A6-3A768876FD06} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
Task: {C91BEE1E-BC16-45F7-AC90-22A9E538785E} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5135256 2023-09-28] (Avast Software s.r.o. -> AVAST Software)
Task: {5162A659-4F69-4AA1-8CAE-6BAD8CF61603} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-01] (Avast Software s.r.o. -> Avast Software)
Task: {BEDFC920-770E-437F-8F70-86088733828F} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [275136 2022-07-18] (Bluestack Systems, Inc -> BlueStack Systems, Inc.)
Task: {687E0CF6-F8FC-4078-A71F-F1C2F9569251} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3277472 2023-01-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {2FDAEBD1-A20F-4E82-8071-6B36A9FBFAEB} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3277472 2023-01-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {AE0EEFD8-37C2-4324-A5D1-6B69707EBDC4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {E0947491-92A9-43AD-A3D0-647EE26906B9} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "e12937ae-5955-4604-a50e-a3518a5b1f27" --version "6.17.10746" --silent
Task: {6A4A364E-2141-4984-9051-CD3DB89974B7} - System32\Tasks\CCleanerSkipUAC - Azareth => C:\Program Files\CCleaner\CCleaner.exe [35664800 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {5527D957-AE4A-43E8-A770-2CA166124586} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {B0D29E00-7FE3-45C3-A026-DC0DB6C9D3F1} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {14C505B1-1E44-44B6-8909-D19467D02217} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-27] (Google LLC -> Google LLC)
Task: {9E69560B-BA5E-4D82-B658-B0B8E8297143} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-27] (Google LLC -> Google LLC)
Task: {F0909D45-F39D-4EC9-8184-C4EF1B137CE3} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24614400 2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {FC5E0655-A474-4152-8FB8-C6C1BF377C68} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24614400 2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {949170DE-A988-4FA5-8517-D093D1D4E715} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [160728 2023-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {4AB78676-5E61-45FE-8D86-A668242536B0} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [160728 2023-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0F9C67D-BA7B-4137-AB30-AFA0F1A6B70B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6160864 2023-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {6243AE14-B145-4E7A-96AA-B78E5E77D444} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6160864 2023-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {F03088C5-701F-4D4E-97B1-48A1FCC8F00D} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task (No File)
Task: {93548985-FF8C-4C36-A395-088E1B30D8BC} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [815 2022-11-22] () [File not signed]
Task: {5D5501B6-99BD-46B6-9E9D-C9733642A16F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {E496C2CC-8100-438D-9FF4-305B94A79E58} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1542080 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B6570DB5-E2BE-4C5E-AA47-A2FD4CF1F8B0} - System32\Tasks\NVIDIA GeForceNow_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Users\Azareth\AppData\Local\NVIDIA Corporation\GeForceNOW\CEF\GeForceNOW.exe [3848744 2023-06-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {34366116-F5B1-4C10-BD07-58ADB2E7ADEF} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [960448 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2A174470-37C1-4EC3-915D-8E49BB9E88E8} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [655296 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {808F8A44-EC3C-4BD3-BC62-7546DC571CFF} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [655296 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5CDE6BFF-F762-4AEE-B3A3-1925C8751B5A} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436160 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {041946D5-DA89-49A5-AD2F-EEF631429721} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728000 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {84A1BD23-864B-44DE-9E12-5D4DBEEA299A} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [728000 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {80B9B50A-1D2B-44F2-9D05-C91080F59169} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [1174016 2010-11-20] (Microsoft Windows -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{7AC04196-1B18-439A-9168-5D688B3C4E15}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{7AC04196-1B18-439A-9168-5D688B3C4E15}: [DhcpNameServer] 31.30.90.11 31.30.90.12

Edge:
=======
Edge Profile: C:\Users\Azareth\AppData\Local\Microsoft\Edge\User Data\Default [2023-07-07]

FireFox:
========
FF DefaultProfile: 9ckfsfhp.default
FF ProfilePath: C:\Users\Azareth\AppData\Roaming\Mozilla\Firefox\Profiles\9ckfsfhp.default [2020-04-27]
FF ProfilePath: C:\Users\Azareth\AppData\Roaming\Mozilla\Firefox\Profiles\gz5r0ri9.default-release [2023-10-21]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Azareth\AppData\Roaming\Mozilla\Firefox\Profiles\gz5r0ri9.default-release\Extensions\sp@avast.com.xpi [2020-04-27]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-07-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-07-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-04-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2019-07-02] (CANON INC.) [File not signed]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-04-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-10-09] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Azareth\AppData\Local\Google\Chrome\User Data\Default [2023-10-21]
CHR DefaultSearchURL: Default -> hxxps://search.seznam.cz/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> seznam.cz
CHR DefaultSuggestURL: Default -> hxxps://suggest.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Extension: (Dokumenty Google offline) - C:\Users\Azareth\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-30]
CHR Extension: (FormApps Extension) - C:\Users\Azareth\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2022-10-20]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\Azareth\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-01-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Azareth\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-03]
CHR HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

Opera:
=======
OPR Profile: C:\Users\Azareth\AppData\Roaming\Opera Software\Opera Stable [2023-07-07]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 ActiveSMART Service; C:\Program Files (x86)\ActiveSMART 2.12.0\ASmartService.exe [2551544 2020-08-02] (Ariolic Software Ltd -> Ariolic Software, Ltd. (hxxp://www.ariolic.com))
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [9090968 2023-09-28] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [776088 2023-09-28] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [796568 2023-09-28] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-05-20] (Avast Software s.r.o. -> AVAST Software)
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\109.0.19987.122\elevation_service.exe [1802832 2023-01-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11139576 2023-01-02] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [802432 2020-08-10] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [445432 2021-04-19] (Canon Inc. -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12835096 2021-01-28] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [31528 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [240176 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [392984 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [297992 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [96064 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [39760 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [275168 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [559696 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [23472 2023-04-11] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [105248 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [80416 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [950696 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [708048 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [213192 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [319560 2023-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [321792 2022-07-18] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 cpuz157; C:\Windows\temp\cpuz157\cpuz157_x64.sys [43016 2023-09-23] (Microsoft Windows Hardware Compatibility Publisher -> CPUID)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2020-04-28] (DT Soft Ltd -> DT Soft Ltd)
R1 googledrivefs3758; C:\Windows\System32\DRIVERS\googledrivefs3758.sys [386632 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R1 npcap; C:\Windows\System32\DRIVERS\npcap.sys [67536 2023-07-19] (Insecure.Com LLC -> Insecure.Com LLC.)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [513080 2020-04-28] () [File not signed] [File is in use]
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [74048 2020-08-04] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
U3 ahoikiaj; C:\Windows\System32\Drivers\ahoikiaj.sys [0 0000-00-00] (Microsoft Corporation) <==== ATTENTION [zero byte File/Folder]
U4 npcap_wifi; no ImagePath
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-10-21 18:20 - 2023-10-21 18:21 - 002383360 _____ (Farbar) C:\Users\Azareth\Downloads\FRST64 (1).exe
2023-10-20 20:58 - 2023-10-20 21:02 - 000000000 ____D C:\AdwCleaner
2023-10-20 20:58 - 2023-10-20 20:58 - 008791352 _____ (Malwarebytes) C:\Users\Azareth\Downloads\adwcleaner.exe
2023-10-20 13:32 - 2023-10-20 13:37 - 000070080 _____ C:\Users\Azareth\Downloads\Addition.txt
2023-10-20 13:31 - 2023-10-21 18:23 - 000031532 _____ C:\Users\Azareth\Downloads\FRST.txt
2023-10-17 14:47 - 2023-10-21 18:22 - 000000000 ____D C:\FRST
2023-10-17 14:47 - 2023-10-17 14:47 - 002383360 _____ (Farbar) C:\Users\Azareth\Downloads\FRST64.exe
2023-10-15 20:21 - 2023-10-15 20:30 - 3184589596 _____ C:\Users\Azareth\Downloads\Nepotvrzeno 19152.crdownload
2023-10-14 09:08 - 2023-10-14 09:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2023-10-14 09:05 - 2023-10-14 09:06 - 044112056 _____ (The Git Development Community ) C:\Users\Azareth\Downloads\Git-2.19.2-64-bit.exe
2023-10-12 16:17 - 2023-10-12 16:32 - 012187975 _____ C:\Users\Azareth\Downloads\aircrack-ng-1.7-win.zip
2023-10-12 12:40 - 2023-10-12 12:41 - 001498192 _____ C:\Users\Azareth\Downloads\Osobni dotaznik NAKIT (1).pdf
2023-10-10 12:46 - 2023-10-10 12:46 - 000002263 _____ C:\Users\Azareth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams classic.lnk
2023-10-10 12:46 - 2023-10-10 12:46 - 000002255 _____ C:\Users\Azareth\Desktop\Microsoft Teams classic.lnk
2023-10-10 12:36 - 2023-10-10 13:58 - 001497536 _____ C:\Users\Azareth\Downloads\Osobni dotaznik NAKIT.pdf
2023-10-10 12:15 - 2023-10-10 12:15 - 009010962 _____ C:\Users\Azareth\Downloads\Predpisy NAKIT.zip
2023-10-06 14:53 - 2023-10-06 14:53 - 009841291 _____ C:\Users\Azareth\Downloads\Smlouva CAIS_A.pdf
2023-10-05 23:08 - 2023-10-05 23:08 - 000000000 ____D C:\Users\Azareth\AppData\Local\WinSparkle
2023-10-05 12:22 - 2023-10-05 12:22 - 000195320 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000014042641903.pdf
2023-10-05 12:22 - 2023-10-05 12:22 - 000195311 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000013719355344.pdf
2023-10-05 12:22 - 2023-10-05 12:22 - 000194985 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000013390863630.pdf
2023-10-05 11:32 - 2023-10-05 11:32 - 000497973 _____ C:\Users\Azareth\Downloads\Predpis_zaloh_1_1_2023 (2).pdf
2023-10-04 17:44 - 2023-10-04 17:44 - 000522792 _____ C:\Windows\Minidump\100423-12901-01.dmp
2023-10-02 14:14 - 2023-10-02 14:14 - 000211175 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000013615339957.pdf
2023-10-02 14:14 - 2023-10-02 14:14 - 000211022 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000013941301191.pdf
2023-10-02 14:14 - 2023-10-02 14:14 - 000000162 ____H C:\Users\Azareth\Downloads\~$5108000000002188222113_2000013615339957.pdf
2023-10-02 14:13 - 2023-10-02 14:13 - 000210973 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000013298338381.pdf
2023-09-29 17:25 - 2023-10-15 21:38 - 000003416 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1201691987-3798675826-3542024472-1000
2023-09-29 17:25 - 2023-10-15 21:38 - 000003182 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1201691987-3798675826-3542024472-1000
2023-09-29 17:25 - 2023-09-29 17:25 - 000000000 ____D C:\Users\Azareth\AppData\Local\OneDrive
2023-09-28 09:32 - 2023-09-28 09:32 - 000313240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2023-09-27 20:19 - 2023-09-27 20:19 - 000107770 _____ C:\Users\Azareth\Downloads\DevOps Engineer (5).pdf
2023-09-27 15:13 - 2023-09-27 15:13 - 000107770 _____ C:\Users\Azareth\Downloads\DevOps Engineer (4).pdf
2023-09-26 19:17 - 2023-09-26 19:17 - 036745567 _____ C:\Users\Azareth\Downloads\minikube-installer.exe
2023-09-26 19:17 - 2023-09-26 19:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kubernetes
2023-09-26 19:17 - 2023-09-26 19:17 - 000000000 ____D C:\Program Files\Kubernetes
2023-09-26 14:03 - 2023-09-26 14:03 - 000006260 _____ C:\Users\Azareth\Downloads\BBCPie 23 09 23 Melanie Marie Sauna Temptation XXX 480p MP4-XXX [XC].torrent
2023-09-23 19:53 - 2023-10-02 23:08 - 000000000 ____D C:\Users\Azareth\AppData\Roaming\Wireshark
2023-09-23 19:52 - 2023-10-15 21:38 - 000003100 _____ C:\Windows\system32\Tasks\npcapwatchdog
2023-09-23 19:52 - 2023-09-23 19:52 - 000000000 ____D C:\Windows\SysWOW64\Npcap
2023-09-23 19:52 - 2023-09-23 19:52 - 000000000 ____D C:\Windows\system32\Npcap
2023-09-23 19:52 - 2023-09-23 19:52 - 000000000 ____D C:\Program Files\Npcap
2023-09-23 19:49 - 2023-09-23 19:49 - 000000000 ____D C:\Users\Azareth\Downloads\WiresharkPortable64
2023-09-23 19:47 - 2023-09-23 19:48 - 045811360 _____ (PortableApps.com) C:\Users\Azareth\Downloads\WiresharkPortable64_4.0.8.paf.exe
2023-09-23 19:39 - 2023-09-23 19:39 - 000568128 _____ C:\Windows\Minidump\092323-13384-01.dmp
2023-09-22 14:59 - 2023-09-22 14:59 - 000151405 _____ C:\Users\Azareth\Downloads\Doklad SIPO_202305_8010808982.pdf
2023-09-22 14:59 - 2023-09-22 14:59 - 000151254 _____ C:\Users\Azareth\Downloads\Doklad SIPO_202306_8010808982.pdf
2023-09-22 14:58 - 2023-09-22 14:58 - 000195387 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000013081263080.pdf
2023-09-22 14:58 - 2023-09-22 14:58 - 000195327 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000012762573297.pdf
2023-09-22 14:58 - 2023-09-22 14:58 - 000151414 _____ C:\Users\Azareth\Downloads\Doklad SIPO_202304_8010808982.pdf
2023-09-22 14:57 - 2023-09-22 14:57 - 000195178 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000012422169327.pdf
2023-09-22 12:27 - 2023-09-22 12:27 - 000211158 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000012990785061.pdf
2023-09-22 12:26 - 2023-09-22 12:26 - 000211226 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000012636871118.pdf
2023-09-22 12:24 - 2023-09-22 12:25 - 000211262 _____ C:\Users\Azareth\Downloads\CZ5108000000002188222113_2000012333991923.pdf
2023-09-22 12:18 - 2023-09-22 12:19 - 000155471 _____ C:\Users\Azareth\Downloads\Vypis_z_uctu_0-2188222113_z_20230430.pdf
2023-09-21 13:16 - 2023-09-21 13:16 - 000451142 _____ C:\Users\Azareth\Downloads\Predpis_zaloh_1_1_2023 (1).pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-10-21 18:22 - 2023-09-02 10:45 - 000000000 ____D C:\Users\Azareth\AppData\Roaming\uTorrent Web
2023-10-21 18:14 - 2023-06-30 13:11 - 000000000 ____D C:\Program Files (x86)\Steam
2023-10-21 18:05 - 2020-04-27 15:33 - 000000000 ____D C:\Program Files (x86)\Google
2023-10-21 17:40 - 2022-10-20 17:40 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-10-21 17:26 - 2020-09-23 12:22 - 000000000 ____D C:\Users\Azareth\AppData\Roaming\Microsoft\Teams
2023-10-21 16:53 - 2009-07-14 06:45 - 000024416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2023-10-21 16:53 - 2009-07-14 06:45 - 000024416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2023-10-21 16:51 - 2020-04-27 16:09 - 000668850 _____ C:\Windows\system32\perfh005.dat
2023-10-21 16:51 - 2020-04-27 16:09 - 000141464 _____ C:\Windows\system32\perfc005.dat
2023-10-21 16:51 - 2009-07-14 07:13 - 001583374 _____ C:\Windows\system32\PerfStringBackup.INI
2023-10-21 16:51 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2023-10-21 16:46 - 2021-08-19 17:11 - 000000000 ____D C:\Users\Azareth\AppData\Local\BitTorrentHelper
2023-10-21 16:46 - 2020-04-27 15:26 - 000387207 _____ C:\Windows\system32\fastboot.set
2023-10-21 16:45 - 2020-11-14 19:57 - 000000400 __RSH C:\ProgramData\ntuser.pol
2023-10-21 16:45 - 2020-10-05 20:56 - 000000000 ___HD C:\ProgramData\ActiveSMART
2023-10-21 16:45 - 2020-04-28 17:53 - 000000000 ____D C:\Program Files\CCleaner
2023-10-21 16:45 - 2020-04-27 21:13 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2023-10-21 16:45 - 2020-04-27 16:21 - 000000000 ____D C:\ProgramData\Avast Software
2023-10-21 16:45 - 2020-04-27 15:34 - 000000000 ____D C:\ProgramData\NVIDIA
2023-10-21 16:45 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-10-20 21:03 - 2020-10-26 19:34 - 000000000 ____D C:\Users\Azareth\AppData\Roaming\Code
2023-10-20 21:02 - 2020-10-28 15:09 - 000000000 ____D C:\Users\Azareth\AppData\Roaming\Lavasoft
2023-10-20 21:02 - 2020-10-28 15:09 - 000000000 ____D C:\Users\Azareth\AppData\Local\Lavasoft
2023-10-20 21:02 - 2020-10-28 15:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2023-10-20 21:02 - 2020-10-28 15:09 - 000000000 ____D C:\ProgramData\Lavasoft
2023-10-20 21:02 - 2020-10-28 15:09 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2023-10-20 20:30 - 2020-08-14 16:46 - 000000000 ____D C:\Users\Public\BBCPie - Chloe Temple - Creamed Skater Girl
2023-10-19 17:59 - 2021-05-23 11:45 - 000000000 ____D C:\Users\Azareth\AppData\Local\Avast Software
2023-10-19 12:17 - 2022-11-02 13:36 - 000003360 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-10-19 12:17 - 2020-04-28 17:53 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-10-17 19:59 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2023-10-17 13:37 - 2020-04-30 17:09 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2023-10-17 13:36 - 2022-10-31 14:49 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2023-10-15 21:38 - 2023-07-01 16:44 - 000003694 _____ C:\Windows\system32\Tasks\NVIDIA GeForceNow_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2023-10-15 21:38 - 2022-07-23 11:04 - 000003856 _____ C:\Windows\system32\Tasks\BlueStacksHelper_nxt
2023-10-15 21:38 - 2021-08-19 17:06 - 000002816 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Azareth
2023-10-15 21:38 - 2021-06-20 20:41 - 000003540 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-10-15 21:38 - 2021-06-20 20:41 - 000003412 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-10-15 21:38 - 2020-04-28 17:54 - 000003726 _____ C:\Windows\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2023-10-15 21:38 - 2020-04-28 17:53 - 000003438 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineUA
2023-10-15 21:38 - 2020-04-28 17:53 - 000003310 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineCore
2023-10-15 21:38 - 2020-04-27 19:28 - 000003682 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2023-10-15 21:38 - 2020-04-27 19:28 - 000003554 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2023-10-15 21:38 - 2020-04-27 16:21 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2023-10-14 09:08 - 2020-10-06 21:37 - 000000000 ____D C:\Program Files\Git
2023-10-14 09:08 - 2020-10-06 21:14 - 000000000 ____D C:\ProgramData\Git
2023-10-12 02:57 - 2020-04-30 08:00 - 000000000 ____D C:\Windows\system32\MRT
2023-10-12 02:52 - 2020-04-30 08:00 - 181553176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-10-10 13:53 - 2020-04-28 11:51 - 000000000 ____D C:\Users\Azareth\AppData\Roaming\Microsoft\Word
2023-10-09 18:06 - 2020-04-27 19:17 - 000000000 ____D C:\Users\Azareth\AppData\Local\CrashDumps
2023-10-04 17:44 - 2023-07-07 22:55 - 723126580 _____ C:\Windows\MEMORY.DMP
2023-10-04 17:44 - 2020-07-05 09:28 - 000000000 ____D C:\Windows\Minidump
2023-10-02 14:16 - 2020-05-07 08:28 - 000000000 ____D C:\ProgramData\CanonIJPLM
2023-09-29 17:25 - 2020-04-28 09:45 - 000002126 _____ C:\Users\Azareth\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2023-09-28 09:32 - 2020-10-15 19:48 - 000275168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000950696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000708048 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000559696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000392984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000319560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000297992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000240176 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000105248 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000096064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000080416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000039760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000031528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2023-09-28 09:32 - 2020-04-27 16:21 - 000003910 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2023-09-25 14:29 - 2023-08-03 13:38 - 000000905 _____ C:\Users\Public\Desktop\ChatGPT.lnk
2023-09-25 14:29 - 2023-08-03 13:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChatGPT
2023-09-25 14:29 - 2023-08-03 13:38 - 000000000 ____D C:\Program Files\ChatGPT
2023-09-22 15:01 - 2020-11-30 18:02 - 000000000 ____D C:\Users\Azareth\Desktop\Atyla

==================== Files in the root of some directories ========

2020-07-26 16:04 - 2020-07-26 18:45 - 000000128 _____ () C:\Users\Azareth\AppData\Roaming\winscp.rnd
2020-04-28 08:07 - 2020-04-28 08:07 - 000001500 _____ () C:\Users\Azareth\AppData\Local\PDLSetup.20200428.080709.txt

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2023-10-20 00:00
==================== End of FRST.txt ========================

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
CustomCLSID: HKU\S-1-5-21-1201691987-3798675826-3542024472-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Azareth\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll => No File
C:\Users\Azareth\AppData\Local\Temp
AlternateDataStreams: C:\ProgramData\TEMP:B755D674 [134]
AlternateDataStreams: C:\Users\Azareth\Application Data:6699d3ee8dd9cf775caae782c8f44f03 [394]
AlternateDataStreams: C:\Users\Azareth\AppData\Roaming:6699d3ee8dd9cf775caae782c8f44f03 [394]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [490]
FirewallRules: [{85B1774B-9F32-445F-B1C3-7C4BFF611B67}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{457DDB9B-5BCC-4189-A55A-44AF713435BA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{81E48AEF-C282-450A-9864-449D2F2D78B9}C:\program files\ascension launcher\ascension launcher.exe] => (Allow) C:\program files\ascension launcher\ascension launcher.exe => No File
FirewallRules: [UDP Query User{7724F964-2B78-43A9-8420-BDC72F05B43D}C:\program files\ascension launcher\ascension launcher.exe] => (Allow) C:\program files\ascension launcher\ascension launcher.exe => No File
FirewallRules: [{5DEC74BC-F458-4274-91DB-D7CA5F479AEA}] => (Allow) C:\Users\Azareth\AppData\Roaming\BitTorrent Web\btweb.exe => No File
FirewallRules: [{31036023-DD38-41B3-96E9-B8904E31A245}] => (Allow) C:\Users\Azareth\AppData\Roaming\BitTorrent Web\btweb.exe => No File
FirewallRules: [{FE68F7C5-FE57-4FFE-834F-EF01D6571919}] => (Allow) C:\Users\Azareth\AppData\Roaming\BitTorrent Web\btweb.exe => No File
FirewallRules: [{75B11104-2A44-48ED-BA37-ED62A780A296}] => (Allow) C:\Users\Azareth\AppData\Roaming\BitTorrent Web\btweb.exe => No File
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1201691987-3798675826-3542024472-1000\...\MountPoints2: {1b68cac0-8921-11ea-98fb-806e6f6e6963} - F:\setupx64.bat
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {14C505B1-1E44-44B6-8909-D19467D02217} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-27] (Google LLC -> Google LLC)
Task: {9E69560B-BA5E-4D82-B658-B0B8E8297143} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-27] (Google LLC -> Google LLC)
Task: {F03088C5-701F-4D4E-97B1-48A1FCC8F00D} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task (No File)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
F Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
U4 npcap_wifi; no ImagePath

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.