Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kotrolu nebo skála
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Prosím o kotrolu nebo skála
Prosím o kontrolu vím že je to starý krám. Pustím ráno a v poledne se mi načte vtip ale trvá to asi 20-30 minut. Jinak žádný velký problém. Použítí velmi nenáročné hry. Nevím zda tomu dát ještě šanci nebo skála. Děkuji za případnou odpověd.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-05-2022 (ATTENTION: ====> FRSTversion is 31 days old and could be outdated)
Ran by LuciFafa (administrator) on LUCIFAFA-PC (13-06-2022 16:25:18)
Running from C:\Users\LuciFafa\Desktop
Loaded Profiles: LuciFafa
Platform: Microsoft Windows 10 Home Version 21H1 19043.1706 (X86) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(DriverStore\FileRepository\ct334123.inf_x86_f8c501d7d775b475\B333740\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\ct334123.inf_x86_f8c501d7d775b475\B333740\atieclxx.exe
(explorer.exe ->) (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(explorer.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <11>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\ct334123.inf_x86_f8c501d7d775b475\B333740\atiesrxx.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files\ASUS\AXSP\1.02.00\atkexComSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\System32\PnkBstrA.exe
(services.exe ->) (Glarysoft LTD -> Glarysoft Ltd) C:\Program Files\Common Files\Glarysoft\StartupManager\1.0\GUBootService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [10091088 2021-07-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [NUSB3MON] => C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.) [File not signed]
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [188240 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe (No File)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe (No File)
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Run: [GUDelayStartup] => C:\Program Files\Glarysoft\Quick Startup\StartupManager.exe [46568 2022-06-12] (Glarysoft LTD -> Glarysoft Ltd)
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\WINDOWS\system32\HpTcpMon.dll [200704 2009-09-16] (Hewlett Packard) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\102.0.5005.63\Installer\chrmstp.exe [2022-06-02] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
GroupPolicy\User: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1341ABBB-78DB-4E4D-8A35-5DDA86AF973F} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (No File)
Task: {1770BB4B-35E9-40B1-A407-932BB5969459} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {1CF0C451-0775-4B00-AE47-7DFE8EDAB5AD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-11-10] (Adobe Inc. -> Adobe)
Task: {24FA84A0-E087-48EC-BC51-2B9C4C815D78} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {2A5EB73E-0E29-4E90-8F07-424A175FF490} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {2D4B58F6-225A-414C-86C6-6142517E44AF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1947984 2022-05-24] (Avast Software s.r.o. -> Avast Software)
Task: {367F930A-A3DB-4112-B1F1-50E92A171C88} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {37F687A7-A1EC-49D0-9C6C-FFF191B2D7E3} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {3A95B8C8-B1C9-402B-ADA9-0FC3D224F57C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (No File)
Task: {3F983359-DF03-40CA-8C66-C8389544BBF5} - System32\Tasks\{002AE781-3C13-4988-9DD7-5C950841373F} => C:\Program Files\Nexon\Nexon Launcher\nexon_launcher.exe (No File)
Task: {52A6C2AC-44AE-46B7-87DF-2D58DF54A27F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_0_0_445_Plugin.exe [1502264 2020-11-10] (Adobe Inc. -> Adobe)
Task: {55047966-87F9-49AC-B67C-C3F06FC3632A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {6160C767-EFC6-4EC0-91D7-FD8DCC2F0DC0} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {70CB6F2E-9890-4DBA-9669-7B62A80B6BFE} - System32\Tasks\{2C168AB7-D565-42E8-9497-5F708AEBE37C} => C:\VALOFEEU\CA_Classic\CombatArmsClassic.exe [5498912 2022-06-07] (VALOFE Co.,Ltd. -> Valofe)
Task: {83CC6E3E-1B1E-46A5-9804-E32CB79B5FA5} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (No File)
Task: {8E5D4FB0-BC25-4160-9C8A-D8F458BE987F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (No File)
Task: {9855590B-F0DB-4E47-ADB7-C33603C35716} - System32\Tasks\AMD ThankingURL => C:\Program Files\AMD\CIM\Bin\Setup.exe [701832 2018-09-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {9ED3DE3C-4F79-485B-9306-97AFE797BB4E} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (No File)
Task: {A7B2DD51-B885-4014-9E5A-9392F4848566} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {AB4E247F-3307-4A04-A06F-34E942D8613D} - System32\Tasks\Java Updater => C:\Users\LuciFafa\AppData\Roaming\nircmd.exe [44032 2013-08-11] (NirSoft) [File not signed] -> exec hide "C:\Users\LuciFafa\AppData\Roaming\Redist.exe" <==== ATTENTION
Task: {B8B2386F-6E5B-4023-8FFB-FE6F7B837124} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {B8E7B8B6-4F15-42CA-8BCD-DD35DDC7B7C9} - System32\Tasks\Microsoft\Windows\AppListBackup\Backup => {E0DCC2CC-3354-45F2-8914-519E07809082} C:\WINDOWS\system32\AppListBackupLauncher.dll [68096 2022-04-13] (Microsoft Windows -> Microsoft Corporation)
Task: {BD80CDBE-1726-4F32-B132-CBB2A1225B06} - System32\Tasks\StartCN => C:\Program Files\AMD\\CNext\CNext\cncmd.exe [43400 2018-09-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {C5F8BF48-D9C0-49AB-8288-9578F7F23A8A} - System32\Tasks\StartDVR => C:\Program Files\AMD\\CNext\CNext\dvrcmd.exe [59272 2018-09-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {C91D36A5-9DCF-46B3-90AC-177377049E24} - System32\Tasks\CCleanerSkipUAC - LuciFafa => C:\Program Files\CCleaner\CCleaner.exe [30924528 2022-05-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DAED5BBC-2604-4BA3-A0C6-E292004A5685} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [155432 2019-10-23] (Google Inc -> Google LLC)
Task: {E0136285-6E77-4294-AA4C-D156F26CC8DD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [155432 2019-10-23] (Google Inc -> Google LLC)
Task: {E5A10CDF-C165-46D4-92E0-60FE090D47C5} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (No File)
Task: {E76E1E7A-4B39-4EB2-81FF-287934DD7238} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-05-11] (Piriform Software Ltd -> Piriform)
Task: {E79B2998-8F63-451A-A56D-26EDC0A5098A} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {F3B0CFB8-19B3-47EC-A984-B9DEFC7B4FE8} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4361040 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 01 %SystemRoot%\system32\napinsp.dll => No File ATTENTION: LibraryPath should be "%SystemRoot%\system32\napinsp.dll"
Winsock: Catalog5 02 %SystemRoot%\system32\pnrpnsp.dll => No File ATTENTION: LibraryPath should be "%SystemRoot%\system32\pnrpnsp.dll"
Winsock: Catalog5 03 %SystemRoot%\system32\pnrpnsp.dll => No File ATTENTION: LibraryPath should be "%SystemRoot%\system32\pnrpnsp.dll"
Winsock: Catalog5 04 %SystemRoot%\system32\wshbth.dll => No File
Winsock: Catalog5 05 %SystemRoot%\system32\NLAapi.dll => No File ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 06 %SystemRoot%\System32\winrnr.dll => No File ATTENTION: LibraryPath should be "%SystemRoot%\System32\winrnr.dll"
Winsock: Catalog5 07 %SystemRoot%\System32\mswsock.dll => No File ATTENTION: LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{651cc846-fdac-48b2-a304-e0ae3437fe4a}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{e55cae65-50a3-4f82-bac5-aa71c74b0ab9}: [DhcpNameServer] 192.168.42.129
Edge:
=======
DownloadDir: C:\Users\LuciFafa\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000 -> about:start
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
FireFox:
========
FF DefaultProfile: vdbq5k47.default-1616568206022
FF ProfilePath: C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\vdbq5k47.default-1616568206022 [2022-06-13]
FF Homepage: Mozilla\Firefox\Profiles\vdbq5k47.default-1616568206022 -> www.google.com
FF NetworkProxy: Mozilla\Firefox\Profiles\vdbq5k47.default-1616568206022 -> type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_32_0_0_445.dll [2020-11-10] (Adobe Inc. -> )
FF Plugin: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameeu.dll [2018-01-05] (Nexon) [File not signed]
FF Plugin: @ogplanet.com/npOGPPlugin -> C:\Windows\system32\npOGPPlugin.dll [2009-11-19] (OGPlanet -> OGPlanet)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin HKU\S-1-5-21-1117677789-4214877554-3075564690-1000: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin HKU\S-1-5-21-1117677789-4214877554-3075564690-1000: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin HKU\S-1-5-21-1117677789-4214877554-3075564690-1000: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin HKU\S-1-5-21-1117677789-4214877554-3075564690-1000: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Users\LuciFafa\AppData\Local\AVAST Software\Browser\Update\1.8.1206.2\npAvastBrowserUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-1117677789-4214877554-3075564690-1000: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Users\LuciFafa\AppData\Local\AVAST Software\Browser\Update\1.8.1206.2\npAvastBrowserUpdate3.dll [No File]
Chrome:
=======
CHR Profile: C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default [2022-05-03]
CHR Extension: (Prezentace) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-11-02]
CHR Extension: (Dokumenty) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-11-02]
CHR Extension: (Disk Google) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-01]
CHR Extension: (YouTube) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-11-02]
CHR Extension: (Tabulky) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-11-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-08-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-16]
CHR Extension: (Gmail) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-01]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-11-10] (Adobe Inc. -> Adobe)
R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\ct334123.inf_x86_f8c501d7d775b475\B333740\atiesrxx.exe [408552 2018-10-05] (Advanced Micro Devices, Inc. -> AMD)
R2 asComSvc; C:\Program Files\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-07-23] (ASUSTeK Computer Inc. -> )
R2 AsSysCtrlService; C:\Program Files\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-07-23] (ASUSTeK Computer Inc. -> ) [File not signed]
S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7627912 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [520016 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [520016 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2022-02-11] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files\Common Files\BattlEye\BEService.exe [6283712 2022-04-28] (BattlEye Innovations e.K. -> )
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [623344 2022-04-07] (Piriform Software Ltd -> )
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1034584 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd)
R2 GUBootService; C:\Program Files\Common Files\Glarysoft\StartupManager\1.0\GUBootService.exe [880616 2022-06-12] (Glarysoft LTD -> Glarysoft Ltd)
S3 npggsvc; C:\Windows\system32\GameMon.des [9369560 2020-10-26] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2018-11-14] (Even Balance, Inc. -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2201.10-0\NisSrv.exe [1900632 2022-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2201.10-0\MsMpEng.exe [89704 2022-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\ct334123.inf_x86_f8c501d7d775b475\B333740\atikmdag.sys [42515432 2018-10-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\ct334123.inf_x86_f8c501d7d775b475\B333740\atikmpag.sys [457192 2018-10-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 amdkmpfd; C:\WINDOWS\System32\DRIVERS\amdkmpfd.sys [40136 2014-10-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [73928 2015-03-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [36040 2015-03-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R1 AsIO; C:\WINDOWS\System32\drivers\AsIO.sys [14720 2014-07-23] (ASUSTeK Computer Inc. -> )
S3 AsusVBus; C:\WINDOWS\System32\DRIVERS\AsusVBus.sys [33048 2017-01-09] (ASUSTeK Computer Inc. -> Windows (R) Win 7 DDK provider)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36832 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [193224 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [325296 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [210600 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [94376 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [19400 2022-02-11] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42520 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [229520 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [401904 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [95952 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [75136 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [694952 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [561000 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [164584 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [48152 2018-09-07] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [269888 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT3.sys [90600 2018-07-17] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 ATP; C:\WINDOWS\System32\DRIVERS\AsusTP.sys [66872 2017-01-09] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [200192 2020-09-26] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [104448 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BtHidBus; C:\WINDOWS\System32\Drivers\BtHidBus.sys [19592 2009-09-24] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.)
S3 btnetBUs; C:\WINDOWS\System32\Drivers\btnetBus.sys [22528 2009-09-24] () [File not signed]
R1 ccSet_NST; C:\WINDOWS\system32\drivers\NST\7DE070B0.02A\ccSetx86.sys [127064 2013-09-27] (Symantec Corporation -> Symantec Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [25016 2015-10-14] (Disc Soft Ltd -> Disc Soft Ltd)
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [27632 2022-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Glarysoft Ltd)
S3 IvtBtBUs; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [25480 2009-08-26] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.)
S3 k750bus; C:\WINDOWS\System32\drivers\k750bus.sys [55216 2005-02-11] (Microsoft Windows Hardware Compatibility Publisher -> MCCI)
S3 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [15688 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [10320 2013-09-30] (MiniTool Solution Ltd -> )
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [994136 2022-02-21] (Realtek Semiconductor Corp. -> Realtek)
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [24184 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [5120 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 usbfilter; C:\WINDOWS\System32\DRIVERS\usbfilter.sys [48352 2014-02-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [15872 2020-09-29] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [39320 2022-02-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [343272 2022-02-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [63736 2022-02-11] (Microsoft Windows -> Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\System32\drivers\WUDFRd.sys [218624 2022-04-13] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-06-13 16:25 - 2022-06-13 16:26 - 000028623 _____ C:\Users\LuciFafa\Desktop\FRST.txt
2022-06-13 16:24 - 2022-06-13 16:24 - 002073088 _____ (Farbar) C:\Users\LuciFafa\Downloads\FRST.exe
2022-06-13 16:22 - 2022-06-13 16:22 - 002073088 _____ (Farbar) C:\Users\LuciFafa\Desktop\FRST.exe
2022-06-13 15:55 - 2022-06-13 15:55 - 007904376 _____ (Glarysoft Ltd) C:\Users\LuciFafa\Downloads\qssetup.exe
2022-06-13 15:55 - 2022-06-13 15:55 - 000027632 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\GUBootStartup.sys
2022-06-13 15:55 - 2022-06-13 15:55 - 000001233 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quick Startup.lnk
2022-06-13 15:55 - 2022-06-13 15:55 - 000001221 _____ C:\Users\Public\Desktop\Quick Startup.lnk
2022-06-13 15:55 - 2022-06-13 15:55 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\GlarySoft
2022-06-13 15:55 - 2022-06-13 15:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft
2022-06-13 15:55 - 2022-06-13 15:55 - 000000000 ____D C:\ProgramData\Glarysoft
2022-06-13 15:55 - 2022-06-13 15:55 - 000000000 ____D C:\Program Files\Glarysoft
2022-06-13 15:55 - 2022-06-13 15:55 - 000000000 ____D C:\Program Files\Common Files\Glarysoft
2022-06-13 15:52 - 2022-06-13 15:52 - 003862520 _____ C:\Users\LuciFafa\Downloads\Autoruns.zip
2022-06-13 11:28 - 2022-06-13 11:28 - 069658934 _____ C:\Users\LuciFafa\Downloads\VID_20220613_112043.mp4
2022-06-12 13:49 - 2022-06-12 13:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-06-12 00:36 - 2022-06-13 15:41 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-06-07 12:19 - 2022-06-07 12:19 - 000236880 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-06-07 12:19 - 2022-06-07 12:19 - 000164584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2022-06-07 10:32 - 2022-06-07 10:32 - 000877152 _____ (CPUID, Inc. ) C:\Users\LuciFafa\Downloads\perfmonitor-2_2.04.exe
2022-06-07 10:32 - 2022-06-07 10:32 - 000001156 _____ C:\Users\Public\Desktop\CPUID PerfMonitor2.lnk
2022-06-07 10:30 - 2022-06-07 10:30 - 000001091 _____ C:\Users\Public\Desktop\CPUID ROG CPU-Z.lnk
2022-06-07 10:26 - 2022-06-07 10:26 - 001832088 _____ (CPUID, Inc. ) C:\Users\LuciFafa\Downloads\cpu-z_2.01-rog-en.exe
2022-06-07 10:23 - 2022-06-07 10:23 - 001443872 _____ (CPUID, Inc. ) C:\Users\LuciFafa\Downloads\hwmonitor_1.46.exe
2022-06-07 10:23 - 2022-06-07 10:23 - 000001120 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2022-06-07 10:21 - 2022-06-07 10:21 - 000021431 _____ C:\Users\LuciFafa\Downloads\latency.zip
2022-06-07 10:18 - 2022-06-07 10:18 - 002117608 _____ (CPUID, Inc. ) C:\Users\LuciFafa\Downloads\cpu-z_2.01-en.exe
2022-06-01 20:59 - 2022-06-01 21:00 - 229280135 _____ C:\Users\LuciFafa\Downloads\VID_20220601_202210(1).mp4
2022-06-01 20:59 - 2022-06-01 20:59 - 229280135 _____ C:\Users\LuciFafa\Downloads\VID_20220601_202210.mp4
2022-05-25 10:33 - 2022-05-25 10:34 - 868392912 _____ C:\Users\LuciFafa\Downloads\Coco - CZ Dabing - Full HD.avi
2022-05-21 07:43 - 2022-05-21 07:43 - 000000000 ____D C:\ProgramData\Piriform
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-06-13 16:26 - 2020-05-19 12:22 - 000000000 ____D C:\FRST
2022-06-13 16:25 - 2016-11-18 16:12 - 000000000 ____D C:\Users\LuciFafa\AppData\LocalLow\Mozilla
2022-06-13 16:13 - 2019-12-07 08:12 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-06-13 16:08 - 2020-09-26 19:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2022-06-13 16:04 - 2020-09-26 19:55 - 000003530 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-06-13 16:03 - 2020-09-26 19:55 - 000002872 _____ C:\WINDOWS\system32\Tasks\Java Updater
2022-06-13 15:56 - 2021-10-04 10:56 - 000002320 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - LuciFafa
2022-06-13 15:56 - 2020-09-26 19:55 - 000003254 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-06-13 15:50 - 2022-02-11 10:14 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-06-13 15:50 - 2015-09-25 12:34 - 000000000 ____D C:\Program Files\Google
2022-06-13 15:46 - 2019-01-15 12:21 - 000000000 ____D C:\Program Files\CCleaner
2022-06-13 15:42 - 2020-09-26 18:58 - 000000000 ____D C:\Users\LuciFafa
2022-06-13 15:41 - 2020-09-26 19:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-06-13 15:41 - 2020-09-26 19:38 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-06-13 15:41 - 2020-09-26 19:37 - 000008192 ___SH C:\DumpStack.log.tmp
2022-06-13 15:41 - 2015-09-26 08:21 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2022-06-13 14:18 - 2018-10-23 11:17 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\CrashDumps
2022-06-12 19:51 - 2021-06-30 20:52 - 000000000 ____D C:\Program Files\Common Files\BattlEye
2022-06-12 18:57 - 2022-02-11 11:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-06-12 18:57 - 2021-01-25 13:35 - 000002632 _____ C:\WINDOWS\system32\Tasks\AMD ThankingURL
2022-06-12 18:57 - 2021-01-25 13:34 - 000002204 _____ C:\WINDOWS\system32\Tasks\StartCN
2022-06-12 18:57 - 2021-01-25 13:34 - 000002118 _____ C:\WINDOWS\system32\Tasks\StartDVR
2022-06-12 18:57 - 2020-09-26 19:55 - 000003390 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-06-12 18:57 - 2020-09-26 19:55 - 000003166 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-06-12 13:49 - 2015-09-26 08:21 - 000001150 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-06-12 01:47 - 2015-12-26 21:36 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\AIMP
2022-06-12 01:35 - 2021-07-09 14:09 - 000000000 ____D C:\Users\LuciFafa\Desktop\Nová složka (2)
2022-06-11 23:26 - 2022-02-11 11:15 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-06-10 12:59 - 2020-11-11 17:58 - 000001469 _____ C:\Users\LuciFafa\Desktop\Roblox Player.lnk
2022-06-10 12:59 - 2020-11-11 17:57 - 000001292 _____ C:\Users\LuciFafa\Desktop\Roblox Studio.lnk
2022-06-10 12:59 - 2020-11-11 17:57 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2022-06-08 14:18 - 2019-12-07 08:12 - 000000000 ___HD C:\Program Files\WindowsApps
2022-06-08 14:18 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-06-07 12:20 - 2022-02-11 11:15 - 000325296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-06-07 12:20 - 2022-02-11 11:15 - 000269888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-06-07 12:19 - 2022-02-11 11:15 - 000694952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-06-07 12:19 - 2022-02-11 11:15 - 000561000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-06-07 12:19 - 2022-02-11 11:15 - 000401904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-06-07 12:19 - 2022-02-11 11:15 - 000229520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-06-07 12:19 - 2022-02-11 11:15 - 000210600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-06-07 12:19 - 2022-02-11 11:15 - 000193224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-06-07 12:19 - 2022-02-11 11:15 - 000095952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-06-07 12:19 - 2022-02-11 11:15 - 000094376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-06-07 12:19 - 2022-02-11 11:15 - 000075136 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-06-07 12:19 - 2022-02-11 11:15 - 000042520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-06-07 12:19 - 2022-02-11 11:15 - 000036832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2022-06-07 12:19 - 2019-12-07 08:12 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-06-07 11:24 - 2019-01-15 12:21 - 000000998 _____ C:\Users\Public\Desktop\CCleaner.lnk
2022-06-07 11:08 - 2017-09-05 09:37 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\AVAST Software
2022-06-07 10:32 - 2020-02-24 17:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2022-06-07 10:32 - 2020-02-24 17:14 - 000000000 ____D C:\Program Files\CPUID
2022-06-07 10:19 - 2020-02-24 17:14 - 000001059 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2022-06-07 10:15 - 2018-05-16 14:57 - 000001904 _____ C:\Users\LuciFafa\Desktop\CrystalDiskInfo.lnk
2022-06-07 10:09 - 2019-12-07 08:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-06-07 10:09 - 2015-09-25 12:42 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2022-06-05 21:13 - 2022-02-04 17:08 - 000000000 ____D C:\Users\LuciFafa\Desktop\rap
2022-06-05 20:15 - 2015-09-29 19:05 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\vlc
2022-06-03 16:52 - 2019-09-06 21:07 - 000000000 ____D C:\ProgramData\Packages
2022-06-03 13:03 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-06-02 14:51 - 2019-11-02 19:19 - 000002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-06-02 14:51 - 2019-11-02 19:19 - 000002166 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-06-01 12:24 - 2015-10-23 11:14 - 000001827 _____ C:\Users\Public\Desktop\Defraggler.lnk
2022-06-01 11:31 - 2020-01-26 13:40 - 000000000 ____D C:\Program Files\Recuva
2022-05-31 14:34 - 2019-12-07 08:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-05-31 14:22 - 2018-10-14 16:53 - 000000000 ____D C:\Users\LuciFafa\Downloads\Cz&Sk
2022-05-31 14:17 - 2020-11-20 12:12 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-05-31 13:59 - 2019-09-06 21:11 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\D3DSCache
2022-05-14 19:29 - 2019-12-07 08:10 - 000000000 ____D C:\WINDOWS\INF
2022-05-14 12:53 - 2015-10-22 07:41 - 000000000 ____D C:\ProgramData\AVAST Software
==================== Files in the root of some directories ========
2016-06-03 15:03 - 2016-06-03 15:03 - 000000603 _____ () C:\Program Files\Blacklight Retribution_enUpdaterLog.txt
2020-01-26 15:15 - 2014-05-24 21:09 - 000603763 ___SH () C:\Users\LuciFafa\AppData\Roaming\libcurl-4.dll
2020-01-26 15:15 - 2014-05-26 20:16 - 000626176 ___SH (The cURL library, hxxp://curl.haxx.se/) C:\Users\LuciFafa\AppData\Roaming\libcurl.dll
2020-01-26 15:15 - 2014-05-26 20:16 - 001704448 ___SH (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\LuciFafa\AppData\Roaming\libeay32.dll
2020-01-26 15:15 - 2014-05-26 20:16 - 000112142 ___SH () C:\Users\LuciFafa\AppData\Roaming\libgcc_s_dw2-1.dll
2020-01-26 15:15 - 2014-05-26 20:16 - 000279955 ___SH () C:\Users\LuciFafa\AppData\Roaming\libidn-11.dll
2020-01-26 15:15 - 2014-05-26 20:16 - 000148760 ___SH () C:\Users\LuciFafa\AppData\Roaming\libpdcurses.dll
2020-01-26 15:15 - 2014-05-04 11:16 - 000207360 ___SH (CodePlex Community) C:\Users\LuciFafa\AppData\Roaming\Microsoft.Win32.TaskScheduler.dll
2020-01-26 15:15 - 2013-08-11 15:41 - 000044032 ___SH (NirSoft) C:\Users\LuciFafa\AppData\Roaming\nircmd.exe
2020-01-26 15:15 - 2014-06-29 13:35 - 000294912 ___SH () C:\Users\LuciFafa\AppData\Roaming\nssm.exe
2016-06-03 15:01 - 2017-10-17 19:38 - 000022328 _____ () C:\Users\LuciFafa\AppData\Roaming\PnkBstrK.sys
2020-01-26 15:15 - 2014-05-24 21:09 - 000042496 ___SH (Open Source Software community project) C:\Users\LuciFafa\AppData\Roaming\pthreadGC2-w64.dll
2020-01-26 15:15 - 2014-05-26 20:16 - 000119704 ___SH (Open Source Software community LGPL) C:\Users\LuciFafa\AppData\Roaming\pthreadGC2.dll
2020-01-26 15:15 - 2014-06-26 17:21 - 001193458 ___SH () C:\Users\LuciFafa\AppData\Roaming\Runservice.exe
2020-01-26 15:15 - 2014-05-26 20:16 - 000364544 ___SH (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\LuciFafa\AppData\Roaming\ssleay32.dll
2020-01-26 15:15 - 2014-05-26 20:16 - 000113166 ___SH () C:\Users\LuciFafa\AppData\Roaming\zlib1.dll
2019-11-02 18:41 - 2019-11-02 18:41 - 000000038 _____ () C:\Users\LuciFafa\AppData\Local\cloudready_installer_uuid
2015-09-28 10:38 - 2021-01-09 17:20 - 000007602 _____ () C:\Users\LuciFafa\AppData\Local\Resmon.ResmonCfg
2020-11-03 12:00 - 2020-11-03 12:02 - 000000072 _____ () C:\Users\LuciFafa\AppData\Local\update_progress.txt
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-05-2022
Ran by LuciFafa (13-06-2022 16:27:27)
Running from C:\Users\LuciFafa\Desktop
Microsoft Windows 10 Home Version 21H1 19043.1706 (X86) (2020-09-26 17:56:41)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1117677789-4214877554-3075564690-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1117677789-4214877554-3075564690-503 - Limited - Disabled)
Guest (S-1-5-21-1117677789-4214877554-3075564690-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1117677789-4214877554-3075564690-1004 - Limited - Enabled)
LuciFafa (S-1-5-21-1117677789-4214877554-3075564690-1000 - Administrator - Enabled) => C:\Users\LuciFafa
WDAGUtilityAccount (S-1-5-21-1117677789-4214877554-3075564690-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Disabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
«Assassin`s Creed III» 1.06 (HKLM\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}_is1) (Version: 1.06 - Ubisoft)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 22.001.20117 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.445 - Adobe)
Adobe Refresh Manager (HKLM\...\{AC76BA86-0804-1033-1959-001824458876}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AIMP (HKLM\...\AIMP) (Version: v4.70.2251, 23.05.2021 - AIMP DevTeam)
AMD Problem Report Wizard (HKLM\...\{F2A66AD9-EF75-DE88-2D00-D43DB619A2BC}) (Version: 3.1.722.0 - ##COMPANY_NAME##) Hidden
AMD Settings - Branding (HKLM\...\{C186470C-6BAA-4AFA-AB1A-5AF50B8921C0}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.9.3 - Advanced Micro Devices, Inc.)
AMD USB 3.0 Device Detector (HKLM\...\{1D4675D5-0583-44CF-9DDD-3D9BDD4926A8}) (Version: 2.1.30.0 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (HKLM\...\{047532BE-2566-17C9-3C42-FED9CCB077D3}) (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (HKLM\...\{38230BC0-C1CE-E828-0E65-9439E5EC7FCA}) (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (HKLM\...\{5164089A-CA62-D4FE-2AC6-C8334F50AD28}) (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (HKLM\...\{61C56115-F7E2-EC86-24BA-BC2395BF5BB9}) (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (HKLM\...\{64B16C8D-1877-0D81-9151-225B2340723D}) (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (HKLM\...\{81052D74-E26D-FCBD-03B2-5E0D74848A39}) (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (HKLM\...\{D07C0DAB-27DE-3917-60C9-AF2A3C45199E}) (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (HKLM\...\{F85CEE70-1F81-B9B3-B57F-1F9CDE0F49F7}) (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
Angry Birds (HKLM\...\{24066C1A-104E-4577-9C28-2AE772005C1F}) (Version: 4.0.0 - Rovio Entertainment Ltd.)
Assassins Creed IV Black Flag (HKLM\...\QXNzYXNzaW5zQ3JlZWRJVkJsYWNrRmxhZw==_is1) (Version: 1 - )
aTube Catcher verze 3.8 (HKLM\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Audacity 2.1.2 (HKLM\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Audacity 3.1.3 (HKLM\...\Audacity_is1) (Version: 3.1.3 - Audacity Team)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 22.5.6015 - Avast Software)
Avast Update Helper (HKLM\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1189.1 - AVAST Software) Hidden
AviSynth 2.5 (HKLM\...\AviSynth) (Version: - )
Bandisoft MPEG-1 Decoder (HKLM\...\BandiMPEG1) (Version: - )
Catalyst Control Center - Branding (HKLM\...\{11087D24-567D-7D88-69C6-D7A08B5F4C47}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 6.00 - Piriform)
CCleaner Update Helper (HKLM\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1187.1 - Piriform Software) Hidden
Combat Arms Reloaded (HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Combat Arms Reloaded) (Version: VALOFE - VALOFE Global Ltd.)
Combat Arms the Classic (HKLM\...\CA_Classic) (Version: - )
CPUID CPU-Z 2.01 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.01 - CPUID, Inc.)
CPUID HWMonitor 1.46 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.46 - CPUID, Inc.)
CPUID PerfMonitor 2.04 (HKLM\...\CPUID PerfMonitor2_is1) (Version: 2.04 - CPUID, Inc.)
CPUID ROG CPU-Z 2.01 (HKLM\...\CPUID ROG CPU-Z_is1) (Version: 2.01 - CPUID, Inc.)
CrystalDiskInfo 7.6.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 7.6.0 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Debugging Tools for Windows (x86) (HKLM\...\{300A2961-B2B5-4889-9CB9-5C2A570D08AD}) (Version: 6.11.1.404 - Microsoft Corporation)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
DiRT Rally (HKLM\...\ZGlydHJhbGx5_is1) (Version: 1 - )
FORM studio (HKLM\...\FSCZ_is1) (Version: - KASTNER software s.r.o.)
Gameforge Live 2.0.13 (HKLM\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.13 - Gameforge)
Google Chrome (HKLM\...\Google Chrome) (Version: 102.0.5005.63 - Google LLC)
GRID Autosport Complete Edition (HKLM\...\Z3JpZGF1dG9zcG9ydA_is1) (Version: 1 - )
HP Customer Experience Enhancements (HKLM\...\{0CC8AE1D-F5AA-4143-8FAD-E017E0E9EE70}) (Version: 6.0.5.1 - Hewlett-Packard) Hidden
HP Unified IO (HKLM\...\{F1390872-2500-4408-A46C-CD16C960C661}) (Version: 2.0.0.434 - HP) Hidden
HPLJUTCore (HKLM\...\{B445502B-2F83-4873-90F1-06059F71A46A}) (Version: 014.000.0001 - HP) Hidden
hppM125LaserJetService (HKLM\...\{18D5B189-DBDD-4E57-A84B-58C7700E9BB0}) (Version: 001.032.00682 - Hewlett-Packard) Hidden
hpStatusAlerts (HKLM\...\{E35D0ED5-716B-4E1F-8477-54DD746DF527}) (Version: 140.040.00231 - Hewlett Packard) Hidden
K-Lite Mega Codec Pack 11.5.5 (HKLM\...\KLiteCodecPack_is1) (Version: 11.5.5 - )
Lame ACM MP3 Codec (HKLM\...\LameACM) (Version: - )
Media Player Utilities 4.46 (HKLM\...\{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}) (Version: 4.46 - )
Metric Collection SDK 35 (HKLM\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.7.2 (CSY) (HKLM\...\{6308154B-B596-3E24-AB86-71986CCD9905}) (Version: 4.7.03062 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.2 (HKLM\...\{10C4E843-C226-3FDF-9DD6-F4E3275E734D}) (Version: 4.7.03062 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27033 (HKLM\...\{624ba875-fdfc-4efa-9c66-b170dfebc3ec}) (Version: 14.16.27033.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 X86 Additional Runtime - 14.16.27033 (HKLM\...\{88D1025F-45D0-45C6-9EDB-379C2EE07AD7}) (Version: 14.16.27033 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 X86 Minimum Runtime - 14.16.27033 (HKLM\...\{D5AEE36E-4771-4F65-BDB6-8C59077BFBE4}) (Version: 14.16.27033 - Microsoft Corporation) Hidden
Microsoft_VC100_CRT_SP1_x86 (HKLM\...\{E3B64CC5-C011-40C0-92BC-7316CD5E5688}) (Version: 10.0.40219.1 - Nokia) Hidden
Mozilla Firefox (x86 cs) (HKLM\...\Mozilla Firefox 101.0.1 (x86 cs)) (Version: 101.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 101.0.1.8194 - Mozilla)
MP3 Normalizer version 2.1 (HKLM\...\{BE50A213-FB63-4E7B-89F1-D339D8FFDAAD}_is1) (Version: 2.1 - Code-it Software Solutions)
MP3 Volume Normalizer verze 1.5 (HKLM\...\MP3 Volume Normalizer_is1) (Version: 1.5 - )
MSVC80_x86_v2 (HKLM\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (HKLM\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MY.GAMES GameCenter (HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\GameCenter) (Version: 4.1542 - MY.COM B.V.)
NirSoft BlueScreenView (HKLM\...\NirSoft BlueScreenView) (Version: - )
Pinnacle VideoSpin (HKLM\...\{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}) (Version: 2.0.0.669 - Pinnacle Systems)
Pro Evolution Soccer 2015 (HKLM\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNQ==_is1) (Version: 1 - )
Pro Evolution Soccer 2016 (HKLM\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNg==_is1) (Version: 1 - )
Prohlížeč Seznam.cz (HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Seznam Browser) (Version: 6.9.0 - Seznam.cz a.s.)
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Quick Startup 5.20.1.174 (HKLM\...\Quick Startup) (Version: 5.20.1.174 - Glarysoft Ltd)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9205.1 - Realtek Semiconductor Corp.)
Roblox Player for LuciFafa (HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\roblox-player) (Version: - Roblox Corporation)
Roblox Studio for LuciFafa (HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\roblox-studio) (Version: - Roblox Corporation)
S.K.I.L.L. - Special Force 2 (HKLM\...\Special Force 2 Beta_is1) (Version: - Gameforge 4D GmbH)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0-2) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Warface My.Com (HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Warface My.Com) (Version: 1.74 - My.com B.V.)
Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 6.02 (32-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM\...\x264vfw) (Version: - )
Xvid 1.2.2 final uninstall (HKLM\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))
Youtube Downloader HD v. 4.0 (HKLM\...\Youtube Downloader HD_is1) (Version: - YoutubeDownloaderHD.com)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x86__8wekyb3d8bbwe [2021-08-14] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-08-14] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.5310.0_x86__8wekyb3d8bbwe [2022-06-08] (Microsoft Studios) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_52.10427.388.0_x86__8wekyb3d8bbwe [2022-05-14] (Microsoft Corporation)
Trio Office -> C:\Program Files\WindowsApps\64343GTDocStudio.OfficeDocOpener_3.2.24.0_x86__3h5nez1g3qt2c [2021-08-14] (GT Office PDF Studio)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000_Classes\CLSID\{9d7602e2-51fa-4133-8d8b-5277272dd0a2}\localserver32 -> C:\Users\LuciFafa\AppData\Roaming\Seznam Browser\sznAgent\Seznam.cz.exe (Seznam.cz, a.s. -> Seznam.cz)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-06-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu32.dll [2021-07-10] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-06-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-06-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu32.dll [2021-07-10] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacmxx.dll [2018-09-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-06-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-1117677789-4214877554-3075564690-1000: [VIDEOTRANS] -> {C8CA0A66-AF32-4D5E-879E-F0809ACEDC55} => C:\Program Files\Media Player Utilities 4.46\AMVConverter\AmvTransform.dll [2007-06-16] () [File not signed]
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.FMVC] => C:\WINDOWS\system32\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\WINDOWS\system32\LameACM.acm [839680 2014-03-25] (hxxp://www.mp3dev.org/) [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => C:\WINDOWS\system32\pvmjpg30.dll [401408 2007-06-21] (Pegasus Imaging Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mpeg] => C:\WINDOWS\system32\bdmpegv.dll [73728 2010-02-17] () [File not signed]
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\WINDOWS\system32\bdmpega.acm [73728 2010-02-17] () [File not signed]
HKLM\...\Drivers32: [vidc.mjpx] => C:\WINDOWS\system32\bdmjpeg.dll [14848 2010-02-17] () [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\LuciFafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=2&aff_sub2=3vW7d674xwPahcoL14LJA8P1yFGNipcgG3isbGA4nyxhisd8ssKwisHipJgAAAOisBiszMie&click_id=1eb056b9ba3ba75af06c956758d86d20b332eab2
ShortcutWithArgument: C:\Users\LuciFafa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=2&aff_sub2=3vW7d674xwPahcoL14LJA8P1yFGNipcgG3isbGA4nyxhisd8ssKwisHipJgAAAOisBiszMie&click_id=1eb056b9ba3ba75af06c956758d86d20b332eab2
==================== Loaded Modules (Whitelisted) =============
2018-04-24 23:07 - 2018-04-24 23:07 - 000013824 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2018-04-24 23:07 - 2018-04-24 23:07 - 001951232 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2015-09-25 12:56 - 2014-07-23 03:59 - 000104448 ____R () [File not signed] C:\Program Files\ASUS\AXSP\1.02.00\ATKEX.dll
2015-09-25 12:56 - 2022-06-13 15:41 - 000026112 _____ () [File not signed] C:\Program Files\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2007-06-16 17:18 - 2007-06-16 17:18 - 000032768 _____ () [File not signed] C:\Program Files\Media Player Utilities 4.46\AMVConverter\AmvTransform.dll
2012-04-11 10:40 - 2012-04-11 10:40 - 000067584 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.dll
2015-09-25 12:56 - 2014-07-23 03:59 - 000028672 ____R (ASUSTek Computer Inc.) [File not signed] C:\WINDOWS\SYSTEM32\asio.dll
2009-09-16 18:37 - 2009-09-16 18:37 - 000118784 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hptcpmib.dll
2009-09-16 18:38 - 2009-09-16 18:38 - 000200704 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\HpTcpMon.dll
2009-09-16 11:44 - 2009-09-16 11:44 - 000139264 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hpzjrd01.dll
2009-09-16 18:40 - 2009-09-16 18:40 - 000245760 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\HPTcpMUI.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000026112 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000033280 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000027648 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000243712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000020992 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000020992 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000019968 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000400896 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 001091072 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2018-09-26 00:17 - 2018-09-26 00:17 - 004756992 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 004958720 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000759296 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000226816 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 002601472 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 002841600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000265216 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000264192 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 052137984 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000086528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 004452352 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000234496 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000150016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 002236928 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000040960 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000015360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000015360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000257024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000071168 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000015360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2019-11-03 16:00 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
2018-11-25 14:19 - 2018-11-25 14:28 - 000000440 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 LuciFafa-PC.mshome.net # 2023 11 5 24 12 28 50 123
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\ProgramData\Oracle\Java\javapath;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files\Common Files\Teleca Shared;C:\Program Files\Pinnacle\Shared Files\;C:\Windows\system32\Wbem;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
DNS Servers: 10.0.0.138
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: MyComGames => "C:\Users\LuciFafa\AppData\Local\MyComGames\MyComGames.exe" -autostart
HKLM\...\StartupApproved\StartupFolder: => "Avast SecureLine VPN.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "DriverUpdUI.exe"
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\StartupApproved\Run: => "GlassWire"
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_27C6E36BE91D64CEA30EC2D1951DF011"
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\StartupApproved\Run: => "Discord"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{AF58EBE6-9047-4600-BD74-3557F4A98BEA}C:\valofeeu\ca_classic\voicechat.exe] => (Allow) C:\valofeeu\ca_classic\voicechat.exe (VALOFE Co.,Ltd. -> )
FirewallRules: [TCP Query User{4C2C283E-2680-45AF-B60F-7C5F69186551}C:\valofeeu\ca_classic\voicechat.exe] => (Allow) C:\valofeeu\ca_classic\voicechat.exe (VALOFE Co.,Ltd. -> )
FirewallRules: [UDP Query User{C9D5680E-B989-4E48-BE51-378F27EA5DD0}C:\program files\assassins creed iv black flag\ac4bfmp.exe] => (Block) C:\program files\assassins creed iv black flag\ac4bfmp.exe (Ubisoft Entertainment SA -> ) [File not signed]
FirewallRules: [TCP Query User{F2A83DB1-07EE-433B-AF71-CBE1BA6EFA7A}C:\program files\assassins creed iv black flag\ac4bfmp.exe] => (Block) C:\program files\assassins creed iv black flag\ac4bfmp.exe (Ubisoft Entertainment SA -> ) [File not signed]
FirewallRules: [TCP Query User{46399DCA-573F-4286-B236-9030E170AA85}C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe (Mail.Ru, LLC -> MY.COM B.V.)
FirewallRules: [UDP Query User{3B1B9D02-F2AA-4AE3-8F5E-34376C338569}C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe (Mail.Ru, LLC -> MY.COM B.V.)
FirewallRules: [{EC87A27C-4074-4AA5-BBFD-9211877F2D38}] => (Allow) C:\Program Files\GameforgeLive\gfl_client.exe (Gameforge 4D GmbH -> )
FirewallRules: [{CDD954B7-20A5-498C-9D61-42E0CAA801E8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7B950B8E-B792-4B3C-9C6B-16CA488974BC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{FCF751CB-8BE5-4862-BF29-4484D9A2273E}C:\r.g. catalyst\assassin`s creed iii\ac3sp.exe] => (Block) C:\r.g. catalyst\assassin`s creed iii\ac3sp.exe (Ubisoft Entertainment SA -> )
FirewallRules: [UDP Query User{F3F2ABE5-DE71-4224-A7CC-C5F87635F948}C:\r.g. catalyst\assassin`s creed iii\ac3sp.exe] => (Block) C:\r.g. catalyst\assassin`s creed iii\ac3sp.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{7EF9D1B9-A961-412F-8121-54703B007668}] => (Allow) C:\ProgramData\VALOFEEU\NGM\NGM.exe (valofe Co.,Ltd. -> Nexon)
FirewallRules: [{D94F133B-68D5-4D67-802E-BBAB479A690A}] => (Allow) C:\ProgramData\VALOFEEU\NGM\NGM.exe (valofe Co.,Ltd. -> Nexon)
FirewallRules: [{B62F51D2-CB7F-4467-B68F-05ADACF73D9B}] => (Allow) C:\VALOFEEU\CA_Classic\NMService.exe (VALOFE Co.,Ltd. -> Nexon Corp.)
FirewallRules: [{FE8601DC-5AF1-4D41-9EE1-43B036E365C3}] => (Allow) C:\VALOFEEU\CA_Classic\NMService.exe (VALOFE Co.,Ltd. -> Nexon Corp.)
FirewallRules: [{28D684D2-201F-4CCE-86A4-569C7B53CFB8}] => (Allow) C:\Program Files\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{CE685811-8353-43A0-A229-8CCF53A9D23D}] => (Allow) C:\Program Files\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{D95C7E3B-0885-4494-8F1D-52E56FAFE42F}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{8857EC3E-97CB-4162-978D-67E0E074E9D2}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{F9DDEA7B-3523-497E-BE08-4FE3153575F6}] => (Allow) C:\Program Files\Steam\steamapps\common\AVA\launcher.exe (En Masse Entertainment -> En Masse Entertainment)
FirewallRules: [{D446791A-4EC4-4388-9308-91E40AE6E082}] => (Allow) C:\Program Files\Steam\steamapps\common\AVA\launcher.exe (En Masse Entertainment -> En Masse Entertainment)
FirewallRules: [TCP Query User{F53E705D-E7F5-45B9-915F-19E5944A1C59}C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe (Mail.Ru, LLC -> )
FirewallRules: [UDP Query User{0957E6CE-664B-4153-818A-2F79CEFC3259}C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe (Mail.Ru, LLC -> )
FirewallRules: [{220C6B6F-CA5A-4F4C-9728-D0CEFCDA7C97}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{3E15E737-175B-4C45-B5DC-5A51FA4AE876}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{A048AB68-9C44-4BAA-93F6-D7CB77BB7F31}] => (Allow) C:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{7268D25D-F217-4CA9-86E2-FB6B413E2033}] => (Allow) C:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [TCP Query User{63968150-81BF-476E-A288-660AD9FB5B96}C:\program files\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\program files\pro evolution soccer 2016\pes2016.exe (Konami Digital Entertainment Co., Ltd. -> Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [UDP Query User{6C5050AF-2961-45EE-8CE0-062ACF12A65F}C:\program files\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\program files\pro evolution soccer 2016\pes2016.exe (Konami Digital Entertainment Co., Ltd. -> Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{F311D39B-F000-4043-BB9A-068CA6FFAE17}] => (Allow) C:\Program Files\GameforgeLive\Games\CZE_ces\S.K.I.L.L\Binaries\Win32\sf2.exe (DRAGONFLY GF CO., LTD. -> DragonflyGames, Inc.)
FirewallRules: [{C2C938D0-FF05-49C9-896D-4AF0FCCF670D}] => (Allow) C:\Program Files\GameforgeLive\Games\CZE_ces\S.K.I.L.L\Binaries\Win32\sf2.exe (DRAGONFLY GF CO., LTD. -> DragonflyGames, Inc.)
FirewallRules: [{3F7C807D-766A-4EBD-87E4-10D24E364A3A}] => (Allow) C:\VALOFEEU\CA_Classic\NMService.exe (VALOFE Co.,Ltd. -> Nexon Corp.)
FirewallRules: [{AFA2B0E8-B9B3-4FA9-98CC-50FDEE2826A9}] => (Allow) C:\VALOFEEU\CA_Classic\NMService.exe (VALOFE Co.,Ltd. -> Nexon Corp.)
FirewallRules: [{76F3E7E5-B4B1-4935-80B6-91FA1E7E914C}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{33B957B4-FDB5-4287-89AE-075D6A35681F}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{A970E5AC-8814-4D21-850F-EDDABDE8A561}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{85CD6CF5-EBDD-445F-975E-82EF5F1559E1}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{186ED2F4-EFFC-492A-971D-A3038B3DCBEA}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{F5D385D5-4DF8-49D0-80C6-B994543C132F}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{20C40F1E-B9E0-4043-8E16-522526821F6D}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{4C109B9C-0E86-4579-8B31-83C415CF9520}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{6C428E1A-D6D7-41B8-90B2-A32A5F88D61B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{0C668B2E-5EB3-4E6E-B551-B76A61A9478E}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{BC8A7952-E93F-4222-A265-863CA59E4B1B}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
DomainProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\CombatArms.exe] => C:\Nexon\Combat Arms EU\Combatarms.exe:*Enabled:Combatarms.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\Engine.exe] => :*Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe] => Enabled:CombatArms.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe] => Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe] => Enabled:NMService.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\CombatArms.exe] => :*Enabled:CombatArms.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\Engine.exe] => :*Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\NMService.exe] => Enabled:NMService.exe
DomainProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\CombatArms.exe] => :*Enabled:CombatArms.exe
DomainProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\Engine.exe] => :*Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\NMService.exe] => Enabled:NMService.exe
DomainProfile\AuthorizedApplications: [C:\VALOFEEU\CA_Classic\CombatArmsClassic.exe] => :*Enabled:CombatArmsClassic.exe
DomainProfile\AuthorizedApplications: [C:\VALOFEEU\CA_Classic\Engine.exe] => :*Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Valofe\CombatArms\CombatArms.exe] => Enabled:CombatArms.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Valofe\CombatArms\Engine.exe] => Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Valofe\CombatArms\NMService.exe] => Enabled:NMService.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\CombatArms.exe] => C:\Nexon\Combat Arms EU\Combatarms.exe:*Enabled:Combatarms.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\Engine.exe] => :*Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe] => Enabled:CombatArms.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe] => Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe] => Enabled:NMService.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\CombatArms.exe] => :*Enabled:CombatArms.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\Engine.exe] => :*Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\NMService.exe] => Enabled:NMService.exe
StandardProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\CombatArms.exe] => :*Enabled:CombatArms.exe
StandardProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\Engine.exe] => :*Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\NMService.exe] => Enabled:NMService.exe
StandardProfile\AuthorizedApplications: [C:\VALOFEEU\CA_Classic\CombatArmsClassic.exe] => :*Enabled:CombatArmsClassic.exe
StandardProfile\AuthorizedApplications: [C:\VALOFEEU\CA_Classic\Engine.exe] => :*Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Valofe\CombatArms\CombatArms.exe] => Enabled:CombatArms.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Valofe\CombatArms\Engine.exe] => Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Valofe\CombatArms\NMService.exe] => Enabled:NMService.exe
==================== Restore Points =========================
01-06-2022 11:53:13 Naplánovaný kontrolní bod
10-06-2022 12:30:51 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (06/13/2022 03:43:39 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu FirewallProduct z úložiště dat.
Error: (06/13/2022 02:45:59 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (06/13/2022 02:22:01 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Rezervováno systémem, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (06/13/2022 02:17:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: PES2015.exe, verze: 1.0.0.0, časové razítko: 0x5450aba2
Název chybujícího modulu: PES2015.exe, verze: 1.0.0.0, časové razítko: 0x5450aba2
Kód výjimky: 0xc0000005
Posun chyby: 0x0132b0b6
ID chybujícího procesu: 0xd80
Čas spuštění chybující aplikace: 0x01d87f1888c080aa
Cesta k chybující aplikaci: C:\Program Files\Pro Evolution Soccer 2015\PES2015.exe
Cesta k chybujícímu modulu: C:\Program Files\Pro Evolution Soccer 2015\PES2015.exe
ID zprávy: b7fe49c9-ae00-49f9-8269-8046dcc5f5e9
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (06/12/2022 01:46:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: CCleaner.exe, verze: 6.0.0.9727, časové razítko: 0x627b6e76
Název chybujícího modulu: CCleaner.exe, verze: 6.0.0.9727, časové razítko: 0x627b6e76
Kód výjimky: 0xc0000409
Posun chyby: 0x00b17a66
ID chybujícího procesu: 0x1948
Čas spuštění chybující aplikace: 0x01d87e51aafdf2d8
Cesta k chybující aplikaci: C:\Program Files\CCleaner\CCleaner.exe
Cesta k chybujícímu modulu: C:\Program Files\CCleaner\CCleaner.exe
ID zprávy: baefcfb2-5498-49de-9717-09de4a887017
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (06/11/2022 12:02:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: PES2015.exe, verze: 1.0.0.0, časové razítko: 0x5450aba2
Název chybujícího modulu: PES2015.exe, verze: 1.0.0.0, časové razítko: 0x5450aba2
Kód výjimky: 0xc0000005
Posun chyby: 0x0132b0b6
ID chybujícího procesu: 0x21f0
Čas spuštění chybující aplikace: 0x01d87d70e31780f8
Cesta k chybující aplikaci: C:\Program Files\Pro Evolution Soccer 2015\PES2015.exe
Cesta k chybujícímu modulu: C:\Program Files\Pro Evolution Soccer 2015\PES2015.exe
ID zprávy: 884529ec-1ce6-4f8e-be37-2ed757822389
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (06/10/2022 08:00:00 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Zálohování nebylo úspěšné. Chyba: Konfigurace zálohování není platná. Zkontrolujte nastavení zálohování. (0x81000029).
Error: (06/10/2022 12:31:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).
System Error:
Přístup byl odepřen.
.
System errors:
=============
Error: (06/13/2022 03:41:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba amdacpusrsvc neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (06/13/2022 03:41:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba amdacpksd neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (06/13/2022 03:41:46 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (15:27:40, 13.6.2022) bylo neočekávané.
Error: (06/12/2022 06:49:18 PM) (Source: DCOM) (EventID: 10005) (User: LuciFafa-PC)
Description: Služba DCOM zjistila chybu 1053 při pokusu o spuštění služby BcastDVRUserService_35ac4bb s argumenty Není k dispozici za účelem spuštění serveru:
Windows.Media.Capture.Internal.AppCaptureShell
Error: (06/12/2022 06:49:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Uživatelská služba pro GameDVR a vysílání her_35ac4bb neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (06/12/2022 06:49:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Uživatelská služba pro GameDVR a vysílání her_35ac4bb bylo dosaženo časového limitu (30000 ms).
Error: (06/11/2022 12:04:46 PM) (Source: DCOM) (EventID: 10010) (User: LuciFafa-PC)
Description: Server Windows.Media.Capture.Internal.AppCaptureShell se v daném časovém limitu neregistroval u služby DCOM.
Error: (06/09/2022 06:21:16 PM) (Source: DCOM) (EventID: 10010) (User: LuciFafa-PC)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
================
Date: 2022-02-11 09:58:29
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {CB9D779E-6F36-4D22-8F8F-8AC500F3D74B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-02-11 09:43:56
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {7D0C70E9-E2E2-47B1-B05D-192075B7D766}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-01-09 15:48:22
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {37353852-E8D8-4FA2-9319-60C0A0C84079}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: LuciFafa-PC\LuciFafa
Date: 2021-01-09 15:35:55
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CryptInject!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\LuciFafa\Downloads\FRST.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.329.1924.0, AS: 1.329.1924.0, NIS: 1.329.1924.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4
Date: 2021-01-09 15:34:23
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CryptInject!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\LuciFafa\Downloads\FRST.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: LuciFafa-PC\LuciFafa
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.329.1924.0, AS: 1.329.1924.0, NIS: 1.329.1924.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4
Event[0]:
Date: 2022-06-01 11:35:19
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.359.12.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18900.3
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2022-06-01 11:35:19
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.359.12.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18900.3
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2022-06-01 11:35:19
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.359.12.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18900.3
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2022-06-01 11:35:19
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.359.12.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18900.3
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2022-06-01 11:35:19
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.359.12.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18900.3
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
CodeIntegrity:
===============
Date: 2022-06-13 15:49:30
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\amdihk32.dll that did not meet the Microsoft signing level requirements.
Date: 2022-06-13 15:46:07
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2022-06-13 15:45:14
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2022-06-13 15:45:13
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 2301 04/24/2015
Motherboard: ASUSTeK COMPUTER INC. A88XM-A
Processor: AMD A8-7600 Radeon R7, 10 Compute Cores 4C+6G
Percentage of memory in use: 56%
Total physical RAM: 3030.36 MB
Available physical RAM: 1314.69 MB
Total Virtual: 6102.36 MB
Available Virtual: 3881.57 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.97 GB) (Free:428.54 GB) (Model: ST1000DM 003-1SB10C SATA Disk Device) NTFS
Drive e: (GRID Autosport Complete) (CDROM) (Total:13.65 GB) (Free:0 GB) UDF
Drive g: (AC4 Black Flag) (CDROM) (Total:23.13 GB) (Free:0 GB) CDFS
Drive h: (Pro Evolution Soccer 2015) (CDROM) (Total:5.98 GB) (Free:0 GB) UDF
\\?\Volume{bfa7490a-636e-11e5-a8d8-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS
\\?\Volume{09292a41-0000-0000-0000-90c4e8000000}\ () (Fixed) (Total:0.44 GB) (Free:0.1 GB) NTFS
\\?\Volume{1a79a4a2-92ca-11e5-a372-14dda9805d58}\ (DiRT Rally) (CDROM) (Total:20.44 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 09292A41)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-05-2022 (ATTENTION: ====> FRSTversion is 31 days old and could be outdated)
Ran by LuciFafa (administrator) on LUCIFAFA-PC (13-06-2022 16:25:18)
Running from C:\Users\LuciFafa\Desktop
Loaded Profiles: LuciFafa
Platform: Microsoft Windows 10 Home Version 21H1 19043.1706 (X86) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(DriverStore\FileRepository\ct334123.inf_x86_f8c501d7d775b475\B333740\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\ct334123.inf_x86_f8c501d7d775b475\B333740\atieclxx.exe
(explorer.exe ->) (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(explorer.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <11>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\ct334123.inf_x86_f8c501d7d775b475\B333740\atiesrxx.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files\ASUS\AXSP\1.02.00\atkexComSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\System32\PnkBstrA.exe
(services.exe ->) (Glarysoft LTD -> Glarysoft Ltd) C:\Program Files\Common Files\Glarysoft\StartupManager\1.0\GUBootService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [10091088 2021-07-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [NUSB3MON] => C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.) [File not signed]
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [188240 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe (No File)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe (No File)
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Run: [GUDelayStartup] => C:\Program Files\Glarysoft\Quick Startup\StartupManager.exe [46568 2022-06-12] (Glarysoft LTD -> Glarysoft Ltd)
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\WINDOWS\system32\HpTcpMon.dll [200704 2009-09-16] (Hewlett Packard) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\102.0.5005.63\Installer\chrmstp.exe [2022-06-02] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
GroupPolicy\User: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1341ABBB-78DB-4E4D-8A35-5DDA86AF973F} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (No File)
Task: {1770BB4B-35E9-40B1-A407-932BB5969459} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {1CF0C451-0775-4B00-AE47-7DFE8EDAB5AD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-11-10] (Adobe Inc. -> Adobe)
Task: {24FA84A0-E087-48EC-BC51-2B9C4C815D78} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {2A5EB73E-0E29-4E90-8F07-424A175FF490} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {2D4B58F6-225A-414C-86C6-6142517E44AF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1947984 2022-05-24] (Avast Software s.r.o. -> Avast Software)
Task: {367F930A-A3DB-4112-B1F1-50E92A171C88} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {37F687A7-A1EC-49D0-9C6C-FFF191B2D7E3} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {3A95B8C8-B1C9-402B-ADA9-0FC3D224F57C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (No File)
Task: {3F983359-DF03-40CA-8C66-C8389544BBF5} - System32\Tasks\{002AE781-3C13-4988-9DD7-5C950841373F} => C:\Program Files\Nexon\Nexon Launcher\nexon_launcher.exe (No File)
Task: {52A6C2AC-44AE-46B7-87DF-2D58DF54A27F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_0_0_445_Plugin.exe [1502264 2020-11-10] (Adobe Inc. -> Adobe)
Task: {55047966-87F9-49AC-B67C-C3F06FC3632A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {6160C767-EFC6-4EC0-91D7-FD8DCC2F0DC0} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {70CB6F2E-9890-4DBA-9669-7B62A80B6BFE} - System32\Tasks\{2C168AB7-D565-42E8-9497-5F708AEBE37C} => C:\VALOFEEU\CA_Classic\CombatArmsClassic.exe [5498912 2022-06-07] (VALOFE Co.,Ltd. -> Valofe)
Task: {83CC6E3E-1B1E-46A5-9804-E32CB79B5FA5} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (No File)
Task: {8E5D4FB0-BC25-4160-9C8A-D8F458BE987F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (No File)
Task: {9855590B-F0DB-4E47-ADB7-C33603C35716} - System32\Tasks\AMD ThankingURL => C:\Program Files\AMD\CIM\Bin\Setup.exe [701832 2018-09-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {9ED3DE3C-4F79-485B-9306-97AFE797BB4E} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (No File)
Task: {A7B2DD51-B885-4014-9E5A-9392F4848566} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {AB4E247F-3307-4A04-A06F-34E942D8613D} - System32\Tasks\Java Updater => C:\Users\LuciFafa\AppData\Roaming\nircmd.exe [44032 2013-08-11] (NirSoft) [File not signed] -> exec hide "C:\Users\LuciFafa\AppData\Roaming\Redist.exe" <==== ATTENTION
Task: {B8B2386F-6E5B-4023-8FFB-FE6F7B837124} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {B8E7B8B6-4F15-42CA-8BCD-DD35DDC7B7C9} - System32\Tasks\Microsoft\Windows\AppListBackup\Backup => {E0DCC2CC-3354-45F2-8914-519E07809082} C:\WINDOWS\system32\AppListBackupLauncher.dll [68096 2022-04-13] (Microsoft Windows -> Microsoft Corporation)
Task: {BD80CDBE-1726-4F32-B132-CBB2A1225B06} - System32\Tasks\StartCN => C:\Program Files\AMD\\CNext\CNext\cncmd.exe [43400 2018-09-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {C5F8BF48-D9C0-49AB-8288-9578F7F23A8A} - System32\Tasks\StartDVR => C:\Program Files\AMD\\CNext\CNext\dvrcmd.exe [59272 2018-09-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {C91D36A5-9DCF-46B3-90AC-177377049E24} - System32\Tasks\CCleanerSkipUAC - LuciFafa => C:\Program Files\CCleaner\CCleaner.exe [30924528 2022-05-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DAED5BBC-2604-4BA3-A0C6-E292004A5685} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [155432 2019-10-23] (Google Inc -> Google LLC)
Task: {E0136285-6E77-4294-AA4C-D156F26CC8DD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [155432 2019-10-23] (Google Inc -> Google LLC)
Task: {E5A10CDF-C165-46D4-92E0-60FE090D47C5} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (No File)
Task: {E76E1E7A-4B39-4EB2-81FF-287934DD7238} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-05-11] (Piriform Software Ltd -> Piriform)
Task: {E79B2998-8F63-451A-A56D-26EDC0A5098A} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {F3B0CFB8-19B3-47EC-A984-B9DEFC7B4FE8} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4361040 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 01 %SystemRoot%\system32\napinsp.dll => No File ATTENTION: LibraryPath should be "%SystemRoot%\system32\napinsp.dll"
Winsock: Catalog5 02 %SystemRoot%\system32\pnrpnsp.dll => No File ATTENTION: LibraryPath should be "%SystemRoot%\system32\pnrpnsp.dll"
Winsock: Catalog5 03 %SystemRoot%\system32\pnrpnsp.dll => No File ATTENTION: LibraryPath should be "%SystemRoot%\system32\pnrpnsp.dll"
Winsock: Catalog5 04 %SystemRoot%\system32\wshbth.dll => No File
Winsock: Catalog5 05 %SystemRoot%\system32\NLAapi.dll => No File ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 06 %SystemRoot%\System32\winrnr.dll => No File ATTENTION: LibraryPath should be "%SystemRoot%\System32\winrnr.dll"
Winsock: Catalog5 07 %SystemRoot%\System32\mswsock.dll => No File ATTENTION: LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{651cc846-fdac-48b2-a304-e0ae3437fe4a}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{e55cae65-50a3-4f82-bac5-aa71c74b0ab9}: [DhcpNameServer] 192.168.42.129
Edge:
=======
DownloadDir: C:\Users\LuciFafa\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000 -> about:start
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
FireFox:
========
FF DefaultProfile: vdbq5k47.default-1616568206022
FF ProfilePath: C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\vdbq5k47.default-1616568206022 [2022-06-13]
FF Homepage: Mozilla\Firefox\Profiles\vdbq5k47.default-1616568206022 -> www.google.com
FF NetworkProxy: Mozilla\Firefox\Profiles\vdbq5k47.default-1616568206022 -> type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_32_0_0_445.dll [2020-11-10] (Adobe Inc. -> )
FF Plugin: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameeu.dll [2018-01-05] (Nexon) [File not signed]
FF Plugin: @ogplanet.com/npOGPPlugin -> C:\Windows\system32\npOGPPlugin.dll [2009-11-19] (OGPlanet -> OGPlanet)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin HKU\S-1-5-21-1117677789-4214877554-3075564690-1000: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin HKU\S-1-5-21-1117677789-4214877554-3075564690-1000: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin HKU\S-1-5-21-1117677789-4214877554-3075564690-1000: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin HKU\S-1-5-21-1117677789-4214877554-3075564690-1000: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Users\LuciFafa\AppData\Local\AVAST Software\Browser\Update\1.8.1206.2\npAvastBrowserUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-1117677789-4214877554-3075564690-1000: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Users\LuciFafa\AppData\Local\AVAST Software\Browser\Update\1.8.1206.2\npAvastBrowserUpdate3.dll [No File]
Chrome:
=======
CHR Profile: C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default [2022-05-03]
CHR Extension: (Prezentace) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-11-02]
CHR Extension: (Dokumenty) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-11-02]
CHR Extension: (Disk Google) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-01]
CHR Extension: (YouTube) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-11-02]
CHR Extension: (Tabulky) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-11-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-08-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-16]
CHR Extension: (Gmail) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-01]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-11-10] (Adobe Inc. -> Adobe)
R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\ct334123.inf_x86_f8c501d7d775b475\B333740\atiesrxx.exe [408552 2018-10-05] (Advanced Micro Devices, Inc. -> AMD)
R2 asComSvc; C:\Program Files\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-07-23] (ASUSTeK Computer Inc. -> )
R2 AsSysCtrlService; C:\Program Files\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-07-23] (ASUSTeK Computer Inc. -> ) [File not signed]
S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7627912 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [520016 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [520016 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2022-02-11] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files\Common Files\BattlEye\BEService.exe [6283712 2022-04-28] (BattlEye Innovations e.K. -> )
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [623344 2022-04-07] (Piriform Software Ltd -> )
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1034584 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd)
R2 GUBootService; C:\Program Files\Common Files\Glarysoft\StartupManager\1.0\GUBootService.exe [880616 2022-06-12] (Glarysoft LTD -> Glarysoft Ltd)
S3 npggsvc; C:\Windows\system32\GameMon.des [9369560 2020-10-26] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2018-11-14] (Even Balance, Inc. -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2201.10-0\NisSrv.exe [1900632 2022-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2201.10-0\MsMpEng.exe [89704 2022-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\ct334123.inf_x86_f8c501d7d775b475\B333740\atikmdag.sys [42515432 2018-10-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\ct334123.inf_x86_f8c501d7d775b475\B333740\atikmpag.sys [457192 2018-10-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 amdkmpfd; C:\WINDOWS\System32\DRIVERS\amdkmpfd.sys [40136 2014-10-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [73928 2015-03-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [36040 2015-03-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R1 AsIO; C:\WINDOWS\System32\drivers\AsIO.sys [14720 2014-07-23] (ASUSTeK Computer Inc. -> )
S3 AsusVBus; C:\WINDOWS\System32\DRIVERS\AsusVBus.sys [33048 2017-01-09] (ASUSTeK Computer Inc. -> Windows (R) Win 7 DDK provider)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36832 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [193224 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [325296 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [210600 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [94376 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [19400 2022-02-11] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42520 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [229520 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [401904 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [95952 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [75136 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [694952 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [561000 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [164584 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [48152 2018-09-07] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [269888 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT3.sys [90600 2018-07-17] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 ATP; C:\WINDOWS\System32\DRIVERS\AsusTP.sys [66872 2017-01-09] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [200192 2020-09-26] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [104448 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BtHidBus; C:\WINDOWS\System32\Drivers\BtHidBus.sys [19592 2009-09-24] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.)
S3 btnetBUs; C:\WINDOWS\System32\Drivers\btnetBus.sys [22528 2009-09-24] () [File not signed]
R1 ccSet_NST; C:\WINDOWS\system32\drivers\NST\7DE070B0.02A\ccSetx86.sys [127064 2013-09-27] (Symantec Corporation -> Symantec Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [25016 2015-10-14] (Disc Soft Ltd -> Disc Soft Ltd)
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [27632 2022-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Glarysoft Ltd)
S3 IvtBtBUs; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [25480 2009-08-26] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.)
S3 k750bus; C:\WINDOWS\System32\drivers\k750bus.sys [55216 2005-02-11] (Microsoft Windows Hardware Compatibility Publisher -> MCCI)
S3 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [15688 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [10320 2013-09-30] (MiniTool Solution Ltd -> )
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [994136 2022-02-21] (Realtek Semiconductor Corp. -> Realtek)
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [24184 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [5120 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 usbfilter; C:\WINDOWS\System32\DRIVERS\usbfilter.sys [48352 2014-02-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [15872 2020-09-29] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [39320 2022-02-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [343272 2022-02-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [63736 2022-02-11] (Microsoft Windows -> Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\System32\drivers\WUDFRd.sys [218624 2022-04-13] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-06-13 16:25 - 2022-06-13 16:26 - 000028623 _____ C:\Users\LuciFafa\Desktop\FRST.txt
2022-06-13 16:24 - 2022-06-13 16:24 - 002073088 _____ (Farbar) C:\Users\LuciFafa\Downloads\FRST.exe
2022-06-13 16:22 - 2022-06-13 16:22 - 002073088 _____ (Farbar) C:\Users\LuciFafa\Desktop\FRST.exe
2022-06-13 15:55 - 2022-06-13 15:55 - 007904376 _____ (Glarysoft Ltd) C:\Users\LuciFafa\Downloads\qssetup.exe
2022-06-13 15:55 - 2022-06-13 15:55 - 000027632 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\GUBootStartup.sys
2022-06-13 15:55 - 2022-06-13 15:55 - 000001233 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quick Startup.lnk
2022-06-13 15:55 - 2022-06-13 15:55 - 000001221 _____ C:\Users\Public\Desktop\Quick Startup.lnk
2022-06-13 15:55 - 2022-06-13 15:55 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\GlarySoft
2022-06-13 15:55 - 2022-06-13 15:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft
2022-06-13 15:55 - 2022-06-13 15:55 - 000000000 ____D C:\ProgramData\Glarysoft
2022-06-13 15:55 - 2022-06-13 15:55 - 000000000 ____D C:\Program Files\Glarysoft
2022-06-13 15:55 - 2022-06-13 15:55 - 000000000 ____D C:\Program Files\Common Files\Glarysoft
2022-06-13 15:52 - 2022-06-13 15:52 - 003862520 _____ C:\Users\LuciFafa\Downloads\Autoruns.zip
2022-06-13 11:28 - 2022-06-13 11:28 - 069658934 _____ C:\Users\LuciFafa\Downloads\VID_20220613_112043.mp4
2022-06-12 13:49 - 2022-06-12 13:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-06-12 00:36 - 2022-06-13 15:41 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-06-07 12:19 - 2022-06-07 12:19 - 000236880 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-06-07 12:19 - 2022-06-07 12:19 - 000164584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2022-06-07 10:32 - 2022-06-07 10:32 - 000877152 _____ (CPUID, Inc. ) C:\Users\LuciFafa\Downloads\perfmonitor-2_2.04.exe
2022-06-07 10:32 - 2022-06-07 10:32 - 000001156 _____ C:\Users\Public\Desktop\CPUID PerfMonitor2.lnk
2022-06-07 10:30 - 2022-06-07 10:30 - 000001091 _____ C:\Users\Public\Desktop\CPUID ROG CPU-Z.lnk
2022-06-07 10:26 - 2022-06-07 10:26 - 001832088 _____ (CPUID, Inc. ) C:\Users\LuciFafa\Downloads\cpu-z_2.01-rog-en.exe
2022-06-07 10:23 - 2022-06-07 10:23 - 001443872 _____ (CPUID, Inc. ) C:\Users\LuciFafa\Downloads\hwmonitor_1.46.exe
2022-06-07 10:23 - 2022-06-07 10:23 - 000001120 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2022-06-07 10:21 - 2022-06-07 10:21 - 000021431 _____ C:\Users\LuciFafa\Downloads\latency.zip
2022-06-07 10:18 - 2022-06-07 10:18 - 002117608 _____ (CPUID, Inc. ) C:\Users\LuciFafa\Downloads\cpu-z_2.01-en.exe
2022-06-01 20:59 - 2022-06-01 21:00 - 229280135 _____ C:\Users\LuciFafa\Downloads\VID_20220601_202210(1).mp4
2022-06-01 20:59 - 2022-06-01 20:59 - 229280135 _____ C:\Users\LuciFafa\Downloads\VID_20220601_202210.mp4
2022-05-25 10:33 - 2022-05-25 10:34 - 868392912 _____ C:\Users\LuciFafa\Downloads\Coco - CZ Dabing - Full HD.avi
2022-05-21 07:43 - 2022-05-21 07:43 - 000000000 ____D C:\ProgramData\Piriform
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-06-13 16:26 - 2020-05-19 12:22 - 000000000 ____D C:\FRST
2022-06-13 16:25 - 2016-11-18 16:12 - 000000000 ____D C:\Users\LuciFafa\AppData\LocalLow\Mozilla
2022-06-13 16:13 - 2019-12-07 08:12 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-06-13 16:08 - 2020-09-26 19:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2022-06-13 16:04 - 2020-09-26 19:55 - 000003530 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-06-13 16:03 - 2020-09-26 19:55 - 000002872 _____ C:\WINDOWS\system32\Tasks\Java Updater
2022-06-13 15:56 - 2021-10-04 10:56 - 000002320 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - LuciFafa
2022-06-13 15:56 - 2020-09-26 19:55 - 000003254 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-06-13 15:50 - 2022-02-11 10:14 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-06-13 15:50 - 2015-09-25 12:34 - 000000000 ____D C:\Program Files\Google
2022-06-13 15:46 - 2019-01-15 12:21 - 000000000 ____D C:\Program Files\CCleaner
2022-06-13 15:42 - 2020-09-26 18:58 - 000000000 ____D C:\Users\LuciFafa
2022-06-13 15:41 - 2020-09-26 19:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-06-13 15:41 - 2020-09-26 19:38 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-06-13 15:41 - 2020-09-26 19:37 - 000008192 ___SH C:\DumpStack.log.tmp
2022-06-13 15:41 - 2015-09-26 08:21 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2022-06-13 14:18 - 2018-10-23 11:17 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\CrashDumps
2022-06-12 19:51 - 2021-06-30 20:52 - 000000000 ____D C:\Program Files\Common Files\BattlEye
2022-06-12 18:57 - 2022-02-11 11:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-06-12 18:57 - 2021-01-25 13:35 - 000002632 _____ C:\WINDOWS\system32\Tasks\AMD ThankingURL
2022-06-12 18:57 - 2021-01-25 13:34 - 000002204 _____ C:\WINDOWS\system32\Tasks\StartCN
2022-06-12 18:57 - 2021-01-25 13:34 - 000002118 _____ C:\WINDOWS\system32\Tasks\StartDVR
2022-06-12 18:57 - 2020-09-26 19:55 - 000003390 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-06-12 18:57 - 2020-09-26 19:55 - 000003166 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-06-12 13:49 - 2015-09-26 08:21 - 000001150 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-06-12 01:47 - 2015-12-26 21:36 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\AIMP
2022-06-12 01:35 - 2021-07-09 14:09 - 000000000 ____D C:\Users\LuciFafa\Desktop\Nová složka (2)
2022-06-11 23:26 - 2022-02-11 11:15 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-06-10 12:59 - 2020-11-11 17:58 - 000001469 _____ C:\Users\LuciFafa\Desktop\Roblox Player.lnk
2022-06-10 12:59 - 2020-11-11 17:57 - 000001292 _____ C:\Users\LuciFafa\Desktop\Roblox Studio.lnk
2022-06-10 12:59 - 2020-11-11 17:57 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2022-06-08 14:18 - 2019-12-07 08:12 - 000000000 ___HD C:\Program Files\WindowsApps
2022-06-08 14:18 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-06-07 12:20 - 2022-02-11 11:15 - 000325296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-06-07 12:20 - 2022-02-11 11:15 - 000269888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-06-07 12:19 - 2022-02-11 11:15 - 000694952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-06-07 12:19 - 2022-02-11 11:15 - 000561000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-06-07 12:19 - 2022-02-11 11:15 - 000401904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-06-07 12:19 - 2022-02-11 11:15 - 000229520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-06-07 12:19 - 2022-02-11 11:15 - 000210600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-06-07 12:19 - 2022-02-11 11:15 - 000193224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-06-07 12:19 - 2022-02-11 11:15 - 000095952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-06-07 12:19 - 2022-02-11 11:15 - 000094376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-06-07 12:19 - 2022-02-11 11:15 - 000075136 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-06-07 12:19 - 2022-02-11 11:15 - 000042520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-06-07 12:19 - 2022-02-11 11:15 - 000036832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2022-06-07 12:19 - 2019-12-07 08:12 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-06-07 11:24 - 2019-01-15 12:21 - 000000998 _____ C:\Users\Public\Desktop\CCleaner.lnk
2022-06-07 11:08 - 2017-09-05 09:37 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\AVAST Software
2022-06-07 10:32 - 2020-02-24 17:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2022-06-07 10:32 - 2020-02-24 17:14 - 000000000 ____D C:\Program Files\CPUID
2022-06-07 10:19 - 2020-02-24 17:14 - 000001059 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2022-06-07 10:15 - 2018-05-16 14:57 - 000001904 _____ C:\Users\LuciFafa\Desktop\CrystalDiskInfo.lnk
2022-06-07 10:09 - 2019-12-07 08:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-06-07 10:09 - 2015-09-25 12:42 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2022-06-05 21:13 - 2022-02-04 17:08 - 000000000 ____D C:\Users\LuciFafa\Desktop\rap
2022-06-05 20:15 - 2015-09-29 19:05 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\vlc
2022-06-03 16:52 - 2019-09-06 21:07 - 000000000 ____D C:\ProgramData\Packages
2022-06-03 13:03 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-06-02 14:51 - 2019-11-02 19:19 - 000002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-06-02 14:51 - 2019-11-02 19:19 - 000002166 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-06-01 12:24 - 2015-10-23 11:14 - 000001827 _____ C:\Users\Public\Desktop\Defraggler.lnk
2022-06-01 11:31 - 2020-01-26 13:40 - 000000000 ____D C:\Program Files\Recuva
2022-05-31 14:34 - 2019-12-07 08:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-05-31 14:22 - 2018-10-14 16:53 - 000000000 ____D C:\Users\LuciFafa\Downloads\Cz&Sk
2022-05-31 14:17 - 2020-11-20 12:12 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-05-31 13:59 - 2019-09-06 21:11 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\D3DSCache
2022-05-14 19:29 - 2019-12-07 08:10 - 000000000 ____D C:\WINDOWS\INF
2022-05-14 12:53 - 2015-10-22 07:41 - 000000000 ____D C:\ProgramData\AVAST Software
==================== Files in the root of some directories ========
2016-06-03 15:03 - 2016-06-03 15:03 - 000000603 _____ () C:\Program Files\Blacklight Retribution_enUpdaterLog.txt
2020-01-26 15:15 - 2014-05-24 21:09 - 000603763 ___SH () C:\Users\LuciFafa\AppData\Roaming\libcurl-4.dll
2020-01-26 15:15 - 2014-05-26 20:16 - 000626176 ___SH (The cURL library, hxxp://curl.haxx.se/) C:\Users\LuciFafa\AppData\Roaming\libcurl.dll
2020-01-26 15:15 - 2014-05-26 20:16 - 001704448 ___SH (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\LuciFafa\AppData\Roaming\libeay32.dll
2020-01-26 15:15 - 2014-05-26 20:16 - 000112142 ___SH () C:\Users\LuciFafa\AppData\Roaming\libgcc_s_dw2-1.dll
2020-01-26 15:15 - 2014-05-26 20:16 - 000279955 ___SH () C:\Users\LuciFafa\AppData\Roaming\libidn-11.dll
2020-01-26 15:15 - 2014-05-26 20:16 - 000148760 ___SH () C:\Users\LuciFafa\AppData\Roaming\libpdcurses.dll
2020-01-26 15:15 - 2014-05-04 11:16 - 000207360 ___SH (CodePlex Community) C:\Users\LuciFafa\AppData\Roaming\Microsoft.Win32.TaskScheduler.dll
2020-01-26 15:15 - 2013-08-11 15:41 - 000044032 ___SH (NirSoft) C:\Users\LuciFafa\AppData\Roaming\nircmd.exe
2020-01-26 15:15 - 2014-06-29 13:35 - 000294912 ___SH () C:\Users\LuciFafa\AppData\Roaming\nssm.exe
2016-06-03 15:01 - 2017-10-17 19:38 - 000022328 _____ () C:\Users\LuciFafa\AppData\Roaming\PnkBstrK.sys
2020-01-26 15:15 - 2014-05-24 21:09 - 000042496 ___SH (Open Source Software community project) C:\Users\LuciFafa\AppData\Roaming\pthreadGC2-w64.dll
2020-01-26 15:15 - 2014-05-26 20:16 - 000119704 ___SH (Open Source Software community LGPL) C:\Users\LuciFafa\AppData\Roaming\pthreadGC2.dll
2020-01-26 15:15 - 2014-06-26 17:21 - 001193458 ___SH () C:\Users\LuciFafa\AppData\Roaming\Runservice.exe
2020-01-26 15:15 - 2014-05-26 20:16 - 000364544 ___SH (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\LuciFafa\AppData\Roaming\ssleay32.dll
2020-01-26 15:15 - 2014-05-26 20:16 - 000113166 ___SH () C:\Users\LuciFafa\AppData\Roaming\zlib1.dll
2019-11-02 18:41 - 2019-11-02 18:41 - 000000038 _____ () C:\Users\LuciFafa\AppData\Local\cloudready_installer_uuid
2015-09-28 10:38 - 2021-01-09 17:20 - 000007602 _____ () C:\Users\LuciFafa\AppData\Local\Resmon.ResmonCfg
2020-11-03 12:00 - 2020-11-03 12:02 - 000000072 _____ () C:\Users\LuciFafa\AppData\Local\update_progress.txt
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-05-2022
Ran by LuciFafa (13-06-2022 16:27:27)
Running from C:\Users\LuciFafa\Desktop
Microsoft Windows 10 Home Version 21H1 19043.1706 (X86) (2020-09-26 17:56:41)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1117677789-4214877554-3075564690-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1117677789-4214877554-3075564690-503 - Limited - Disabled)
Guest (S-1-5-21-1117677789-4214877554-3075564690-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1117677789-4214877554-3075564690-1004 - Limited - Enabled)
LuciFafa (S-1-5-21-1117677789-4214877554-3075564690-1000 - Administrator - Enabled) => C:\Users\LuciFafa
WDAGUtilityAccount (S-1-5-21-1117677789-4214877554-3075564690-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Disabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
«Assassin`s Creed III» 1.06 (HKLM\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}_is1) (Version: 1.06 - Ubisoft)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 22.001.20117 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.445 - Adobe)
Adobe Refresh Manager (HKLM\...\{AC76BA86-0804-1033-1959-001824458876}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AIMP (HKLM\...\AIMP) (Version: v4.70.2251, 23.05.2021 - AIMP DevTeam)
AMD Problem Report Wizard (HKLM\...\{F2A66AD9-EF75-DE88-2D00-D43DB619A2BC}) (Version: 3.1.722.0 - ##COMPANY_NAME##) Hidden
AMD Settings - Branding (HKLM\...\{C186470C-6BAA-4AFA-AB1A-5AF50B8921C0}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.9.3 - Advanced Micro Devices, Inc.)
AMD USB 3.0 Device Detector (HKLM\...\{1D4675D5-0583-44CF-9DDD-3D9BDD4926A8}) (Version: 2.1.30.0 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (HKLM\...\{047532BE-2566-17C9-3C42-FED9CCB077D3}) (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (HKLM\...\{38230BC0-C1CE-E828-0E65-9439E5EC7FCA}) (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (HKLM\...\{5164089A-CA62-D4FE-2AC6-C8334F50AD28}) (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (HKLM\...\{61C56115-F7E2-EC86-24BA-BC2395BF5BB9}) (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (HKLM\...\{64B16C8D-1877-0D81-9151-225B2340723D}) (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (HKLM\...\{81052D74-E26D-FCBD-03B2-5E0D74848A39}) (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (HKLM\...\{D07C0DAB-27DE-3917-60C9-AF2A3C45199E}) (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (HKLM\...\{F85CEE70-1F81-B9B3-B57F-1F9CDE0F49F7}) (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
Angry Birds (HKLM\...\{24066C1A-104E-4577-9C28-2AE772005C1F}) (Version: 4.0.0 - Rovio Entertainment Ltd.)
Assassins Creed IV Black Flag (HKLM\...\QXNzYXNzaW5zQ3JlZWRJVkJsYWNrRmxhZw==_is1) (Version: 1 - )
aTube Catcher verze 3.8 (HKLM\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Audacity 2.1.2 (HKLM\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Audacity 3.1.3 (HKLM\...\Audacity_is1) (Version: 3.1.3 - Audacity Team)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 22.5.6015 - Avast Software)
Avast Update Helper (HKLM\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1189.1 - AVAST Software) Hidden
AviSynth 2.5 (HKLM\...\AviSynth) (Version: - )
Bandisoft MPEG-1 Decoder (HKLM\...\BandiMPEG1) (Version: - )
Catalyst Control Center - Branding (HKLM\...\{11087D24-567D-7D88-69C6-D7A08B5F4C47}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 6.00 - Piriform)
CCleaner Update Helper (HKLM\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1187.1 - Piriform Software) Hidden
Combat Arms Reloaded (HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Combat Arms Reloaded) (Version: VALOFE - VALOFE Global Ltd.)
Combat Arms the Classic (HKLM\...\CA_Classic) (Version: - )
CPUID CPU-Z 2.01 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.01 - CPUID, Inc.)
CPUID HWMonitor 1.46 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.46 - CPUID, Inc.)
CPUID PerfMonitor 2.04 (HKLM\...\CPUID PerfMonitor2_is1) (Version: 2.04 - CPUID, Inc.)
CPUID ROG CPU-Z 2.01 (HKLM\...\CPUID ROG CPU-Z_is1) (Version: 2.01 - CPUID, Inc.)
CrystalDiskInfo 7.6.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 7.6.0 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Debugging Tools for Windows (x86) (HKLM\...\{300A2961-B2B5-4889-9CB9-5C2A570D08AD}) (Version: 6.11.1.404 - Microsoft Corporation)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
DiRT Rally (HKLM\...\ZGlydHJhbGx5_is1) (Version: 1 - )
FORM studio (HKLM\...\FSCZ_is1) (Version: - KASTNER software s.r.o.)
Gameforge Live 2.0.13 (HKLM\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.13 - Gameforge)
Google Chrome (HKLM\...\Google Chrome) (Version: 102.0.5005.63 - Google LLC)
GRID Autosport Complete Edition (HKLM\...\Z3JpZGF1dG9zcG9ydA_is1) (Version: 1 - )
HP Customer Experience Enhancements (HKLM\...\{0CC8AE1D-F5AA-4143-8FAD-E017E0E9EE70}) (Version: 6.0.5.1 - Hewlett-Packard) Hidden
HP Unified IO (HKLM\...\{F1390872-2500-4408-A46C-CD16C960C661}) (Version: 2.0.0.434 - HP) Hidden
HPLJUTCore (HKLM\...\{B445502B-2F83-4873-90F1-06059F71A46A}) (Version: 014.000.0001 - HP) Hidden
hppM125LaserJetService (HKLM\...\{18D5B189-DBDD-4E57-A84B-58C7700E9BB0}) (Version: 001.032.00682 - Hewlett-Packard) Hidden
hpStatusAlerts (HKLM\...\{E35D0ED5-716B-4E1F-8477-54DD746DF527}) (Version: 140.040.00231 - Hewlett Packard) Hidden
K-Lite Mega Codec Pack 11.5.5 (HKLM\...\KLiteCodecPack_is1) (Version: 11.5.5 - )
Lame ACM MP3 Codec (HKLM\...\LameACM) (Version: - )
Media Player Utilities 4.46 (HKLM\...\{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}) (Version: 4.46 - )
Metric Collection SDK 35 (HKLM\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.7.2 (CSY) (HKLM\...\{6308154B-B596-3E24-AB86-71986CCD9905}) (Version: 4.7.03062 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.2 (HKLM\...\{10C4E843-C226-3FDF-9DD6-F4E3275E734D}) (Version: 4.7.03062 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27033 (HKLM\...\{624ba875-fdfc-4efa-9c66-b170dfebc3ec}) (Version: 14.16.27033.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 X86 Additional Runtime - 14.16.27033 (HKLM\...\{88D1025F-45D0-45C6-9EDB-379C2EE07AD7}) (Version: 14.16.27033 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 X86 Minimum Runtime - 14.16.27033 (HKLM\...\{D5AEE36E-4771-4F65-BDB6-8C59077BFBE4}) (Version: 14.16.27033 - Microsoft Corporation) Hidden
Microsoft_VC100_CRT_SP1_x86 (HKLM\...\{E3B64CC5-C011-40C0-92BC-7316CD5E5688}) (Version: 10.0.40219.1 - Nokia) Hidden
Mozilla Firefox (x86 cs) (HKLM\...\Mozilla Firefox 101.0.1 (x86 cs)) (Version: 101.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 101.0.1.8194 - Mozilla)
MP3 Normalizer version 2.1 (HKLM\...\{BE50A213-FB63-4E7B-89F1-D339D8FFDAAD}_is1) (Version: 2.1 - Code-it Software Solutions)
MP3 Volume Normalizer verze 1.5 (HKLM\...\MP3 Volume Normalizer_is1) (Version: 1.5 - )
MSVC80_x86_v2 (HKLM\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (HKLM\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MY.GAMES GameCenter (HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\GameCenter) (Version: 4.1542 - MY.COM B.V.)
NirSoft BlueScreenView (HKLM\...\NirSoft BlueScreenView) (Version: - )
Pinnacle VideoSpin (HKLM\...\{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}) (Version: 2.0.0.669 - Pinnacle Systems)
Pro Evolution Soccer 2015 (HKLM\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNQ==_is1) (Version: 1 - )
Pro Evolution Soccer 2016 (HKLM\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNg==_is1) (Version: 1 - )
Prohlížeč Seznam.cz (HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Seznam Browser) (Version: 6.9.0 - Seznam.cz a.s.)
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Quick Startup 5.20.1.174 (HKLM\...\Quick Startup) (Version: 5.20.1.174 - Glarysoft Ltd)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9205.1 - Realtek Semiconductor Corp.)
Roblox Player for LuciFafa (HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\roblox-player) (Version: - Roblox Corporation)
Roblox Studio for LuciFafa (HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\roblox-studio) (Version: - Roblox Corporation)
S.K.I.L.L. - Special Force 2 (HKLM\...\Special Force 2 Beta_is1) (Version: - Gameforge 4D GmbH)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0-2) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Warface My.Com (HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Warface My.Com) (Version: 1.74 - My.com B.V.)
Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 6.02 (32-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM\...\x264vfw) (Version: - )
Xvid 1.2.2 final uninstall (HKLM\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))
Youtube Downloader HD v. 4.0 (HKLM\...\Youtube Downloader HD_is1) (Version: - YoutubeDownloaderHD.com)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x86__8wekyb3d8bbwe [2021-08-14] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-08-14] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.5310.0_x86__8wekyb3d8bbwe [2022-06-08] (Microsoft Studios) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_52.10427.388.0_x86__8wekyb3d8bbwe [2022-05-14] (Microsoft Corporation)
Trio Office -> C:\Program Files\WindowsApps\64343GTDocStudio.OfficeDocOpener_3.2.24.0_x86__3h5nez1g3qt2c [2021-08-14] (GT Office PDF Studio)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000_Classes\CLSID\{9d7602e2-51fa-4133-8d8b-5277272dd0a2}\localserver32 -> C:\Users\LuciFafa\AppData\Roaming\Seznam Browser\sznAgent\Seznam.cz.exe (Seznam.cz, a.s. -> Seznam.cz)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-06-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu32.dll [2021-07-10] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-06-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-06-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu32.dll [2021-07-10] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacmxx.dll [2018-09-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-06-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-1117677789-4214877554-3075564690-1000: [VIDEOTRANS] -> {C8CA0A66-AF32-4D5E-879E-F0809ACEDC55} => C:\Program Files\Media Player Utilities 4.46\AMVConverter\AmvTransform.dll [2007-06-16] () [File not signed]
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.FMVC] => C:\WINDOWS\system32\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\WINDOWS\system32\LameACM.acm [839680 2014-03-25] (hxxp://www.mp3dev.org/) [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => C:\WINDOWS\system32\pvmjpg30.dll [401408 2007-06-21] (Pegasus Imaging Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mpeg] => C:\WINDOWS\system32\bdmpegv.dll [73728 2010-02-17] () [File not signed]
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\WINDOWS\system32\bdmpega.acm [73728 2010-02-17] () [File not signed]
HKLM\...\Drivers32: [vidc.mjpx] => C:\WINDOWS\system32\bdmjpeg.dll [14848 2010-02-17] () [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\LuciFafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=2&aff_sub2=3vW7d674xwPahcoL14LJA8P1yFGNipcgG3isbGA4nyxhisd8ssKwisHipJgAAAOisBiszMie&click_id=1eb056b9ba3ba75af06c956758d86d20b332eab2
ShortcutWithArgument: C:\Users\LuciFafa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=2&aff_sub2=3vW7d674xwPahcoL14LJA8P1yFGNipcgG3isbGA4nyxhisd8ssKwisHipJgAAAOisBiszMie&click_id=1eb056b9ba3ba75af06c956758d86d20b332eab2
==================== Loaded Modules (Whitelisted) =============
2018-04-24 23:07 - 2018-04-24 23:07 - 000013824 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2018-04-24 23:07 - 2018-04-24 23:07 - 001951232 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2015-09-25 12:56 - 2014-07-23 03:59 - 000104448 ____R () [File not signed] C:\Program Files\ASUS\AXSP\1.02.00\ATKEX.dll
2015-09-25 12:56 - 2022-06-13 15:41 - 000026112 _____ () [File not signed] C:\Program Files\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2007-06-16 17:18 - 2007-06-16 17:18 - 000032768 _____ () [File not signed] C:\Program Files\Media Player Utilities 4.46\AMVConverter\AmvTransform.dll
2012-04-11 10:40 - 2012-04-11 10:40 - 000067584 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.dll
2015-09-25 12:56 - 2014-07-23 03:59 - 000028672 ____R (ASUSTek Computer Inc.) [File not signed] C:\WINDOWS\SYSTEM32\asio.dll
2009-09-16 18:37 - 2009-09-16 18:37 - 000118784 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hptcpmib.dll
2009-09-16 18:38 - 2009-09-16 18:38 - 000200704 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\HpTcpMon.dll
2009-09-16 11:44 - 2009-09-16 11:44 - 000139264 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hpzjrd01.dll
2009-09-16 18:40 - 2009-09-16 18:40 - 000245760 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\HPTcpMUI.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000026112 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000033280 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000027648 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000243712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000020992 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000020992 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000019968 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000400896 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 001091072 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2018-09-26 00:17 - 2018-09-26 00:17 - 004756992 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 004958720 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000759296 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000226816 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 002601472 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 002841600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000265216 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000264192 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 052137984 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000086528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 004452352 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000234496 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000150016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 002236928 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000040960 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000015360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000015360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000257024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000071168 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000015360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2019-11-03 16:00 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
2018-11-25 14:19 - 2018-11-25 14:28 - 000000440 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 LuciFafa-PC.mshome.net # 2023 11 5 24 12 28 50 123
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\ProgramData\Oracle\Java\javapath;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files\Common Files\Teleca Shared;C:\Program Files\Pinnacle\Shared Files\;C:\Windows\system32\Wbem;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
DNS Servers: 10.0.0.138
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: MyComGames => "C:\Users\LuciFafa\AppData\Local\MyComGames\MyComGames.exe" -autostart
HKLM\...\StartupApproved\StartupFolder: => "Avast SecureLine VPN.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "DriverUpdUI.exe"
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\StartupApproved\Run: => "GlassWire"
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_27C6E36BE91D64CEA30EC2D1951DF011"
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\StartupApproved\Run: => "Discord"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{AF58EBE6-9047-4600-BD74-3557F4A98BEA}C:\valofeeu\ca_classic\voicechat.exe] => (Allow) C:\valofeeu\ca_classic\voicechat.exe (VALOFE Co.,Ltd. -> )
FirewallRules: [TCP Query User{4C2C283E-2680-45AF-B60F-7C5F69186551}C:\valofeeu\ca_classic\voicechat.exe] => (Allow) C:\valofeeu\ca_classic\voicechat.exe (VALOFE Co.,Ltd. -> )
FirewallRules: [UDP Query User{C9D5680E-B989-4E48-BE51-378F27EA5DD0}C:\program files\assassins creed iv black flag\ac4bfmp.exe] => (Block) C:\program files\assassins creed iv black flag\ac4bfmp.exe (Ubisoft Entertainment SA -> ) [File not signed]
FirewallRules: [TCP Query User{F2A83DB1-07EE-433B-AF71-CBE1BA6EFA7A}C:\program files\assassins creed iv black flag\ac4bfmp.exe] => (Block) C:\program files\assassins creed iv black flag\ac4bfmp.exe (Ubisoft Entertainment SA -> ) [File not signed]
FirewallRules: [TCP Query User{46399DCA-573F-4286-B236-9030E170AA85}C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe (Mail.Ru, LLC -> MY.COM B.V.)
FirewallRules: [UDP Query User{3B1B9D02-F2AA-4AE3-8F5E-34376C338569}C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe (Mail.Ru, LLC -> MY.COM B.V.)
FirewallRules: [{EC87A27C-4074-4AA5-BBFD-9211877F2D38}] => (Allow) C:\Program Files\GameforgeLive\gfl_client.exe (Gameforge 4D GmbH -> )
FirewallRules: [{CDD954B7-20A5-498C-9D61-42E0CAA801E8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7B950B8E-B792-4B3C-9C6B-16CA488974BC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{FCF751CB-8BE5-4862-BF29-4484D9A2273E}C:\r.g. catalyst\assassin`s creed iii\ac3sp.exe] => (Block) C:\r.g. catalyst\assassin`s creed iii\ac3sp.exe (Ubisoft Entertainment SA -> )
FirewallRules: [UDP Query User{F3F2ABE5-DE71-4224-A7CC-C5F87635F948}C:\r.g. catalyst\assassin`s creed iii\ac3sp.exe] => (Block) C:\r.g. catalyst\assassin`s creed iii\ac3sp.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{7EF9D1B9-A961-412F-8121-54703B007668}] => (Allow) C:\ProgramData\VALOFEEU\NGM\NGM.exe (valofe Co.,Ltd. -> Nexon)
FirewallRules: [{D94F133B-68D5-4D67-802E-BBAB479A690A}] => (Allow) C:\ProgramData\VALOFEEU\NGM\NGM.exe (valofe Co.,Ltd. -> Nexon)
FirewallRules: [{B62F51D2-CB7F-4467-B68F-05ADACF73D9B}] => (Allow) C:\VALOFEEU\CA_Classic\NMService.exe (VALOFE Co.,Ltd. -> Nexon Corp.)
FirewallRules: [{FE8601DC-5AF1-4D41-9EE1-43B036E365C3}] => (Allow) C:\VALOFEEU\CA_Classic\NMService.exe (VALOFE Co.,Ltd. -> Nexon Corp.)
FirewallRules: [{28D684D2-201F-4CCE-86A4-569C7B53CFB8}] => (Allow) C:\Program Files\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{CE685811-8353-43A0-A229-8CCF53A9D23D}] => (Allow) C:\Program Files\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{D95C7E3B-0885-4494-8F1D-52E56FAFE42F}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{8857EC3E-97CB-4162-978D-67E0E074E9D2}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{F9DDEA7B-3523-497E-BE08-4FE3153575F6}] => (Allow) C:\Program Files\Steam\steamapps\common\AVA\launcher.exe (En Masse Entertainment -> En Masse Entertainment)
FirewallRules: [{D446791A-4EC4-4388-9308-91E40AE6E082}] => (Allow) C:\Program Files\Steam\steamapps\common\AVA\launcher.exe (En Masse Entertainment -> En Masse Entertainment)
FirewallRules: [TCP Query User{F53E705D-E7F5-45B9-915F-19E5944A1C59}C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe (Mail.Ru, LLC -> )
FirewallRules: [UDP Query User{0957E6CE-664B-4153-818A-2F79CEFC3259}C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe (Mail.Ru, LLC -> )
FirewallRules: [{220C6B6F-CA5A-4F4C-9728-D0CEFCDA7C97}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{3E15E737-175B-4C45-B5DC-5A51FA4AE876}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{A048AB68-9C44-4BAA-93F6-D7CB77BB7F31}] => (Allow) C:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{7268D25D-F217-4CA9-86E2-FB6B413E2033}] => (Allow) C:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [TCP Query User{63968150-81BF-476E-A288-660AD9FB5B96}C:\program files\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\program files\pro evolution soccer 2016\pes2016.exe (Konami Digital Entertainment Co., Ltd. -> Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [UDP Query User{6C5050AF-2961-45EE-8CE0-062ACF12A65F}C:\program files\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\program files\pro evolution soccer 2016\pes2016.exe (Konami Digital Entertainment Co., Ltd. -> Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{F311D39B-F000-4043-BB9A-068CA6FFAE17}] => (Allow) C:\Program Files\GameforgeLive\Games\CZE_ces\S.K.I.L.L\Binaries\Win32\sf2.exe (DRAGONFLY GF CO., LTD. -> DragonflyGames, Inc.)
FirewallRules: [{C2C938D0-FF05-49C9-896D-4AF0FCCF670D}] => (Allow) C:\Program Files\GameforgeLive\Games\CZE_ces\S.K.I.L.L\Binaries\Win32\sf2.exe (DRAGONFLY GF CO., LTD. -> DragonflyGames, Inc.)
FirewallRules: [{3F7C807D-766A-4EBD-87E4-10D24E364A3A}] => (Allow) C:\VALOFEEU\CA_Classic\NMService.exe (VALOFE Co.,Ltd. -> Nexon Corp.)
FirewallRules: [{AFA2B0E8-B9B3-4FA9-98CC-50FDEE2826A9}] => (Allow) C:\VALOFEEU\CA_Classic\NMService.exe (VALOFE Co.,Ltd. -> Nexon Corp.)
FirewallRules: [{76F3E7E5-B4B1-4935-80B6-91FA1E7E914C}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{33B957B4-FDB5-4287-89AE-075D6A35681F}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{A970E5AC-8814-4D21-850F-EDDABDE8A561}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{85CD6CF5-EBDD-445F-975E-82EF5F1559E1}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{186ED2F4-EFFC-492A-971D-A3038B3DCBEA}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{F5D385D5-4DF8-49D0-80C6-B994543C132F}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{20C40F1E-B9E0-4043-8E16-522526821F6D}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{4C109B9C-0E86-4579-8B31-83C415CF9520}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{6C428E1A-D6D7-41B8-90B2-A32A5F88D61B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{0C668B2E-5EB3-4E6E-B551-B76A61A9478E}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{BC8A7952-E93F-4222-A265-863CA59E4B1B}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
DomainProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\CombatArms.exe] => C:\Nexon\Combat Arms EU\Combatarms.exe:*Enabled:Combatarms.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\Engine.exe] => :*Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe] => Enabled:CombatArms.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe] => Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe] => Enabled:NMService.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\CombatArms.exe] => :*Enabled:CombatArms.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\Engine.exe] => :*Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\NMService.exe] => Enabled:NMService.exe
DomainProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\CombatArms.exe] => :*Enabled:CombatArms.exe
DomainProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\Engine.exe] => :*Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\NMService.exe] => Enabled:NMService.exe
DomainProfile\AuthorizedApplications: [C:\VALOFEEU\CA_Classic\CombatArmsClassic.exe] => :*Enabled:CombatArmsClassic.exe
DomainProfile\AuthorizedApplications: [C:\VALOFEEU\CA_Classic\Engine.exe] => :*Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Valofe\CombatArms\CombatArms.exe] => Enabled:CombatArms.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Valofe\CombatArms\Engine.exe] => Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Valofe\CombatArms\NMService.exe] => Enabled:NMService.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\CombatArms.exe] => C:\Nexon\Combat Arms EU\Combatarms.exe:*Enabled:Combatarms.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\Engine.exe] => :*Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe] => Enabled:CombatArms.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe] => Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe] => Enabled:NMService.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\CombatArms.exe] => :*Enabled:CombatArms.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\Engine.exe] => :*Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\NMService.exe] => Enabled:NMService.exe
StandardProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\CombatArms.exe] => :*Enabled:CombatArms.exe
StandardProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\Engine.exe] => :*Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\NMService.exe] => Enabled:NMService.exe
StandardProfile\AuthorizedApplications: [C:\VALOFEEU\CA_Classic\CombatArmsClassic.exe] => :*Enabled:CombatArmsClassic.exe
StandardProfile\AuthorizedApplications: [C:\VALOFEEU\CA_Classic\Engine.exe] => :*Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Valofe\CombatArms\CombatArms.exe] => Enabled:CombatArms.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Valofe\CombatArms\Engine.exe] => Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Valofe\CombatArms\NMService.exe] => Enabled:NMService.exe
==================== Restore Points =========================
01-06-2022 11:53:13 Naplánovaný kontrolní bod
10-06-2022 12:30:51 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (06/13/2022 03:43:39 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu FirewallProduct z úložiště dat.
Error: (06/13/2022 02:45:59 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (06/13/2022 02:22:01 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Rezervováno systémem, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (06/13/2022 02:17:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: PES2015.exe, verze: 1.0.0.0, časové razítko: 0x5450aba2
Název chybujícího modulu: PES2015.exe, verze: 1.0.0.0, časové razítko: 0x5450aba2
Kód výjimky: 0xc0000005
Posun chyby: 0x0132b0b6
ID chybujícího procesu: 0xd80
Čas spuštění chybující aplikace: 0x01d87f1888c080aa
Cesta k chybující aplikaci: C:\Program Files\Pro Evolution Soccer 2015\PES2015.exe
Cesta k chybujícímu modulu: C:\Program Files\Pro Evolution Soccer 2015\PES2015.exe
ID zprávy: b7fe49c9-ae00-49f9-8269-8046dcc5f5e9
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (06/12/2022 01:46:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: CCleaner.exe, verze: 6.0.0.9727, časové razítko: 0x627b6e76
Název chybujícího modulu: CCleaner.exe, verze: 6.0.0.9727, časové razítko: 0x627b6e76
Kód výjimky: 0xc0000409
Posun chyby: 0x00b17a66
ID chybujícího procesu: 0x1948
Čas spuštění chybující aplikace: 0x01d87e51aafdf2d8
Cesta k chybující aplikaci: C:\Program Files\CCleaner\CCleaner.exe
Cesta k chybujícímu modulu: C:\Program Files\CCleaner\CCleaner.exe
ID zprávy: baefcfb2-5498-49de-9717-09de4a887017
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (06/11/2022 12:02:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: PES2015.exe, verze: 1.0.0.0, časové razítko: 0x5450aba2
Název chybujícího modulu: PES2015.exe, verze: 1.0.0.0, časové razítko: 0x5450aba2
Kód výjimky: 0xc0000005
Posun chyby: 0x0132b0b6
ID chybujícího procesu: 0x21f0
Čas spuštění chybující aplikace: 0x01d87d70e31780f8
Cesta k chybující aplikaci: C:\Program Files\Pro Evolution Soccer 2015\PES2015.exe
Cesta k chybujícímu modulu: C:\Program Files\Pro Evolution Soccer 2015\PES2015.exe
ID zprávy: 884529ec-1ce6-4f8e-be37-2ed757822389
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (06/10/2022 08:00:00 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Zálohování nebylo úspěšné. Chyba: Konfigurace zálohování není platná. Zkontrolujte nastavení zálohování. (0x81000029).
Error: (06/10/2022 12:31:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).
System Error:
Přístup byl odepřen.
.
System errors:
=============
Error: (06/13/2022 03:41:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba amdacpusrsvc neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (06/13/2022 03:41:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba amdacpksd neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (06/13/2022 03:41:46 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (15:27:40, 13.6.2022) bylo neočekávané.
Error: (06/12/2022 06:49:18 PM) (Source: DCOM) (EventID: 10005) (User: LuciFafa-PC)
Description: Služba DCOM zjistila chybu 1053 při pokusu o spuštění služby BcastDVRUserService_35ac4bb s argumenty Není k dispozici za účelem spuštění serveru:
Windows.Media.Capture.Internal.AppCaptureShell
Error: (06/12/2022 06:49:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Uživatelská služba pro GameDVR a vysílání her_35ac4bb neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (06/12/2022 06:49:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Uživatelská služba pro GameDVR a vysílání her_35ac4bb bylo dosaženo časového limitu (30000 ms).
Error: (06/11/2022 12:04:46 PM) (Source: DCOM) (EventID: 10010) (User: LuciFafa-PC)
Description: Server Windows.Media.Capture.Internal.AppCaptureShell se v daném časovém limitu neregistroval u služby DCOM.
Error: (06/09/2022 06:21:16 PM) (Source: DCOM) (EventID: 10010) (User: LuciFafa-PC)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
================
Date: 2022-02-11 09:58:29
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {CB9D779E-6F36-4D22-8F8F-8AC500F3D74B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-02-11 09:43:56
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {7D0C70E9-E2E2-47B1-B05D-192075B7D766}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-01-09 15:48:22
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {37353852-E8D8-4FA2-9319-60C0A0C84079}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: LuciFafa-PC\LuciFafa
Date: 2021-01-09 15:35:55
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CryptInject!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\LuciFafa\Downloads\FRST.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.329.1924.0, AS: 1.329.1924.0, NIS: 1.329.1924.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4
Date: 2021-01-09 15:34:23
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CryptInject!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\LuciFafa\Downloads\FRST.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: LuciFafa-PC\LuciFafa
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.329.1924.0, AS: 1.329.1924.0, NIS: 1.329.1924.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4
Event[0]:
Date: 2022-06-01 11:35:19
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.359.12.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18900.3
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2022-06-01 11:35:19
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.359.12.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18900.3
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2022-06-01 11:35:19
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.359.12.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18900.3
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2022-06-01 11:35:19
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.359.12.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18900.3
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2022-06-01 11:35:19
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.359.12.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18900.3
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
CodeIntegrity:
===============
Date: 2022-06-13 15:49:30
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\amdihk32.dll that did not meet the Microsoft signing level requirements.
Date: 2022-06-13 15:46:07
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2022-06-13 15:45:14
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2022-06-13 15:45:13
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 2301 04/24/2015
Motherboard: ASUSTeK COMPUTER INC. A88XM-A
Processor: AMD A8-7600 Radeon R7, 10 Compute Cores 4C+6G
Percentage of memory in use: 56%
Total physical RAM: 3030.36 MB
Available physical RAM: 1314.69 MB
Total Virtual: 6102.36 MB
Available Virtual: 3881.57 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.97 GB) (Free:428.54 GB) (Model: ST1000DM 003-1SB10C SATA Disk Device) NTFS
Drive e: (GRID Autosport Complete) (CDROM) (Total:13.65 GB) (Free:0 GB) UDF
Drive g: (AC4 Black Flag) (CDROM) (Total:23.13 GB) (Free:0 GB) CDFS
Drive h: (Pro Evolution Soccer 2015) (CDROM) (Total:5.98 GB) (Free:0 GB) UDF
\\?\Volume{bfa7490a-636e-11e5-a8d8-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS
\\?\Volume{09292a41-0000-0000-0000-90c4e8000000}\ () (Fixed) (Total:0.44 GB) (Free:0.1 GB) NTFS
\\?\Volume{1a79a4a2-92ca-11e5-a372-14dda9805d58}\ (DiRT Rally) (CDROM) (Total:20.44 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 09292A41)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
==================== End of Addition.txt =======================
- Rudy
- Site Admin
- Příspěvky: 118715
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kotrolu nebo skála
Zdravím!
Stáhněte a spusťte nově stažený FRST. Dejte nové logy z něj. Ten, který jste použil, je po expiraci. Děkuji
Stáhněte a spusťte nově stažený FRST. Dejte nové logy z něj. Ten, který jste použil, je po expiraci. Děkuji
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kotrolu nebo skála
Ježiš já jsem trdlo moc se omlouvám nějak jsem si nevšimla pardon.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-06-2022
Ran by LuciFafa (administrator) on LUCIFAFA-PC (15-06-2022 09:35:15)
Running from C:\Users\LuciFafa\Desktop
Loaded Profiles: LuciFafa
Platform: Microsoft Windows 10 Home Version 21H2 19044.1766 (X86) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(explorer.exe ->) (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(explorer.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <11>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\ct334123.inf_x86_f8c501d7d775b475\B333740\atiesrxx.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files\ASUS\AXSP\1.02.00\atkexComSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\System32\PnkBstrA.exe
(services.exe ->) (Glarysoft LTD -> Glarysoft Ltd) C:\Program Files\Common Files\Glarysoft\StartupManager\1.0\GUBootService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [10091088 2021-07-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [NUSB3MON] => C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.) [File not signed]
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [188240 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe (No File)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe (No File)
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Run: [GUDelayStartup] => C:\Program Files\Glarysoft\Quick Startup\StartupManager.exe [46568 2022-06-12] (Glarysoft LTD -> Glarysoft Ltd)
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\WINDOWS\system32\HpTcpMon.dll [200704 2009-09-16] (Hewlett Packard) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\102.0.5005.63\Installer\chrmstp.exe [2022-06-02] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
GroupPolicy\User: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1341ABBB-78DB-4E4D-8A35-5DDA86AF973F} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (No File)
Task: {1770BB4B-35E9-40B1-A407-932BB5969459} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {1CF0C451-0775-4B00-AE47-7DFE8EDAB5AD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-11-10] (Adobe Inc. -> Adobe)
Task: {24FA84A0-E087-48EC-BC51-2B9C4C815D78} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {2A5EB73E-0E29-4E90-8F07-424A175FF490} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {2D4B58F6-225A-414C-86C6-6142517E44AF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1947984 2022-05-24] (Avast Software s.r.o. -> Avast Software)
Task: {367F930A-A3DB-4112-B1F1-50E92A171C88} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {37F687A7-A1EC-49D0-9C6C-FFF191B2D7E3} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {3A95B8C8-B1C9-402B-ADA9-0FC3D224F57C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (No File)
Task: {3F983359-DF03-40CA-8C66-C8389544BBF5} - System32\Tasks\{002AE781-3C13-4988-9DD7-5C950841373F} => C:\Program Files\Nexon\Nexon Launcher\nexon_launcher.exe (No File)
Task: {52A6C2AC-44AE-46B7-87DF-2D58DF54A27F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_0_0_445_Plugin.exe [1502264 2020-11-10] (Adobe Inc. -> Adobe)
Task: {55047966-87F9-49AC-B67C-C3F06FC3632A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {6160C767-EFC6-4EC0-91D7-FD8DCC2F0DC0} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {70CB6F2E-9890-4DBA-9669-7B62A80B6BFE} - System32\Tasks\{2C168AB7-D565-42E8-9497-5F708AEBE37C} => C:\VALOFEEU\CA_Classic\CombatArmsClassic.exe [5498912 2022-06-07] (VALOFE Co.,Ltd. -> Valofe)
Task: {83CC6E3E-1B1E-46A5-9804-E32CB79B5FA5} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (No File)
Task: {8E5D4FB0-BC25-4160-9C8A-D8F458BE987F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (No File)
Task: {91F6C941-ADAC-45BE-A4C7-5CBAD3EC3CEF} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4361040 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
Task: {9855590B-F0DB-4E47-ADB7-C33603C35716} - System32\Tasks\AMD ThankingURL => C:\Program Files\AMD\CIM\Bin\Setup.exe [701832 2018-09-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {9ED3DE3C-4F79-485B-9306-97AFE797BB4E} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (No File)
Task: {A7B2DD51-B885-4014-9E5A-9392F4848566} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {AB4E247F-3307-4A04-A06F-34E942D8613D} - System32\Tasks\Java Updater => C:\Users\LuciFafa\AppData\Roaming\nircmd.exe [44032 2013-08-11] (NirSoft) [File not signed] -> exec hide "C:\Users\LuciFafa\AppData\Roaming\Redist.exe" <==== ATTENTION
Task: {B8B2386F-6E5B-4023-8FFB-FE6F7B837124} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {B8E7B8B6-4F15-42CA-8BCD-DD35DDC7B7C9} - System32\Tasks\Microsoft\Windows\AppListBackup\Backup => {E0DCC2CC-3354-45F2-8914-519E07809082} C:\WINDOWS\system32\AppListBackupLauncher.dll [68096 2022-04-13] (Microsoft Windows -> Microsoft Corporation)
Task: {BD80CDBE-1726-4F32-B132-CBB2A1225B06} - System32\Tasks\StartCN => C:\Program Files\AMD\\CNext\CNext\cncmd.exe [43400 2018-09-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {C5F8BF48-D9C0-49AB-8288-9578F7F23A8A} - System32\Tasks\StartDVR => C:\Program Files\AMD\\CNext\CNext\dvrcmd.exe [59272 2018-09-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {C91D36A5-9DCF-46B3-90AC-177377049E24} - System32\Tasks\CCleanerSkipUAC - LuciFafa => C:\Program Files\CCleaner\CCleaner.exe [30924528 2022-05-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DAED5BBC-2604-4BA3-A0C6-E292004A5685} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [155432 2019-10-23] (Google Inc -> Google LLC)
Task: {E0136285-6E77-4294-AA4C-D156F26CC8DD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [155432 2019-10-23] (Google Inc -> Google LLC)
Task: {E5A10CDF-C165-46D4-92E0-60FE090D47C5} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (No File)
Task: {E76E1E7A-4B39-4EB2-81FF-287934DD7238} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-05-11] (Piriform Software Ltd -> Piriform)
Task: {E79B2998-8F63-451A-A56D-26EDC0A5098A} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 01 %SystemRoot%\system32\napinsp.dll => No File ATTENTION: LibraryPath should be "%SystemRoot%\system32\napinsp.dll"
Winsock: Catalog5 02 %SystemRoot%\system32\pnrpnsp.dll => No File ATTENTION: LibraryPath should be "%SystemRoot%\system32\pnrpnsp.dll"
Winsock: Catalog5 03 %SystemRoot%\system32\pnrpnsp.dll => No File ATTENTION: LibraryPath should be "%SystemRoot%\system32\pnrpnsp.dll"
Winsock: Catalog5 04 %SystemRoot%\system32\wshbth.dll => No File
Winsock: Catalog5 05 %SystemRoot%\system32\NLAapi.dll => No File ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 06 %SystemRoot%\System32\winrnr.dll => No File ATTENTION: LibraryPath should be "%SystemRoot%\System32\winrnr.dll"
Winsock: Catalog5 07 %SystemRoot%\System32\mswsock.dll => No File ATTENTION: LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{651cc846-fdac-48b2-a304-e0ae3437fe4a}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{e55cae65-50a3-4f82-bac5-aa71c74b0ab9}: [DhcpNameServer] 192.168.42.129
Edge:
=======
DownloadDir: C:\Users\LuciFafa\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000 -> about:start
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
FireFox:
========
FF DefaultProfile: vdbq5k47.default-1616568206022
FF ProfilePath: C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\vdbq5k47.default-1616568206022 [2022-06-15]
FF Homepage: Mozilla\Firefox\Profiles\vdbq5k47.default-1616568206022 -> www.google.com
FF NetworkProxy: Mozilla\Firefox\Profiles\vdbq5k47.default-1616568206022 -> type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_32_0_0_445.dll [2020-11-10] (Adobe Inc. -> )
FF Plugin: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameeu.dll [2018-01-05] (Nexon) [File not signed]
FF Plugin: @ogplanet.com/npOGPPlugin -> C:\Windows\system32\npOGPPlugin.dll [2009-11-19] (OGPlanet -> OGPlanet)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin HKU\S-1-5-21-1117677789-4214877554-3075564690-1000: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin HKU\S-1-5-21-1117677789-4214877554-3075564690-1000: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin HKU\S-1-5-21-1117677789-4214877554-3075564690-1000: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin HKU\S-1-5-21-1117677789-4214877554-3075564690-1000: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Users\LuciFafa\AppData\Local\AVAST Software\Browser\Update\1.8.1206.2\npAvastBrowserUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-1117677789-4214877554-3075564690-1000: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Users\LuciFafa\AppData\Local\AVAST Software\Browser\Update\1.8.1206.2\npAvastBrowserUpdate3.dll [No File]
Chrome:
=======
CHR Profile: C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default [2022-05-03]
CHR Extension: (Prezentace) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-11-02]
CHR Extension: (Dokumenty) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-11-02]
CHR Extension: (Disk Google) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-01]
CHR Extension: (YouTube) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-11-02]
CHR Extension: (Tabulky) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-11-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-08-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-16]
CHR Extension: (Gmail) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-01]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-11-10] (Adobe Inc. -> Adobe)
R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\ct334123.inf_x86_f8c501d7d775b475\B333740\atiesrxx.exe [408552 2018-10-05] (Advanced Micro Devices, Inc. -> AMD)
R2 asComSvc; C:\Program Files\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-07-23] (ASUSTeK Computer Inc. -> )
R2 AsSysCtrlService; C:\Program Files\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-07-23] (ASUSTeK Computer Inc. -> ) [File not signed]
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7627912 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [520016 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [520016 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2022-02-11] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files\Common Files\BattlEye\BEService.exe [6283712 2022-04-28] (BattlEye Innovations e.K. -> )
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [623344 2022-04-07] (Piriform Software Ltd -> )
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1034584 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd)
R2 GUBootService; C:\Program Files\Common Files\Glarysoft\StartupManager\1.0\GUBootService.exe [880616 2022-06-12] (Glarysoft LTD -> Glarysoft Ltd)
S3 npggsvc; C:\Windows\system32\GameMon.des [9369560 2020-10-26] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2018-11-14] (Even Balance, Inc. -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2201.10-0\NisSrv.exe [1900632 2022-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2201.10-0\MsMpEng.exe [89704 2022-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\ct334123.inf_x86_f8c501d7d775b475\B333740\atikmdag.sys [42515432 2018-10-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\ct334123.inf_x86_f8c501d7d775b475\B333740\atikmpag.sys [457192 2018-10-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 amdkmpfd; C:\WINDOWS\System32\DRIVERS\amdkmpfd.sys [40136 2014-10-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [73928 2015-03-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [36040 2015-03-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R1 AsIO; C:\WINDOWS\System32\drivers\AsIO.sys [14720 2014-07-23] (ASUSTeK Computer Inc. -> )
S3 AsusVBus; C:\WINDOWS\System32\DRIVERS\AsusVBus.sys [33048 2017-01-09] (ASUSTeK Computer Inc. -> Windows (R) Win 7 DDK provider)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36832 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [193224 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [325296 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [210600 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [94376 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [19400 2022-02-11] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42520 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [229520 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [401904 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [95952 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [75136 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [694952 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [561000 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [164584 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [48152 2018-09-07] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [269888 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT3.sys [90600 2018-07-17] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 ATP; C:\WINDOWS\System32\DRIVERS\AsusTP.sys [66872 2017-01-09] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [200192 2020-09-26] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [104448 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BtHidBus; C:\WINDOWS\System32\Drivers\BtHidBus.sys [19592 2009-09-24] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.)
S3 btnetBUs; C:\WINDOWS\System32\Drivers\btnetBus.sys [22528 2009-09-24] () [File not signed]
R1 ccSet_NST; C:\WINDOWS\system32\drivers\NST\7DE070B0.02A\ccSetx86.sys [127064 2013-09-27] (Symantec Corporation -> Symantec Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [25016 2015-10-14] (Disc Soft Ltd -> Disc Soft Ltd)
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [27632 2022-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Glarysoft Ltd)
S3 IvtBtBUs; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [25480 2009-08-26] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.)
S3 k750bus; C:\WINDOWS\System32\drivers\k750bus.sys [55216 2005-02-11] (Microsoft Windows Hardware Compatibility Publisher -> MCCI)
S3 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [15688 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [10320 2013-09-30] (MiniTool Solution Ltd -> )
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [994136 2022-02-21] (Realtek Semiconductor Corp. -> Realtek)
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [24184 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [5120 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 usbfilter; C:\WINDOWS\System32\DRIVERS\usbfilter.sys [48352 2014-02-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [15872 2020-09-29] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [39320 2022-02-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [343272 2022-02-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [63736 2022-02-11] (Microsoft Windows -> Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\System32\drivers\WUDFRd.sys [218624 2022-04-13] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-06-15 09:34 - 2022-06-15 09:34 - 002073088 _____ (Farbar) C:\Users\LuciFafa\Desktop\FRST(2).exe
2022-06-15 09:33 - 2022-06-15 09:33 - 002368000 _____ (Farbar) C:\Users\LuciFafa\Desktop\FRST64(1).exe
2022-06-15 08:53 - 2022-06-15 08:53 - 000078848 _____ C:\WINDOWS\system32\nettraceex.dll
2022-06-15 08:52 - 2022-06-15 08:52 - 001333760 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-06-15 08:20 - 2022-06-15 08:20 - 000000000 ___HD C:\$WinREAgent
2022-06-14 18:21 - 2022-06-07 12:19 - 000236880 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-06-14 15:09 - 2022-06-14 15:22 - 000000000 ____D C:\Users\LuciFafa\AppData\LocalLow\IGDump
2022-06-14 15:03 - 2022-06-14 15:03 - 002549096 _____ (Malwarebytes) C:\Users\LuciFafa\Downloads\MBSetup-241B3BDE.exe
2022-06-14 14:55 - 2022-06-14 14:55 - 003870712 _____ (Informer Technologies, Inc. ) C:\Users\LuciFafa\Downloads\siinst.exe
2022-06-14 09:00 - 2022-06-14 09:00 - 000063114 _____ C:\Users\LuciFafa\Desktop\Shortcut.txt
2022-06-14 08:35 - 2022-06-14 08:35 - 002073088 _____ (Farbar) C:\Users\LuciFafa\Downloads\FRST(1).exe
2022-06-13 16:27 - 2022-06-14 09:00 - 000055929 _____ C:\Users\LuciFafa\Desktop\Addition.txt
2022-06-13 16:25 - 2022-06-15 09:37 - 000028194 _____ C:\Users\LuciFafa\Desktop\FRST.txt
2022-06-13 16:24 - 2022-06-13 16:24 - 002073088 _____ (Farbar) C:\Users\LuciFafa\Downloads\FRST.exe
2022-06-13 16:22 - 2022-06-13 16:22 - 002073088 _____ (Farbar) C:\Users\LuciFafa\Desktop\FRST.exe
2022-06-13 15:55 - 2022-06-13 15:55 - 007904376 _____ (Glarysoft Ltd) C:\Users\LuciFafa\Downloads\qssetup.exe
2022-06-13 15:55 - 2022-06-13 15:55 - 000027632 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\GUBootStartup.sys
2022-06-13 15:55 - 2022-06-13 15:55 - 000001233 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quick Startup.lnk
2022-06-13 15:55 - 2022-06-13 15:55 - 000001221 _____ C:\Users\Public\Desktop\Quick Startup.lnk
2022-06-13 15:55 - 2022-06-13 15:55 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\GlarySoft
2022-06-13 15:55 - 2022-06-13 15:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft
2022-06-13 15:55 - 2022-06-13 15:55 - 000000000 ____D C:\ProgramData\Glarysoft
2022-06-13 15:55 - 2022-06-13 15:55 - 000000000 ____D C:\Program Files\Glarysoft
2022-06-13 15:55 - 2022-06-13 15:55 - 000000000 ____D C:\Program Files\Common Files\Glarysoft
2022-06-13 15:52 - 2022-06-13 15:52 - 003862520 _____ C:\Users\LuciFafa\Downloads\Autoruns.zip
2022-06-13 11:28 - 2022-06-13 11:28 - 069658934 _____ C:\Users\LuciFafa\Downloads\VID_20220613_112043.mp4
2022-06-12 13:49 - 2022-06-12 13:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-06-12 00:36 - 2022-06-13 15:41 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-06-07 12:19 - 2022-06-07 12:19 - 000164584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2022-06-07 10:32 - 2022-06-07 10:32 - 000877152 _____ (CPUID, Inc. ) C:\Users\LuciFafa\Downloads\perfmonitor-2_2.04.exe
2022-06-07 10:26 - 2022-06-07 10:26 - 001832088 _____ (CPUID, Inc. ) C:\Users\LuciFafa\Downloads\cpu-z_2.01-rog-en.exe
2022-06-07 10:23 - 2022-06-07 10:23 - 001443872 _____ (CPUID, Inc. ) C:\Users\LuciFafa\Downloads\hwmonitor_1.46.exe
2022-06-07 10:21 - 2022-06-07 10:21 - 000021431 _____ C:\Users\LuciFafa\Downloads\latency.zip
2022-06-07 10:18 - 2022-06-07 10:18 - 002117608 _____ (CPUID, Inc. ) C:\Users\LuciFafa\Downloads\cpu-z_2.01-en.exe
2022-06-01 20:59 - 2022-06-01 21:00 - 229280135 _____ C:\Users\LuciFafa\Downloads\VID_20220601_202210(1).mp4
2022-06-01 20:59 - 2022-06-01 20:59 - 229280135 _____ C:\Users\LuciFafa\Downloads\VID_20220601_202210.mp4
2022-05-25 10:33 - 2022-05-25 10:34 - 868392912 _____ C:\Users\LuciFafa\Downloads\Coco - CZ Dabing - Full HD.avi
2022-05-21 07:43 - 2022-05-21 07:43 - 000000000 ____D C:\ProgramData\Piriform
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-06-15 09:37 - 2020-05-19 12:22 - 000000000 ____D C:\FRST
2022-06-15 09:35 - 2016-11-18 16:12 - 000000000 ____D C:\Users\LuciFafa\AppData\LocalLow\Mozilla
2022-06-15 09:31 - 2018-01-20 18:08 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com Games
2022-06-15 09:31 - 2018-01-20 18:08 - 000000000 ____D C:\MyGames
2022-06-15 09:28 - 2022-02-11 10:14 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-06-15 09:27 - 2020-09-26 19:53 - 001817428 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-06-15 09:27 - 2019-12-07 14:21 - 000750416 _____ C:\WINDOWS\system32\perfh005.dat
2022-06-15 09:27 - 2019-12-07 14:21 - 000161990 _____ C:\WINDOWS\system32\perfc005.dat
2022-06-15 09:27 - 2019-12-07 08:10 - 000000000 ____D C:\WINDOWS\INF
2022-06-15 09:25 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-06-15 09:24 - 2015-09-25 12:34 - 000000000 ____D C:\Program Files\Google
2022-06-15 09:21 - 2019-12-07 08:12 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-06-15 09:20 - 2020-09-26 19:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-06-15 09:20 - 2020-09-26 19:38 - 000274608 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-06-15 09:20 - 2020-09-26 19:37 - 000008192 ___SH C:\DumpStack.log.tmp
2022-06-15 09:20 - 2015-10-22 07:41 - 000000000 ____D C:\ProgramData\AVAST Software
2022-06-15 09:19 - 2019-12-07 08:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-06-15 09:19 - 2015-09-25 12:42 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2022-06-15 09:17 - 2019-12-07 08:12 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-06-15 09:17 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\SystemResources
2022-06-15 09:17 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-06-15 09:17 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-06-15 09:17 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-06-15 09:17 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-06-15 09:17 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-06-15 09:17 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-06-15 09:17 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-06-15 09:17 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-06-15 09:17 - 2019-12-07 08:03 - 000000000 ____D C:\WINDOWS\servicing
2022-06-15 09:01 - 2019-12-07 08:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-06-15 08:33 - 2017-09-05 09:37 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\AVAST Software
2022-06-15 08:18 - 2015-09-29 16:22 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-06-15 08:07 - 2015-09-29 16:22 - 141997616 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-06-14 20:54 - 2022-02-11 11:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-06-14 20:54 - 2021-06-30 20:52 - 000000000 ____D C:\Program Files\Common Files\BattlEye
2022-06-14 20:54 - 2021-01-25 13:35 - 000002632 _____ C:\WINDOWS\system32\Tasks\AMD ThankingURL
2022-06-14 20:54 - 2021-01-25 13:34 - 000002204 _____ C:\WINDOWS\system32\Tasks\StartCN
2022-06-14 20:54 - 2021-01-25 13:34 - 000002118 _____ C:\WINDOWS\system32\Tasks\StartDVR
2022-06-14 20:54 - 2020-09-26 19:55 - 000003390 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-06-14 20:54 - 2020-09-26 19:55 - 000003166 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-06-14 18:28 - 2019-11-02 19:19 - 000002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-06-14 18:28 - 2019-11-02 19:19 - 000002166 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-06-14 18:23 - 2022-02-11 11:18 - 000002048 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2022-06-14 18:23 - 2022-02-11 11:18 - 000002036 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2022-06-14 18:22 - 2022-02-11 11:15 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-06-14 18:21 - 2019-12-07 08:12 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-06-14 16:09 - 2019-12-07 08:12 - 000000000 ___HD C:\Program Files\WindowsApps
2022-06-14 15:34 - 2022-02-11 11:15 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2022-06-14 15:12 - 2022-02-11 11:19 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\Avast Software
2022-06-14 15:12 - 2022-02-11 11:14 - 000000000 ____D C:\Program Files\Avast Software
2022-06-14 09:11 - 2020-09-26 19:38 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-06-13 20:05 - 2020-09-26 18:58 - 000000000 ____D C:\Users\LuciFafa
2022-06-13 17:00 - 2017-09-05 09:37 - 000000157 _____ C:\Users\LuciFafa\Desktop\HESLO VIRY.txt
2022-06-13 16:08 - 2020-09-26 19:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2022-06-13 16:04 - 2020-09-26 19:55 - 000003530 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-06-13 16:03 - 2020-09-26 19:55 - 000002872 _____ C:\WINDOWS\system32\Tasks\Java Updater
2022-06-13 15:56 - 2021-10-04 10:56 - 000002320 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - LuciFafa
2022-06-13 15:56 - 2020-09-26 19:55 - 000003254 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-06-13 15:46 - 2019-01-15 12:21 - 000000000 ____D C:\Program Files\CCleaner
2022-06-13 15:41 - 2015-09-26 08:21 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2022-06-13 14:18 - 2018-10-23 11:17 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\CrashDumps
2022-06-12 13:49 - 2015-09-26 08:21 - 000001150 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-06-12 01:47 - 2015-12-26 21:36 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\AIMP
2022-06-12 01:35 - 2021-07-09 14:09 - 000000000 ____D C:\Users\LuciFafa\Desktop\Nová složka (2)
2022-06-10 12:59 - 2020-11-11 17:58 - 000001469 _____ C:\Users\LuciFafa\Desktop\Roblox Player.lnk
2022-06-10 12:59 - 2020-11-11 17:57 - 000001292 _____ C:\Users\LuciFafa\Desktop\Roblox Studio.lnk
2022-06-10 12:59 - 2020-11-11 17:57 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2022-06-07 12:20 - 2022-02-11 11:15 - 000325296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-06-07 12:20 - 2022-02-11 11:15 - 000269888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-06-07 12:19 - 2022-02-11 11:15 - 000694952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-06-07 12:19 - 2022-02-11 11:15 - 000561000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-06-07 12:19 - 2022-02-11 11:15 - 000401904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-06-07 12:19 - 2022-02-11 11:15 - 000229520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-06-07 12:19 - 2022-02-11 11:15 - 000210600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-06-07 12:19 - 2022-02-11 11:15 - 000193224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-06-07 12:19 - 2022-02-11 11:15 - 000095952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-06-07 12:19 - 2022-02-11 11:15 - 000094376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-06-07 12:19 - 2022-02-11 11:15 - 000075136 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-06-07 12:19 - 2022-02-11 11:15 - 000042520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-06-07 12:19 - 2022-02-11 11:15 - 000036832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2022-06-07 11:24 - 2019-01-15 12:21 - 000000998 _____ C:\Users\Public\Desktop\CCleaner.lnk
2022-06-07 10:15 - 2018-05-16 14:57 - 000001904 _____ C:\Users\LuciFafa\Desktop\CrystalDiskInfo.lnk
2022-06-05 21:13 - 2022-02-04 17:08 - 000000000 ____D C:\Users\LuciFafa\Desktop\rap
2022-06-05 20:15 - 2015-09-29 19:05 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\vlc
2022-06-03 16:52 - 2019-09-06 21:07 - 000000000 ____D C:\ProgramData\Packages
2022-06-03 13:03 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-06-01 12:24 - 2015-10-23 11:14 - 000001827 _____ C:\Users\Public\Desktop\Defraggler.lnk
2022-06-01 11:31 - 2020-01-26 13:40 - 000000000 ____D C:\Program Files\Recuva
2022-05-31 14:22 - 2018-10-14 16:53 - 000000000 ____D C:\Users\LuciFafa\Downloads\Cz&Sk
2022-05-31 14:17 - 2020-11-20 12:12 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-05-31 13:59 - 2019-09-06 21:11 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\D3DSCache
==================== Files in the root of some directories ========
2016-06-03 15:03 - 2016-06-03 15:03 - 000000603 _____ () C:\Program Files\Blacklight Retribution_enUpdaterLog.txt
2020-01-26 15:15 - 2014-05-24 21:09 - 000603763 ___SH () C:\Users\LuciFafa\AppData\Roaming\libcurl-4.dll
2020-01-26 15:15 - 2014-05-26 20:16 - 000626176 ___SH (The cURL library, hxxp://curl.haxx.se/) C:\Users\LuciFafa\AppData\Roaming\libcurl.dll
2020-01-26 15:15 - 2014-05-26 20:16 - 001704448 ___SH (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\LuciFafa\AppData\Roaming\libeay32.dll
2020-01-26 15:15 - 2014-05-26 20:16 - 000112142 ___SH () C:\Users\LuciFafa\AppData\Roaming\libgcc_s_dw2-1.dll
2020-01-26 15:15 - 2014-05-26 20:16 - 000279955 ___SH () C:\Users\LuciFafa\AppData\Roaming\libidn-11.dll
2020-01-26 15:15 - 2014-05-26 20:16 - 000148760 ___SH () C:\Users\LuciFafa\AppData\Roaming\libpdcurses.dll
2020-01-26 15:15 - 2014-05-04 11:16 - 000207360 ___SH (CodePlex Community) C:\Users\LuciFafa\AppData\Roaming\Microsoft.Win32.TaskScheduler.dll
2020-01-26 15:15 - 2013-08-11 15:41 - 000044032 ___SH (NirSoft) C:\Users\LuciFafa\AppData\Roaming\nircmd.exe
2020-01-26 15:15 - 2014-06-29 13:35 - 000294912 ___SH () C:\Users\LuciFafa\AppData\Roaming\nssm.exe
2016-06-03 15:01 - 2017-10-17 19:38 - 000022328 _____ () C:\Users\LuciFafa\AppData\Roaming\PnkBstrK.sys
2020-01-26 15:15 - 2014-05-24 21:09 - 000042496 ___SH (Open Source Software community project) C:\Users\LuciFafa\AppData\Roaming\pthreadGC2-w64.dll
2020-01-26 15:15 - 2014-05-26 20:16 - 000119704 ___SH (Open Source Software community LGPL) C:\Users\LuciFafa\AppData\Roaming\pthreadGC2.dll
2020-01-26 15:15 - 2014-06-26 17:21 - 001193458 ___SH () C:\Users\LuciFafa\AppData\Roaming\Runservice.exe
2020-01-26 15:15 - 2014-05-26 20:16 - 000364544 ___SH (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\LuciFafa\AppData\Roaming\ssleay32.dll
2020-01-26 15:15 - 2014-05-26 20:16 - 000113166 ___SH () C:\Users\LuciFafa\AppData\Roaming\zlib1.dll
2019-11-02 18:41 - 2019-11-02 18:41 - 000000038 _____ () C:\Users\LuciFafa\AppData\Local\cloudready_installer_uuid
2015-09-28 10:38 - 2021-01-09 17:20 - 000007602 _____ () C:\Users\LuciFafa\AppData\Local\Resmon.ResmonCfg
2020-11-03 12:00 - 2020-11-03 12:02 - 000000072 _____ () C:\Users\LuciFafa\AppData\Local\update_progress.txt
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-06-2022
Ran by LuciFafa (15-06-2022 09:38:53)
Running from C:\Users\LuciFafa\Desktop
Microsoft Windows 10 Home Version 21H2 19044.1766 (X86) (2020-09-26 17:56:41)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1117677789-4214877554-3075564690-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1117677789-4214877554-3075564690-503 - Limited - Disabled)
Guest (S-1-5-21-1117677789-4214877554-3075564690-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1117677789-4214877554-3075564690-1004 - Limited - Enabled)
LuciFafa (S-1-5-21-1117677789-4214877554-3075564690-1000 - Administrator - Enabled) => C:\Users\LuciFafa
WDAGUtilityAccount (S-1-5-21-1117677789-4214877554-3075564690-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Disabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
«Assassin`s Creed III» 1.06 (HKLM\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}_is1) (Version: 1.06 - Ubisoft)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 22.001.20117 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.445 - Adobe)
Adobe Refresh Manager (HKLM\...\{AC76BA86-0804-1033-1959-001824458876}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AIMP (HKLM\...\AIMP) (Version: v4.70.2251, 23.05.2021 - AIMP DevTeam)
AMD Problem Report Wizard (HKLM\...\{F2A66AD9-EF75-DE88-2D00-D43DB619A2BC}) (Version: 3.1.722.0 - ##COMPANY_NAME##) Hidden
AMD Settings - Branding (HKLM\...\{C186470C-6BAA-4AFA-AB1A-5AF50B8921C0}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.9.3 - Advanced Micro Devices, Inc.)
AMD USB 3.0 Device Detector (HKLM\...\{1D4675D5-0583-44CF-9DDD-3D9BDD4926A8}) (Version: 2.1.30.0 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (HKLM\...\{047532BE-2566-17C9-3C42-FED9CCB077D3}) (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (HKLM\...\{38230BC0-C1CE-E828-0E65-9439E5EC7FCA}) (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (HKLM\...\{5164089A-CA62-D4FE-2AC6-C8334F50AD28}) (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (HKLM\...\{61C56115-F7E2-EC86-24BA-BC2395BF5BB9}) (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (HKLM\...\{64B16C8D-1877-0D81-9151-225B2340723D}) (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (HKLM\...\{81052D74-E26D-FCBD-03B2-5E0D74848A39}) (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (HKLM\...\{D07C0DAB-27DE-3917-60C9-AF2A3C45199E}) (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (HKLM\...\{F85CEE70-1F81-B9B3-B57F-1F9CDE0F49F7}) (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
Angry Birds (HKLM\...\{24066C1A-104E-4577-9C28-2AE772005C1F}) (Version: 4.0.0 - Rovio Entertainment Ltd.)
Assassins Creed IV Black Flag (HKLM\...\QXNzYXNzaW5zQ3JlZWRJVkJsYWNrRmxhZw==_is1) (Version: 1 - )
aTube Catcher verze 3.8 (HKLM\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Audacity 2.1.2 (HKLM\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Audacity 3.1.3 (HKLM\...\Audacity_is1) (Version: 3.1.3 - Audacity Team)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 22.5.6015 - Avast Software)
Avast Update Helper (HKLM\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1189.1 - AVAST Software) Hidden
AviSynth 2.5 (HKLM\...\AviSynth) (Version: - )
Bandisoft MPEG-1 Decoder (HKLM\...\BandiMPEG1) (Version: - )
Catalyst Control Center - Branding (HKLM\...\{11087D24-567D-7D88-69C6-D7A08B5F4C47}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 6.00 - Piriform)
CCleaner Update Helper (HKLM\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1187.1 - Piriform Software) Hidden
Combat Arms Reloaded (HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Combat Arms Reloaded) (Version: VALOFE - VALOFE Global Ltd.)
Combat Arms the Classic (HKLM\...\CA_Classic) (Version: - )
CrystalDiskInfo 7.6.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 7.6.0 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Debugging Tools for Windows (x86) (HKLM\...\{300A2961-B2B5-4889-9CB9-5C2A570D08AD}) (Version: 6.11.1.404 - Microsoft Corporation)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
DiRT Rally (HKLM\...\ZGlydHJhbGx5_is1) (Version: 1 - )
FORM studio (HKLM\...\FSCZ_is1) (Version: - KASTNER software s.r.o.)
Gameforge Live 2.0.13 (HKLM\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.13 - Gameforge)
Google Chrome (HKLM\...\Google Chrome) (Version: 102.0.5005.63 - Google LLC)
GRID Autosport Complete Edition (HKLM\...\Z3JpZGF1dG9zcG9ydA_is1) (Version: 1 - )
HP Customer Experience Enhancements (HKLM\...\{0CC8AE1D-F5AA-4143-8FAD-E017E0E9EE70}) (Version: 6.0.5.1 - Hewlett-Packard) Hidden
HP Unified IO (HKLM\...\{F1390872-2500-4408-A46C-CD16C960C661}) (Version: 2.0.0.434 - HP) Hidden
HPLJUTCore (HKLM\...\{B445502B-2F83-4873-90F1-06059F71A46A}) (Version: 014.000.0001 - HP) Hidden
hppM125LaserJetService (HKLM\...\{18D5B189-DBDD-4E57-A84B-58C7700E9BB0}) (Version: 001.032.00682 - Hewlett-Packard) Hidden
hpStatusAlerts (HKLM\...\{E35D0ED5-716B-4E1F-8477-54DD746DF527}) (Version: 140.040.00231 - Hewlett Packard) Hidden
K-Lite Mega Codec Pack 11.5.5 (HKLM\...\KLiteCodecPack_is1) (Version: 11.5.5 - )
Lame ACM MP3 Codec (HKLM\...\LameACM) (Version: - )
Media Player Utilities 4.46 (HKLM\...\{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}) (Version: 4.46 - )
Metric Collection SDK 35 (HKLM\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.7.2 (CSY) (HKLM\...\{6308154B-B596-3E24-AB86-71986CCD9905}) (Version: 4.7.03062 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.2 (HKLM\...\{10C4E843-C226-3FDF-9DD6-F4E3275E734D}) (Version: 4.7.03062 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27033 (HKLM\...\{624ba875-fdfc-4efa-9c66-b170dfebc3ec}) (Version: 14.16.27033.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 X86 Additional Runtime - 14.16.27033 (HKLM\...\{88D1025F-45D0-45C6-9EDB-379C2EE07AD7}) (Version: 14.16.27033 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 X86 Minimum Runtime - 14.16.27033 (HKLM\...\{D5AEE36E-4771-4F65-BDB6-8C59077BFBE4}) (Version: 14.16.27033 - Microsoft Corporation) Hidden
Microsoft_VC100_CRT_SP1_x86 (HKLM\...\{E3B64CC5-C011-40C0-92BC-7316CD5E5688}) (Version: 10.0.40219.1 - Nokia) Hidden
Mozilla Firefox (x86 cs) (HKLM\...\Mozilla Firefox 101.0.1 (x86 cs)) (Version: 101.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 101.0.1.8194 - Mozilla)
MP3 Normalizer version 2.1 (HKLM\...\{BE50A213-FB63-4E7B-89F1-D339D8FFDAAD}_is1) (Version: 2.1 - Code-it Software Solutions)
MP3 Volume Normalizer verze 1.5 (HKLM\...\MP3 Volume Normalizer_is1) (Version: 1.5 - )
MSVC80_x86_v2 (HKLM\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (HKLM\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NirSoft BlueScreenView (HKLM\...\NirSoft BlueScreenView) (Version: - )
Pinnacle VideoSpin (HKLM\...\{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}) (Version: 2.0.0.669 - Pinnacle Systems)
Pro Evolution Soccer 2015 (HKLM\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNQ==_is1) (Version: 1 - )
Pro Evolution Soccer 2016 (HKLM\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNg==_is1) (Version: 1 - )
Prohlížeč Seznam.cz (HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Seznam Browser) (Version: 6.9.0 - Seznam.cz a.s.)
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Quick Startup 5.20.1.174 (HKLM\...\Quick Startup) (Version: 5.20.1.174 - Glarysoft Ltd)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9205.1 - Realtek Semiconductor Corp.)
Roblox Player for LuciFafa (HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\roblox-player) (Version: - Roblox Corporation)
Roblox Studio for LuciFafa (HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\roblox-studio) (Version: - Roblox Corporation)
S.K.I.L.L. - Special Force 2 (HKLM\...\Special Force 2 Beta_is1) (Version: - Gameforge 4D GmbH)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0-2) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Warface My.Com (HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Warface My.Com) (Version: 1.74 - My.com B.V.)
Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 6.02 (32-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM\...\x264vfw) (Version: - )
Xvid 1.2.2 final uninstall (HKLM\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x86__8wekyb3d8bbwe [2021-08-14] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-08-14] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.5310.0_x86__8wekyb3d8bbwe [2022-06-08] (Microsoft Studios) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_52.10427.388.0_x86__8wekyb3d8bbwe [2022-05-14] (Microsoft Corporation)
Trio Office -> C:\Program Files\WindowsApps\64343GTDocStudio.OfficeDocOpener_3.2.24.0_x86__3h5nez1g3qt2c [2021-08-14] (GT Office PDF Studio)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000_Classes\CLSID\{9d7602e2-51fa-4133-8d8b-5277272dd0a2}\localserver32 -> C:\Users\LuciFafa\AppData\Roaming\Seznam Browser\sznAgent\Seznam.cz.exe (Seznam.cz, a.s. -> Seznam.cz)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-06-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu32.dll [2021-07-10] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-06-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-06-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu32.dll [2021-07-10] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacmxx.dll [2018-09-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-06-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-1117677789-4214877554-3075564690-1000: [VIDEOTRANS] -> {C8CA0A66-AF32-4D5E-879E-F0809ACEDC55} => C:\Program Files\Media Player Utilities 4.46\AMVConverter\AmvTransform.dll [2007-06-16] () [File not signed]
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.FMVC] => C:\WINDOWS\system32\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\WINDOWS\system32\LameACM.acm [839680 2014-03-25] (hxxp://www.mp3dev.org/) [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => C:\WINDOWS\system32\pvmjpg30.dll [401408 2007-06-21] (Pegasus Imaging Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mpeg] => C:\WINDOWS\system32\bdmpegv.dll [73728 2010-02-17] () [File not signed]
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\WINDOWS\system32\bdmpega.acm [73728 2010-02-17] () [File not signed]
HKLM\...\Drivers32: [vidc.mjpx] => C:\WINDOWS\system32\bdmjpeg.dll [14848 2010-02-17] () [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\LuciFafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=2&aff_sub2=3vW7d674xwPahcoL14LJA8P1yFGNipcgG3isbGA4nyxhisd8ssKwisHipJgAAAOisBiszMie&click_id=1eb056b9ba3ba75af06c956758d86d20b332eab2
ShortcutWithArgument: C:\Users\LuciFafa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=2&aff_sub2=3vW7d674xwPahcoL14LJA8P1yFGNipcgG3isbGA4nyxhisd8ssKwisHipJgAAAOisBiszMie&click_id=1eb056b9ba3ba75af06c956758d86d20b332eab2
==================== Loaded Modules (Whitelisted) =============
2018-04-24 23:07 - 2018-04-24 23:07 - 000013824 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2018-04-24 23:07 - 2018-04-24 23:07 - 001951232 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2015-09-25 12:56 - 2014-07-23 03:59 - 000104448 ____R () [File not signed] C:\Program Files\ASUS\AXSP\1.02.00\ATKEX.dll
2015-09-25 12:56 - 2022-06-15 09:20 - 000026112 _____ () [File not signed] C:\Program Files\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2007-06-16 17:18 - 2007-06-16 17:18 - 000032768 _____ () [File not signed] C:\Program Files\Media Player Utilities 4.46\AMVConverter\AmvTransform.dll
2012-04-11 10:40 - 2012-04-11 10:40 - 000067584 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.dll
2015-09-25 12:56 - 2014-07-23 03:59 - 000028672 ____R (ASUSTek Computer Inc.) [File not signed] C:\WINDOWS\SYSTEM32\asio.dll
2009-09-16 18:37 - 2009-09-16 18:37 - 000118784 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hptcpmib.dll
2009-09-16 18:38 - 2009-09-16 18:38 - 000200704 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\HpTcpMon.dll
2009-09-16 11:44 - 2009-09-16 11:44 - 000139264 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hpzjrd01.dll
2009-09-16 18:40 - 2009-09-16 18:40 - 000245760 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\HPTcpMUI.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000026112 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000033280 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000027648 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000243712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000020992 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000020992 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000019968 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000400896 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 001091072 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2018-09-26 00:17 - 2018-09-26 00:17 - 004756992 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 004958720 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000759296 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000226816 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 002601472 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 002841600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000265216 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000264192 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 052137984 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000086528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 004452352 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000234496 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000150016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 002236928 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000040960 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000015360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000015360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000257024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000071168 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000015360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2019-11-03 16:00 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
2018-11-25 14:19 - 2018-11-25 14:28 - 000000440 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 LuciFafa-PC.mshome.net # 2023 11 5 24 12 28 50 123
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\ProgramData\Oracle\Java\javapath;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files\Common Files\Teleca Shared;C:\Program Files\Pinnacle\Shared Files\;C:\Windows\system32\Wbem;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
DNS Servers: 10.0.0.138
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: MyComGames => "C:\Users\LuciFafa\AppData\Local\MyComGames\MyComGames.exe" -autostart
HKLM\...\StartupApproved\StartupFolder: => "Avast SecureLine VPN.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "DriverUpdUI.exe"
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\StartupApproved\Run: => "GlassWire"
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_27C6E36BE91D64CEA30EC2D1951DF011"
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\StartupApproved\Run: => "GUDelayStartup"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{AF58EBE6-9047-4600-BD74-3557F4A98BEA}C:\valofeeu\ca_classic\voicechat.exe] => (Allow) C:\valofeeu\ca_classic\voicechat.exe (VALOFE Co.,Ltd. -> )
FirewallRules: [TCP Query User{4C2C283E-2680-45AF-B60F-7C5F69186551}C:\valofeeu\ca_classic\voicechat.exe] => (Allow) C:\valofeeu\ca_classic\voicechat.exe (VALOFE Co.,Ltd. -> )
FirewallRules: [UDP Query User{C9D5680E-B989-4E48-BE51-378F27EA5DD0}C:\program files\assassins creed iv black flag\ac4bfmp.exe] => (Block) C:\program files\assassins creed iv black flag\ac4bfmp.exe (Ubisoft Entertainment SA -> ) [File not signed]
FirewallRules: [TCP Query User{F2A83DB1-07EE-433B-AF71-CBE1BA6EFA7A}C:\program files\assassins creed iv black flag\ac4bfmp.exe] => (Block) C:\program files\assassins creed iv black flag\ac4bfmp.exe (Ubisoft Entertainment SA -> ) [File not signed]
FirewallRules: [TCP Query User{46399DCA-573F-4286-B236-9030E170AA85}C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe => No File
FirewallRules: [UDP Query User{3B1B9D02-F2AA-4AE3-8F5E-34376C338569}C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe => No File
FirewallRules: [{EC87A27C-4074-4AA5-BBFD-9211877F2D38}] => (Allow) C:\Program Files\GameforgeLive\gfl_client.exe (Gameforge 4D GmbH -> )
FirewallRules: [{CDD954B7-20A5-498C-9D61-42E0CAA801E8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7B950B8E-B792-4B3C-9C6B-16CA488974BC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{FCF751CB-8BE5-4862-BF29-4484D9A2273E}C:\r.g. catalyst\assassin`s creed iii\ac3sp.exe] => (Block) C:\r.g. catalyst\assassin`s creed iii\ac3sp.exe (Ubisoft Entertainment SA -> )
FirewallRules: [UDP Query User{F3F2ABE5-DE71-4224-A7CC-C5F87635F948}C:\r.g. catalyst\assassin`s creed iii\ac3sp.exe] => (Block) C:\r.g. catalyst\assassin`s creed iii\ac3sp.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{7EF9D1B9-A961-412F-8121-54703B007668}] => (Allow) C:\ProgramData\VALOFEEU\NGM\NGM.exe (valofe Co.,Ltd. -> Nexon)
FirewallRules: [{D94F133B-68D5-4D67-802E-BBAB479A690A}] => (Allow) C:\ProgramData\VALOFEEU\NGM\NGM.exe (valofe Co.,Ltd. -> Nexon)
FirewallRules: [{B62F51D2-CB7F-4467-B68F-05ADACF73D9B}] => (Allow) C:\VALOFEEU\CA_Classic\NMService.exe (VALOFE Co.,Ltd. -> Nexon Corp.)
FirewallRules: [{FE8601DC-5AF1-4D41-9EE1-43B036E365C3}] => (Allow) C:\VALOFEEU\CA_Classic\NMService.exe (VALOFE Co.,Ltd. -> Nexon Corp.)
FirewallRules: [{28D684D2-201F-4CCE-86A4-569C7B53CFB8}] => (Allow) C:\Program Files\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{CE685811-8353-43A0-A229-8CCF53A9D23D}] => (Allow) C:\Program Files\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{D95C7E3B-0885-4494-8F1D-52E56FAFE42F}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{8857EC3E-97CB-4162-978D-67E0E074E9D2}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{F9DDEA7B-3523-497E-BE08-4FE3153575F6}] => (Allow) C:\Program Files\Steam\steamapps\common\AVA\launcher.exe (En Masse Entertainment -> En Masse Entertainment)
FirewallRules: [{D446791A-4EC4-4388-9308-91E40AE6E082}] => (Allow) C:\Program Files\Steam\steamapps\common\AVA\launcher.exe (En Masse Entertainment -> En Masse Entertainment)
FirewallRules: [TCP Query User{F53E705D-E7F5-45B9-915F-19E5944A1C59}C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe => No File
FirewallRules: [UDP Query User{0957E6CE-664B-4153-818A-2F79CEFC3259}C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe => No File
FirewallRules: [{220C6B6F-CA5A-4F4C-9728-D0CEFCDA7C97}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{3E15E737-175B-4C45-B5DC-5A51FA4AE876}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{A048AB68-9C44-4BAA-93F6-D7CB77BB7F31}] => (Allow) C:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{7268D25D-F217-4CA9-86E2-FB6B413E2033}] => (Allow) C:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [TCP Query User{63968150-81BF-476E-A288-660AD9FB5B96}C:\program files\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\program files\pro evolution soccer 2016\pes2016.exe (Konami Digital Entertainment Co., Ltd. -> Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [UDP Query User{6C5050AF-2961-45EE-8CE0-062ACF12A65F}C:\program files\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\program files\pro evolution soccer 2016\pes2016.exe (Konami Digital Entertainment Co., Ltd. -> Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{F311D39B-F000-4043-BB9A-068CA6FFAE17}] => (Allow) C:\Program Files\GameforgeLive\Games\CZE_ces\S.K.I.L.L\Binaries\Win32\sf2.exe (DRAGONFLY GF CO., LTD. -> DragonflyGames, Inc.)
FirewallRules: [{C2C938D0-FF05-49C9-896D-4AF0FCCF670D}] => (Allow) C:\Program Files\GameforgeLive\Games\CZE_ces\S.K.I.L.L\Binaries\Win32\sf2.exe (DRAGONFLY GF CO., LTD. -> DragonflyGames, Inc.)
FirewallRules: [{3F7C807D-766A-4EBD-87E4-10D24E364A3A}] => (Allow) C:\VALOFEEU\CA_Classic\NMService.exe (VALOFE Co.,Ltd. -> Nexon Corp.)
FirewallRules: [{AFA2B0E8-B9B3-4FA9-98CC-50FDEE2826A9}] => (Allow) C:\VALOFEEU\CA_Classic\NMService.exe (VALOFE Co.,Ltd. -> Nexon Corp.)
FirewallRules: [{76F3E7E5-B4B1-4935-80B6-91FA1E7E914C}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{33B957B4-FDB5-4287-89AE-075D6A35681F}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{A970E5AC-8814-4D21-850F-EDDABDE8A561}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{85CD6CF5-EBDD-445F-975E-82EF5F1559E1}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{186ED2F4-EFFC-492A-971D-A3038B3DCBEA}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{F5D385D5-4DF8-49D0-80C6-B994543C132F}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{20C40F1E-B9E0-4043-8E16-522526821F6D}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{4C109B9C-0E86-4579-8B31-83C415CF9520}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{6C428E1A-D6D7-41B8-90B2-A32A5F88D61B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{0C668B2E-5EB3-4E6E-B551-B76A61A9478E}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{BC8A7952-E93F-4222-A265-863CA59E4B1B}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{D4370749-044F-46E1-B33F-AF6319809BCF}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{4070370E-CB0A-4A34-931A-B4BFE8ED7411}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
DomainProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\CombatArms.exe] => C:\Nexon\Combat Arms EU\Combatarms.exe:*Enabled:Combatarms.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\Engine.exe] => :*Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe] => Enabled:CombatArms.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe] => Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe] => Enabled:NMService.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\CombatArms.exe] => :*Enabled:CombatArms.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\Engine.exe] => :*Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\NMService.exe] => Enabled:NMService.exe
DomainProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\CombatArms.exe] => :*Enabled:CombatArms.exe
DomainProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\Engine.exe] => :*Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\NMService.exe] => Enabled:NMService.exe
DomainProfile\AuthorizedApplications: [C:\VALOFEEU\CA_Classic\CombatArmsClassic.exe] => :*Enabled:CombatArmsClassic.exe
DomainProfile\AuthorizedApplications: [C:\VALOFEEU\CA_Classic\Engine.exe] => :*Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Valofe\CombatArms\CombatArms.exe] => Enabled:CombatArms.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Valofe\CombatArms\Engine.exe] => Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Valofe\CombatArms\NMService.exe] => Enabled:NMService.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\CombatArms.exe] => C:\Nexon\Combat Arms EU\Combatarms.exe:*Enabled:Combatarms.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\Engine.exe] => :*Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe] => Enabled:CombatArms.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe] => Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe] => Enabled:NMService.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\CombatArms.exe] => :*Enabled:CombatArms.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\Engine.exe] => :*Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\NMService.exe] => Enabled:NMService.exe
StandardProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\CombatArms.exe] => :*Enabled:CombatArms.exe
StandardProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\Engine.exe] => :*Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\NMService.exe] => Enabled:NMService.exe
StandardProfile\AuthorizedApplications: [C:\VALOFEEU\CA_Classic\CombatArmsClassic.exe] => :*Enabled:CombatArmsClassic.exe
StandardProfile\AuthorizedApplications: [C:\VALOFEEU\CA_Classic\Engine.exe] => :*Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Valofe\CombatArms\CombatArms.exe] => Enabled:CombatArms.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Valofe\CombatArms\Engine.exe] => Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Valofe\CombatArms\NMService.exe] => Enabled:NMService.exe
==================== Restore Points =========================
10-06-2022 12:30:51 Naplánovaný kontrolní bod
14-06-2022 11:38:15 Instalační služba modulů systému Windows
14-06-2022 16:01:39 Instalační služba modulů systému Windows
15-06-2022 08:18:12 Instalační služba modulů systému Windows
15-06-2022 08:32:36 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (06/15/2022 09:20:53 AM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu FirewallProduct z úložiště dat.
Error: (06/15/2022 09:18:53 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (06/15/2022 09:18:53 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (06/15/2022 09:18:53 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (06/15/2022 09:18:53 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (06/15/2022 08:32:37 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).
System Error:
Přístup byl odepřen.
.
Error: (06/15/2022 08:18:44 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).
System Error:
Přístup byl odepřen.
.
Error: (06/14/2022 06:54:44 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu FirewallProduct z úložiště dat.
System errors:
=============
Error: (06/14/2022 03:53:39 PM) (Source: DCOM) (EventID: 10001) (User: LuciFafa-PC)
Description: Nelze spustit server DCOM: Microsoft.MicrosoftEdge_44.19041.1266.0_neutral__8wekyb3d8bbwe!MicrosoftEdge.AppXeb42j1vh6rk395pm0vmcx57dxqjhej5d.mca jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
Error: (06/14/2022 03:39:48 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Správce stažených map přestala během spouštění reagovat.
Error: (06/14/2022 03:31:28 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {338B40F9-9D68-4B53-A793-6B9AA0C5F63B} se v daném časovém limitu neregistroval u služby DCOM.
Error: (06/13/2022 03:41:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba amdacpusrsvc neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (06/13/2022 03:41:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba amdacpksd neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (06/13/2022 03:41:46 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (15:27:40, 13.6.2022) bylo neočekávané.
Error: (06/12/2022 06:49:18 PM) (Source: DCOM) (EventID: 10005) (User: LuciFafa-PC)
Description: Služba DCOM zjistila chybu 1053 při pokusu o spuštění služby BcastDVRUserService_35ac4bb s argumenty Není k dispozici za účelem spuštění serveru:
Windows.Media.Capture.Internal.AppCaptureShell
Error: (06/12/2022 06:49:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Uživatelská služba pro GameDVR a vysílání her_35ac4bb neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Windows Defender:
================
Date: 2022-02-11 09:58:29
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {CB9D779E-6F36-4D22-8F8F-8AC500F3D74B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-02-11 09:43:56
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {7D0C70E9-E2E2-47B1-B05D-192075B7D766}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-01-09 15:48:22
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {37353852-E8D8-4FA2-9319-60C0A0C84079}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: LuciFafa-PC\LuciFafa
Date: 2021-01-09 15:35:55
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CryptInject!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\LuciFafa\Downloads\FRST.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.329.1924.0, AS: 1.329.1924.0, NIS: 1.329.1924.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4
Date: 2021-01-09 15:34:23
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CryptInject!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\LuciFafa\Downloads\FRST.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: LuciFafa-PC\LuciFafa
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.329.1924.0, AS: 1.329.1924.0, NIS: 1.329.1924.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4
Event[0]:
Date: 2022-06-01 11:35:19
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.359.12.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18900.3
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2022-06-01 11:35:19
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.359.12.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18900.3
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2022-06-01 11:35:19
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.359.12.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18900.3
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2022-06-01 11:35:19
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.359.12.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18900.3
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2022-06-01 11:35:19
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.359.12.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18900.3
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
CodeIntegrity:
===============
Date: 2022-06-15 09:27:48
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\amdihk32.dll that did not meet the Microsoft signing level requirements.
Date: 2022-06-15 09:21:54
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2022-06-15 09:21:06
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 2301 04/24/2015
Motherboard: ASUSTeK COMPUTER INC. A88XM-A
Processor: AMD A8-7600 Radeon R7, 10 Compute Cores 4C+6G
Percentage of memory in use: 62%
Total physical RAM: 3030.36 MB
Available physical RAM: 1145.02 MB
Total Virtual: 6102.36 MB
Available Virtual: 3933.74 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.97 GB) (Free:443.17 GB) (Model: ST1000DM 003-1SB10C SATA Disk Device) NTFS
\\?\Volume{bfa7490a-636e-11e5-a8d8-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS
\\?\Volume{09292a41-0000-0000-0000-90c4e8000000}\ () (Fixed) (Total:0.44 GB) (Free:0.1 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 09292A41)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-06-2022
Ran by LuciFafa (administrator) on LUCIFAFA-PC (15-06-2022 09:35:15)
Running from C:\Users\LuciFafa\Desktop
Loaded Profiles: LuciFafa
Platform: Microsoft Windows 10 Home Version 21H2 19044.1766 (X86) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(explorer.exe ->) (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(explorer.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <11>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\ct334123.inf_x86_f8c501d7d775b475\B333740\atiesrxx.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ) [File not signed] C:\Program Files\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files\ASUS\AXSP\1.02.00\atkexComSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\System32\PnkBstrA.exe
(services.exe ->) (Glarysoft LTD -> Glarysoft Ltd) C:\Program Files\Common Files\Glarysoft\StartupManager\1.0\GUBootService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [10091088 2021-07-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [NUSB3MON] => C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.) [File not signed]
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [188240 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe (No File)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe (No File)
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Run: [GUDelayStartup] => C:\Program Files\Glarysoft\Quick Startup\StartupManager.exe [46568 2022-06-12] (Glarysoft LTD -> Glarysoft Ltd)
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\WINDOWS\system32\HpTcpMon.dll [200704 2009-09-16] (Hewlett Packard) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\102.0.5005.63\Installer\chrmstp.exe [2022-06-02] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
GroupPolicy\User: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1341ABBB-78DB-4E4D-8A35-5DDA86AF973F} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (No File)
Task: {1770BB4B-35E9-40B1-A407-932BB5969459} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {1CF0C451-0775-4B00-AE47-7DFE8EDAB5AD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-11-10] (Adobe Inc. -> Adobe)
Task: {24FA84A0-E087-48EC-BC51-2B9C4C815D78} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {2A5EB73E-0E29-4E90-8F07-424A175FF490} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {2D4B58F6-225A-414C-86C6-6142517E44AF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1947984 2022-05-24] (Avast Software s.r.o. -> Avast Software)
Task: {367F930A-A3DB-4112-B1F1-50E92A171C88} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {37F687A7-A1EC-49D0-9C6C-FFF191B2D7E3} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {3A95B8C8-B1C9-402B-ADA9-0FC3D224F57C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (No File)
Task: {3F983359-DF03-40CA-8C66-C8389544BBF5} - System32\Tasks\{002AE781-3C13-4988-9DD7-5C950841373F} => C:\Program Files\Nexon\Nexon Launcher\nexon_launcher.exe (No File)
Task: {52A6C2AC-44AE-46B7-87DF-2D58DF54A27F} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_32_0_0_445_Plugin.exe [1502264 2020-11-10] (Adobe Inc. -> Adobe)
Task: {55047966-87F9-49AC-B67C-C3F06FC3632A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {6160C767-EFC6-4EC0-91D7-FD8DCC2F0DC0} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {70CB6F2E-9890-4DBA-9669-7B62A80B6BFE} - System32\Tasks\{2C168AB7-D565-42E8-9497-5F708AEBE37C} => C:\VALOFEEU\CA_Classic\CombatArmsClassic.exe [5498912 2022-06-07] (VALOFE Co.,Ltd. -> Valofe)
Task: {83CC6E3E-1B1E-46A5-9804-E32CB79B5FA5} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (No File)
Task: {8E5D4FB0-BC25-4160-9C8A-D8F458BE987F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (No File)
Task: {91F6C941-ADAC-45BE-A4C7-5CBAD3EC3CEF} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4361040 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
Task: {9855590B-F0DB-4E47-ADB7-C33603C35716} - System32\Tasks\AMD ThankingURL => C:\Program Files\AMD\CIM\Bin\Setup.exe [701832 2018-09-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {9ED3DE3C-4F79-485B-9306-97AFE797BB4E} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (No File)
Task: {A7B2DD51-B885-4014-9E5A-9392F4848566} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {AB4E247F-3307-4A04-A06F-34E942D8613D} - System32\Tasks\Java Updater => C:\Users\LuciFafa\AppData\Roaming\nircmd.exe [44032 2013-08-11] (NirSoft) [File not signed] -> exec hide "C:\Users\LuciFafa\AppData\Roaming\Redist.exe" <==== ATTENTION
Task: {B8B2386F-6E5B-4023-8FFB-FE6F7B837124} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {B8E7B8B6-4F15-42CA-8BCD-DD35DDC7B7C9} - System32\Tasks\Microsoft\Windows\AppListBackup\Backup => {E0DCC2CC-3354-45F2-8914-519E07809082} C:\WINDOWS\system32\AppListBackupLauncher.dll [68096 2022-04-13] (Microsoft Windows -> Microsoft Corporation)
Task: {BD80CDBE-1726-4F32-B132-CBB2A1225B06} - System32\Tasks\StartCN => C:\Program Files\AMD\\CNext\CNext\cncmd.exe [43400 2018-09-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {C5F8BF48-D9C0-49AB-8288-9578F7F23A8A} - System32\Tasks\StartDVR => C:\Program Files\AMD\\CNext\CNext\dvrcmd.exe [59272 2018-09-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {C91D36A5-9DCF-46B3-90AC-177377049E24} - System32\Tasks\CCleanerSkipUAC - LuciFafa => C:\Program Files\CCleaner\CCleaner.exe [30924528 2022-05-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DAED5BBC-2604-4BA3-A0C6-E292004A5685} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [155432 2019-10-23] (Google Inc -> Google LLC)
Task: {E0136285-6E77-4294-AA4C-D156F26CC8DD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [155432 2019-10-23] (Google Inc -> Google LLC)
Task: {E5A10CDF-C165-46D4-92E0-60FE090D47C5} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (No File)
Task: {E76E1E7A-4B39-4EB2-81FF-287934DD7238} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-05-11] (Piriform Software Ltd -> Piriform)
Task: {E79B2998-8F63-451A-A56D-26EDC0A5098A} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 01 %SystemRoot%\system32\napinsp.dll => No File ATTENTION: LibraryPath should be "%SystemRoot%\system32\napinsp.dll"
Winsock: Catalog5 02 %SystemRoot%\system32\pnrpnsp.dll => No File ATTENTION: LibraryPath should be "%SystemRoot%\system32\pnrpnsp.dll"
Winsock: Catalog5 03 %SystemRoot%\system32\pnrpnsp.dll => No File ATTENTION: LibraryPath should be "%SystemRoot%\system32\pnrpnsp.dll"
Winsock: Catalog5 04 %SystemRoot%\system32\wshbth.dll => No File
Winsock: Catalog5 05 %SystemRoot%\system32\NLAapi.dll => No File ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 06 %SystemRoot%\System32\winrnr.dll => No File ATTENTION: LibraryPath should be "%SystemRoot%\System32\winrnr.dll"
Winsock: Catalog5 07 %SystemRoot%\System32\mswsock.dll => No File ATTENTION: LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{651cc846-fdac-48b2-a304-e0ae3437fe4a}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{e55cae65-50a3-4f82-bac5-aa71c74b0ab9}: [DhcpNameServer] 192.168.42.129
Edge:
=======
DownloadDir: C:\Users\LuciFafa\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000 -> about:start
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
FireFox:
========
FF DefaultProfile: vdbq5k47.default-1616568206022
FF ProfilePath: C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Profiles\vdbq5k47.default-1616568206022 [2022-06-15]
FF Homepage: Mozilla\Firefox\Profiles\vdbq5k47.default-1616568206022 -> www.google.com
FF NetworkProxy: Mozilla\Firefox\Profiles\vdbq5k47.default-1616568206022 -> type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_32_0_0_445.dll [2020-11-10] (Adobe Inc. -> )
FF Plugin: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameeu.dll [2018-01-05] (Nexon) [File not signed]
FF Plugin: @ogplanet.com/npOGPPlugin -> C:\Windows\system32\npOGPPlugin.dll [2009-11-19] (OGPlanet -> OGPlanet)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin HKU\S-1-5-21-1117677789-4214877554-3075564690-1000: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin HKU\S-1-5-21-1117677789-4214877554-3075564690-1000: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin HKU\S-1-5-21-1117677789-4214877554-3075564690-1000: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [No File]
FF Plugin HKU\S-1-5-21-1117677789-4214877554-3075564690-1000: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Users\LuciFafa\AppData\Local\AVAST Software\Browser\Update\1.8.1206.2\npAvastBrowserUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-1117677789-4214877554-3075564690-1000: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Users\LuciFafa\AppData\Local\AVAST Software\Browser\Update\1.8.1206.2\npAvastBrowserUpdate3.dll [No File]
Chrome:
=======
CHR Profile: C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default [2022-05-03]
CHR Extension: (Prezentace) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-11-02]
CHR Extension: (Dokumenty) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-11-02]
CHR Extension: (Disk Google) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-01]
CHR Extension: (YouTube) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-11-02]
CHR Extension: (Tabulky) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-11-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-08-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-16]
CHR Extension: (Gmail) - C:\Users\LuciFafa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-01]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-11-10] (Adobe Inc. -> Adobe)
R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\ct334123.inf_x86_f8c501d7d775b475\B333740\atiesrxx.exe [408552 2018-10-05] (Advanced Micro Devices, Inc. -> AMD)
R2 asComSvc; C:\Program Files\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-07-23] (ASUSTeK Computer Inc. -> )
R2 AsSysCtrlService; C:\Program Files\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-07-23] (ASUSTeK Computer Inc. -> ) [File not signed]
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7627912 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [520016 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [520016 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2022-02-11] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files\Common Files\BattlEye\BEService.exe [6283712 2022-04-28] (BattlEye Innovations e.K. -> )
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [623344 2022-04-07] (Piriform Software Ltd -> )
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1034584 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd)
R2 GUBootService; C:\Program Files\Common Files\Glarysoft\StartupManager\1.0\GUBootService.exe [880616 2022-06-12] (Glarysoft LTD -> Glarysoft Ltd)
S3 npggsvc; C:\Windows\system32\GameMon.des [9369560 2020-10-26] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2018-11-14] (Even Balance, Inc. -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2201.10-0\NisSrv.exe [1900632 2022-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2201.10-0\MsMpEng.exe [89704 2022-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\ct334123.inf_x86_f8c501d7d775b475\B333740\atikmdag.sys [42515432 2018-10-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\ct334123.inf_x86_f8c501d7d775b475\B333740\atikmpag.sys [457192 2018-10-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 amdkmpfd; C:\WINDOWS\System32\DRIVERS\amdkmpfd.sys [40136 2014-10-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [73928 2015-03-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [36040 2015-03-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R1 AsIO; C:\WINDOWS\System32\drivers\AsIO.sys [14720 2014-07-23] (ASUSTeK Computer Inc. -> )
S3 AsusVBus; C:\WINDOWS\System32\DRIVERS\AsusVBus.sys [33048 2017-01-09] (ASUSTeK Computer Inc. -> Windows (R) Win 7 DDK provider)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36832 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [193224 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [325296 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [210600 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [94376 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [19400 2022-02-11] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42520 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [229520 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [401904 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [95952 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [75136 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [694952 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [561000 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [164584 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [48152 2018-09-07] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [269888 2022-06-07] (Avast Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT3.sys [90600 2018-07-17] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 ATP; C:\WINDOWS\System32\DRIVERS\AsusTP.sys [66872 2017-01-09] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [200192 2020-09-26] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [104448 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BtHidBus; C:\WINDOWS\System32\Drivers\BtHidBus.sys [19592 2009-09-24] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.)
S3 btnetBUs; C:\WINDOWS\System32\Drivers\btnetBus.sys [22528 2009-09-24] () [File not signed]
R1 ccSet_NST; C:\WINDOWS\system32\drivers\NST\7DE070B0.02A\ccSetx86.sys [127064 2013-09-27] (Symantec Corporation -> Symantec Corporation)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [25016 2015-10-14] (Disc Soft Ltd -> Disc Soft Ltd)
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [27632 2022-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Glarysoft Ltd)
S3 IvtBtBUs; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [25480 2009-08-26] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.)
S3 k750bus; C:\WINDOWS\System32\drivers\k750bus.sys [55216 2005-02-11] (Microsoft Windows Hardware Compatibility Publisher -> MCCI)
S3 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [15688 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [10320 2013-09-30] (MiniTool Solution Ltd -> )
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [994136 2022-02-21] (Realtek Semiconductor Corp. -> Realtek)
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [24184 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [5120 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 usbfilter; C:\WINDOWS\System32\DRIVERS\usbfilter.sys [48352 2014-02-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [15872 2020-09-29] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [39320 2022-02-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [343272 2022-02-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [63736 2022-02-11] (Microsoft Windows -> Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\System32\drivers\WUDFRd.sys [218624 2022-04-13] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-06-15 09:34 - 2022-06-15 09:34 - 002073088 _____ (Farbar) C:\Users\LuciFafa\Desktop\FRST(2).exe
2022-06-15 09:33 - 2022-06-15 09:33 - 002368000 _____ (Farbar) C:\Users\LuciFafa\Desktop\FRST64(1).exe
2022-06-15 08:53 - 2022-06-15 08:53 - 000078848 _____ C:\WINDOWS\system32\nettraceex.dll
2022-06-15 08:52 - 2022-06-15 08:52 - 001333760 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-06-15 08:20 - 2022-06-15 08:20 - 000000000 ___HD C:\$WinREAgent
2022-06-14 18:21 - 2022-06-07 12:19 - 000236880 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-06-14 15:09 - 2022-06-14 15:22 - 000000000 ____D C:\Users\LuciFafa\AppData\LocalLow\IGDump
2022-06-14 15:03 - 2022-06-14 15:03 - 002549096 _____ (Malwarebytes) C:\Users\LuciFafa\Downloads\MBSetup-241B3BDE.exe
2022-06-14 14:55 - 2022-06-14 14:55 - 003870712 _____ (Informer Technologies, Inc. ) C:\Users\LuciFafa\Downloads\siinst.exe
2022-06-14 09:00 - 2022-06-14 09:00 - 000063114 _____ C:\Users\LuciFafa\Desktop\Shortcut.txt
2022-06-14 08:35 - 2022-06-14 08:35 - 002073088 _____ (Farbar) C:\Users\LuciFafa\Downloads\FRST(1).exe
2022-06-13 16:27 - 2022-06-14 09:00 - 000055929 _____ C:\Users\LuciFafa\Desktop\Addition.txt
2022-06-13 16:25 - 2022-06-15 09:37 - 000028194 _____ C:\Users\LuciFafa\Desktop\FRST.txt
2022-06-13 16:24 - 2022-06-13 16:24 - 002073088 _____ (Farbar) C:\Users\LuciFafa\Downloads\FRST.exe
2022-06-13 16:22 - 2022-06-13 16:22 - 002073088 _____ (Farbar) C:\Users\LuciFafa\Desktop\FRST.exe
2022-06-13 15:55 - 2022-06-13 15:55 - 007904376 _____ (Glarysoft Ltd) C:\Users\LuciFafa\Downloads\qssetup.exe
2022-06-13 15:55 - 2022-06-13 15:55 - 000027632 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\GUBootStartup.sys
2022-06-13 15:55 - 2022-06-13 15:55 - 000001233 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quick Startup.lnk
2022-06-13 15:55 - 2022-06-13 15:55 - 000001221 _____ C:\Users\Public\Desktop\Quick Startup.lnk
2022-06-13 15:55 - 2022-06-13 15:55 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\GlarySoft
2022-06-13 15:55 - 2022-06-13 15:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft
2022-06-13 15:55 - 2022-06-13 15:55 - 000000000 ____D C:\ProgramData\Glarysoft
2022-06-13 15:55 - 2022-06-13 15:55 - 000000000 ____D C:\Program Files\Glarysoft
2022-06-13 15:55 - 2022-06-13 15:55 - 000000000 ____D C:\Program Files\Common Files\Glarysoft
2022-06-13 15:52 - 2022-06-13 15:52 - 003862520 _____ C:\Users\LuciFafa\Downloads\Autoruns.zip
2022-06-13 11:28 - 2022-06-13 11:28 - 069658934 _____ C:\Users\LuciFafa\Downloads\VID_20220613_112043.mp4
2022-06-12 13:49 - 2022-06-12 13:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-06-12 00:36 - 2022-06-13 15:41 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-06-07 12:19 - 2022-06-07 12:19 - 000164584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2022-06-07 10:32 - 2022-06-07 10:32 - 000877152 _____ (CPUID, Inc. ) C:\Users\LuciFafa\Downloads\perfmonitor-2_2.04.exe
2022-06-07 10:26 - 2022-06-07 10:26 - 001832088 _____ (CPUID, Inc. ) C:\Users\LuciFafa\Downloads\cpu-z_2.01-rog-en.exe
2022-06-07 10:23 - 2022-06-07 10:23 - 001443872 _____ (CPUID, Inc. ) C:\Users\LuciFafa\Downloads\hwmonitor_1.46.exe
2022-06-07 10:21 - 2022-06-07 10:21 - 000021431 _____ C:\Users\LuciFafa\Downloads\latency.zip
2022-06-07 10:18 - 2022-06-07 10:18 - 002117608 _____ (CPUID, Inc. ) C:\Users\LuciFafa\Downloads\cpu-z_2.01-en.exe
2022-06-01 20:59 - 2022-06-01 21:00 - 229280135 _____ C:\Users\LuciFafa\Downloads\VID_20220601_202210(1).mp4
2022-06-01 20:59 - 2022-06-01 20:59 - 229280135 _____ C:\Users\LuciFafa\Downloads\VID_20220601_202210.mp4
2022-05-25 10:33 - 2022-05-25 10:34 - 868392912 _____ C:\Users\LuciFafa\Downloads\Coco - CZ Dabing - Full HD.avi
2022-05-21 07:43 - 2022-05-21 07:43 - 000000000 ____D C:\ProgramData\Piriform
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-06-15 09:37 - 2020-05-19 12:22 - 000000000 ____D C:\FRST
2022-06-15 09:35 - 2016-11-18 16:12 - 000000000 ____D C:\Users\LuciFafa\AppData\LocalLow\Mozilla
2022-06-15 09:31 - 2018-01-20 18:08 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com Games
2022-06-15 09:31 - 2018-01-20 18:08 - 000000000 ____D C:\MyGames
2022-06-15 09:28 - 2022-02-11 10:14 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-06-15 09:27 - 2020-09-26 19:53 - 001817428 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-06-15 09:27 - 2019-12-07 14:21 - 000750416 _____ C:\WINDOWS\system32\perfh005.dat
2022-06-15 09:27 - 2019-12-07 14:21 - 000161990 _____ C:\WINDOWS\system32\perfc005.dat
2022-06-15 09:27 - 2019-12-07 08:10 - 000000000 ____D C:\WINDOWS\INF
2022-06-15 09:25 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-06-15 09:24 - 2015-09-25 12:34 - 000000000 ____D C:\Program Files\Google
2022-06-15 09:21 - 2019-12-07 08:12 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-06-15 09:20 - 2020-09-26 19:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-06-15 09:20 - 2020-09-26 19:38 - 000274608 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-06-15 09:20 - 2020-09-26 19:37 - 000008192 ___SH C:\DumpStack.log.tmp
2022-06-15 09:20 - 2015-10-22 07:41 - 000000000 ____D C:\ProgramData\AVAST Software
2022-06-15 09:19 - 2019-12-07 08:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-06-15 09:19 - 2015-09-25 12:42 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2022-06-15 09:17 - 2019-12-07 08:12 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-06-15 09:17 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\SystemResources
2022-06-15 09:17 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-06-15 09:17 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-06-15 09:17 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-06-15 09:17 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-06-15 09:17 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-06-15 09:17 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-06-15 09:17 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-06-15 09:17 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-06-15 09:17 - 2019-12-07 08:03 - 000000000 ____D C:\WINDOWS\servicing
2022-06-15 09:01 - 2019-12-07 08:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-06-15 08:33 - 2017-09-05 09:37 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\AVAST Software
2022-06-15 08:18 - 2015-09-29 16:22 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-06-15 08:07 - 2015-09-29 16:22 - 141997616 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-06-14 20:54 - 2022-02-11 11:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-06-14 20:54 - 2021-06-30 20:52 - 000000000 ____D C:\Program Files\Common Files\BattlEye
2022-06-14 20:54 - 2021-01-25 13:35 - 000002632 _____ C:\WINDOWS\system32\Tasks\AMD ThankingURL
2022-06-14 20:54 - 2021-01-25 13:34 - 000002204 _____ C:\WINDOWS\system32\Tasks\StartCN
2022-06-14 20:54 - 2021-01-25 13:34 - 000002118 _____ C:\WINDOWS\system32\Tasks\StartDVR
2022-06-14 20:54 - 2020-09-26 19:55 - 000003390 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-06-14 20:54 - 2020-09-26 19:55 - 000003166 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-06-14 18:28 - 2019-11-02 19:19 - 000002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-06-14 18:28 - 2019-11-02 19:19 - 000002166 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-06-14 18:23 - 2022-02-11 11:18 - 000002048 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2022-06-14 18:23 - 2022-02-11 11:18 - 000002036 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2022-06-14 18:22 - 2022-02-11 11:15 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-06-14 18:21 - 2019-12-07 08:12 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-06-14 16:09 - 2019-12-07 08:12 - 000000000 ___HD C:\Program Files\WindowsApps
2022-06-14 15:34 - 2022-02-11 11:15 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2022-06-14 15:12 - 2022-02-11 11:19 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\Avast Software
2022-06-14 15:12 - 2022-02-11 11:14 - 000000000 ____D C:\Program Files\Avast Software
2022-06-14 09:11 - 2020-09-26 19:38 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-06-13 20:05 - 2020-09-26 18:58 - 000000000 ____D C:\Users\LuciFafa
2022-06-13 17:00 - 2017-09-05 09:37 - 000000157 _____ C:\Users\LuciFafa\Desktop\HESLO VIRY.txt
2022-06-13 16:08 - 2020-09-26 19:55 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2022-06-13 16:04 - 2020-09-26 19:55 - 000003530 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-06-13 16:03 - 2020-09-26 19:55 - 000002872 _____ C:\WINDOWS\system32\Tasks\Java Updater
2022-06-13 15:56 - 2021-10-04 10:56 - 000002320 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - LuciFafa
2022-06-13 15:56 - 2020-09-26 19:55 - 000003254 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-06-13 15:46 - 2019-01-15 12:21 - 000000000 ____D C:\Program Files\CCleaner
2022-06-13 15:41 - 2015-09-26 08:21 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2022-06-13 14:18 - 2018-10-23 11:17 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\CrashDumps
2022-06-12 13:49 - 2015-09-26 08:21 - 000001150 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-06-12 01:47 - 2015-12-26 21:36 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\AIMP
2022-06-12 01:35 - 2021-07-09 14:09 - 000000000 ____D C:\Users\LuciFafa\Desktop\Nová složka (2)
2022-06-10 12:59 - 2020-11-11 17:58 - 000001469 _____ C:\Users\LuciFafa\Desktop\Roblox Player.lnk
2022-06-10 12:59 - 2020-11-11 17:57 - 000001292 _____ C:\Users\LuciFafa\Desktop\Roblox Studio.lnk
2022-06-10 12:59 - 2020-11-11 17:57 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2022-06-07 12:20 - 2022-02-11 11:15 - 000325296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-06-07 12:20 - 2022-02-11 11:15 - 000269888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-06-07 12:19 - 2022-02-11 11:15 - 000694952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-06-07 12:19 - 2022-02-11 11:15 - 000561000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-06-07 12:19 - 2022-02-11 11:15 - 000401904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-06-07 12:19 - 2022-02-11 11:15 - 000229520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-06-07 12:19 - 2022-02-11 11:15 - 000210600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-06-07 12:19 - 2022-02-11 11:15 - 000193224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-06-07 12:19 - 2022-02-11 11:15 - 000095952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-06-07 12:19 - 2022-02-11 11:15 - 000094376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-06-07 12:19 - 2022-02-11 11:15 - 000075136 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-06-07 12:19 - 2022-02-11 11:15 - 000042520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2022-06-07 12:19 - 2022-02-11 11:15 - 000036832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2022-06-07 11:24 - 2019-01-15 12:21 - 000000998 _____ C:\Users\Public\Desktop\CCleaner.lnk
2022-06-07 10:15 - 2018-05-16 14:57 - 000001904 _____ C:\Users\LuciFafa\Desktop\CrystalDiskInfo.lnk
2022-06-05 21:13 - 2022-02-04 17:08 - 000000000 ____D C:\Users\LuciFafa\Desktop\rap
2022-06-05 20:15 - 2015-09-29 19:05 - 000000000 ____D C:\Users\LuciFafa\AppData\Roaming\vlc
2022-06-03 16:52 - 2019-09-06 21:07 - 000000000 ____D C:\ProgramData\Packages
2022-06-03 13:03 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-06-01 12:24 - 2015-10-23 11:14 - 000001827 _____ C:\Users\Public\Desktop\Defraggler.lnk
2022-06-01 11:31 - 2020-01-26 13:40 - 000000000 ____D C:\Program Files\Recuva
2022-05-31 14:22 - 2018-10-14 16:53 - 000000000 ____D C:\Users\LuciFafa\Downloads\Cz&Sk
2022-05-31 14:17 - 2020-11-20 12:12 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-05-31 13:59 - 2019-09-06 21:11 - 000000000 ____D C:\Users\LuciFafa\AppData\Local\D3DSCache
==================== Files in the root of some directories ========
2016-06-03 15:03 - 2016-06-03 15:03 - 000000603 _____ () C:\Program Files\Blacklight Retribution_enUpdaterLog.txt
2020-01-26 15:15 - 2014-05-24 21:09 - 000603763 ___SH () C:\Users\LuciFafa\AppData\Roaming\libcurl-4.dll
2020-01-26 15:15 - 2014-05-26 20:16 - 000626176 ___SH (The cURL library, hxxp://curl.haxx.se/) C:\Users\LuciFafa\AppData\Roaming\libcurl.dll
2020-01-26 15:15 - 2014-05-26 20:16 - 001704448 ___SH (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\LuciFafa\AppData\Roaming\libeay32.dll
2020-01-26 15:15 - 2014-05-26 20:16 - 000112142 ___SH () C:\Users\LuciFafa\AppData\Roaming\libgcc_s_dw2-1.dll
2020-01-26 15:15 - 2014-05-26 20:16 - 000279955 ___SH () C:\Users\LuciFafa\AppData\Roaming\libidn-11.dll
2020-01-26 15:15 - 2014-05-26 20:16 - 000148760 ___SH () C:\Users\LuciFafa\AppData\Roaming\libpdcurses.dll
2020-01-26 15:15 - 2014-05-04 11:16 - 000207360 ___SH (CodePlex Community) C:\Users\LuciFafa\AppData\Roaming\Microsoft.Win32.TaskScheduler.dll
2020-01-26 15:15 - 2013-08-11 15:41 - 000044032 ___SH (NirSoft) C:\Users\LuciFafa\AppData\Roaming\nircmd.exe
2020-01-26 15:15 - 2014-06-29 13:35 - 000294912 ___SH () C:\Users\LuciFafa\AppData\Roaming\nssm.exe
2016-06-03 15:01 - 2017-10-17 19:38 - 000022328 _____ () C:\Users\LuciFafa\AppData\Roaming\PnkBstrK.sys
2020-01-26 15:15 - 2014-05-24 21:09 - 000042496 ___SH (Open Source Software community project) C:\Users\LuciFafa\AppData\Roaming\pthreadGC2-w64.dll
2020-01-26 15:15 - 2014-05-26 20:16 - 000119704 ___SH (Open Source Software community LGPL) C:\Users\LuciFafa\AppData\Roaming\pthreadGC2.dll
2020-01-26 15:15 - 2014-06-26 17:21 - 001193458 ___SH () C:\Users\LuciFafa\AppData\Roaming\Runservice.exe
2020-01-26 15:15 - 2014-05-26 20:16 - 000364544 ___SH (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\LuciFafa\AppData\Roaming\ssleay32.dll
2020-01-26 15:15 - 2014-05-26 20:16 - 000113166 ___SH () C:\Users\LuciFafa\AppData\Roaming\zlib1.dll
2019-11-02 18:41 - 2019-11-02 18:41 - 000000038 _____ () C:\Users\LuciFafa\AppData\Local\cloudready_installer_uuid
2015-09-28 10:38 - 2021-01-09 17:20 - 000007602 _____ () C:\Users\LuciFafa\AppData\Local\Resmon.ResmonCfg
2020-11-03 12:00 - 2020-11-03 12:02 - 000000072 _____ () C:\Users\LuciFafa\AppData\Local\update_progress.txt
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-06-2022
Ran by LuciFafa (15-06-2022 09:38:53)
Running from C:\Users\LuciFafa\Desktop
Microsoft Windows 10 Home Version 21H2 19044.1766 (X86) (2020-09-26 17:56:41)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1117677789-4214877554-3075564690-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1117677789-4214877554-3075564690-503 - Limited - Disabled)
Guest (S-1-5-21-1117677789-4214877554-3075564690-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1117677789-4214877554-3075564690-1004 - Limited - Enabled)
LuciFafa (S-1-5-21-1117677789-4214877554-3075564690-1000 - Administrator - Enabled) => C:\Users\LuciFafa
WDAGUtilityAccount (S-1-5-21-1117677789-4214877554-3075564690-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Disabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
«Assassin`s Creed III» 1.06 (HKLM\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}_is1) (Version: 1.06 - Ubisoft)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 22.001.20117 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.445 - Adobe)
Adobe Refresh Manager (HKLM\...\{AC76BA86-0804-1033-1959-001824458876}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AIMP (HKLM\...\AIMP) (Version: v4.70.2251, 23.05.2021 - AIMP DevTeam)
AMD Problem Report Wizard (HKLM\...\{F2A66AD9-EF75-DE88-2D00-D43DB619A2BC}) (Version: 3.1.722.0 - ##COMPANY_NAME##) Hidden
AMD Settings - Branding (HKLM\...\{C186470C-6BAA-4AFA-AB1A-5AF50B8921C0}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.9.3 - Advanced Micro Devices, Inc.)
AMD USB 3.0 Device Detector (HKLM\...\{1D4675D5-0583-44CF-9DDD-3D9BDD4926A8}) (Version: 2.1.30.0 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (HKLM\...\{047532BE-2566-17C9-3C42-FED9CCB077D3}) (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (HKLM\...\{38230BC0-C1CE-E828-0E65-9439E5EC7FCA}) (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (HKLM\...\{5164089A-CA62-D4FE-2AC6-C8334F50AD28}) (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (HKLM\...\{61C56115-F7E2-EC86-24BA-BC2395BF5BB9}) (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (HKLM\...\{64B16C8D-1877-0D81-9151-225B2340723D}) (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (HKLM\...\{81052D74-E26D-FCBD-03B2-5E0D74848A39}) (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (HKLM\...\{D07C0DAB-27DE-3917-60C9-AF2A3C45199E}) (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (HKLM\...\{F85CEE70-1F81-B9B3-B57F-1F9CDE0F49F7}) (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
Angry Birds (HKLM\...\{24066C1A-104E-4577-9C28-2AE772005C1F}) (Version: 4.0.0 - Rovio Entertainment Ltd.)
Assassins Creed IV Black Flag (HKLM\...\QXNzYXNzaW5zQ3JlZWRJVkJsYWNrRmxhZw==_is1) (Version: 1 - )
aTube Catcher verze 3.8 (HKLM\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Audacity 2.1.2 (HKLM\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Audacity 3.1.3 (HKLM\...\Audacity_is1) (Version: 3.1.3 - Audacity Team)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 22.5.6015 - Avast Software)
Avast Update Helper (HKLM\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1189.1 - AVAST Software) Hidden
AviSynth 2.5 (HKLM\...\AviSynth) (Version: - )
Bandisoft MPEG-1 Decoder (HKLM\...\BandiMPEG1) (Version: - )
Catalyst Control Center - Branding (HKLM\...\{11087D24-567D-7D88-69C6-D7A08B5F4C47}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 6.00 - Piriform)
CCleaner Update Helper (HKLM\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1187.1 - Piriform Software) Hidden
Combat Arms Reloaded (HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Combat Arms Reloaded) (Version: VALOFE - VALOFE Global Ltd.)
Combat Arms the Classic (HKLM\...\CA_Classic) (Version: - )
CrystalDiskInfo 7.6.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 7.6.0 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Debugging Tools for Windows (x86) (HKLM\...\{300A2961-B2B5-4889-9CB9-5C2A570D08AD}) (Version: 6.11.1.404 - Microsoft Corporation)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
DiRT Rally (HKLM\...\ZGlydHJhbGx5_is1) (Version: 1 - )
FORM studio (HKLM\...\FSCZ_is1) (Version: - KASTNER software s.r.o.)
Gameforge Live 2.0.13 (HKLM\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.13 - Gameforge)
Google Chrome (HKLM\...\Google Chrome) (Version: 102.0.5005.63 - Google LLC)
GRID Autosport Complete Edition (HKLM\...\Z3JpZGF1dG9zcG9ydA_is1) (Version: 1 - )
HP Customer Experience Enhancements (HKLM\...\{0CC8AE1D-F5AA-4143-8FAD-E017E0E9EE70}) (Version: 6.0.5.1 - Hewlett-Packard) Hidden
HP Unified IO (HKLM\...\{F1390872-2500-4408-A46C-CD16C960C661}) (Version: 2.0.0.434 - HP) Hidden
HPLJUTCore (HKLM\...\{B445502B-2F83-4873-90F1-06059F71A46A}) (Version: 014.000.0001 - HP) Hidden
hppM125LaserJetService (HKLM\...\{18D5B189-DBDD-4E57-A84B-58C7700E9BB0}) (Version: 001.032.00682 - Hewlett-Packard) Hidden
hpStatusAlerts (HKLM\...\{E35D0ED5-716B-4E1F-8477-54DD746DF527}) (Version: 140.040.00231 - Hewlett Packard) Hidden
K-Lite Mega Codec Pack 11.5.5 (HKLM\...\KLiteCodecPack_is1) (Version: 11.5.5 - )
Lame ACM MP3 Codec (HKLM\...\LameACM) (Version: - )
Media Player Utilities 4.46 (HKLM\...\{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}) (Version: 4.46 - )
Metric Collection SDK 35 (HKLM\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4.7.2 (CSY) (HKLM\...\{6308154B-B596-3E24-AB86-71986CCD9905}) (Version: 4.7.03062 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.2 (HKLM\...\{10C4E843-C226-3FDF-9DD6-F4E3275E734D}) (Version: 4.7.03062 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (HKLM\...\{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (HKLM\...\{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}) (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27033 (HKLM\...\{624ba875-fdfc-4efa-9c66-b170dfebc3ec}) (Version: 14.16.27033.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 X86 Additional Runtime - 14.16.27033 (HKLM\...\{88D1025F-45D0-45C6-9EDB-379C2EE07AD7}) (Version: 14.16.27033 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 X86 Minimum Runtime - 14.16.27033 (HKLM\...\{D5AEE36E-4771-4F65-BDB6-8C59077BFBE4}) (Version: 14.16.27033 - Microsoft Corporation) Hidden
Microsoft_VC100_CRT_SP1_x86 (HKLM\...\{E3B64CC5-C011-40C0-92BC-7316CD5E5688}) (Version: 10.0.40219.1 - Nokia) Hidden
Mozilla Firefox (x86 cs) (HKLM\...\Mozilla Firefox 101.0.1 (x86 cs)) (Version: 101.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 101.0.1.8194 - Mozilla)
MP3 Normalizer version 2.1 (HKLM\...\{BE50A213-FB63-4E7B-89F1-D339D8FFDAAD}_is1) (Version: 2.1 - Code-it Software Solutions)
MP3 Volume Normalizer verze 1.5 (HKLM\...\MP3 Volume Normalizer_is1) (Version: 1.5 - )
MSVC80_x86_v2 (HKLM\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (HKLM\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NirSoft BlueScreenView (HKLM\...\NirSoft BlueScreenView) (Version: - )
Pinnacle VideoSpin (HKLM\...\{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}) (Version: 2.0.0.669 - Pinnacle Systems)
Pro Evolution Soccer 2015 (HKLM\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNQ==_is1) (Version: 1 - )
Pro Evolution Soccer 2016 (HKLM\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNg==_is1) (Version: 1 - )
Prohlížeč Seznam.cz (HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Seznam Browser) (Version: 6.9.0 - Seznam.cz a.s.)
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Quick Startup 5.20.1.174 (HKLM\...\Quick Startup) (Version: 5.20.1.174 - Glarysoft Ltd)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9205.1 - Realtek Semiconductor Corp.)
Roblox Player for LuciFafa (HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\roblox-player) (Version: - Roblox Corporation)
Roblox Studio for LuciFafa (HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\roblox-studio) (Version: - Roblox Corporation)
S.K.I.L.L. - Special Force 2 (HKLM\...\Special Force 2 Beta_is1) (Version: - Gameforge 4D GmbH)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0-2) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Warface My.Com (HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\Warface My.Com) (Version: 1.74 - My.com B.V.)
Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 6.02 (32-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM\...\x264vfw) (Version: - )
Xvid 1.2.2 final uninstall (HKLM\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x86__8wekyb3d8bbwe [2021-08-14] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-08-14] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.5310.0_x86__8wekyb3d8bbwe [2022-06-08] (Microsoft Studios) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_52.10427.388.0_x86__8wekyb3d8bbwe [2022-05-14] (Microsoft Corporation)
Trio Office -> C:\Program Files\WindowsApps\64343GTDocStudio.OfficeDocOpener_3.2.24.0_x86__3h5nez1g3qt2c [2021-08-14] (GT Office PDF Studio)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000_Classes\CLSID\{9d7602e2-51fa-4133-8d8b-5277272dd0a2}\localserver32 -> C:\Users\LuciFafa\AppData\Roaming\Seznam Browser\sznAgent\Seznam.cz.exe (Seznam.cz, a.s. -> Seznam.cz)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-06-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu32.dll [2021-07-10] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-06-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-06-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files\AIMP\System\aimp_menu32.dll [2021-07-10] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacmxx.dll [2018-09-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-06-07] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-1117677789-4214877554-3075564690-1000: [VIDEOTRANS] -> {C8CA0A66-AF32-4D5E-879E-F0809ACEDC55} => C:\Program Files\Media Player Utilities 4.46\AMVConverter\AmvTransform.dll [2007-06-16] () [File not signed]
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.FMVC] => C:\WINDOWS\system32\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\WINDOWS\system32\LameACM.acm [839680 2014-03-25] (hxxp://www.mp3dev.org/) [File not signed]
HKLM\...\Drivers32: [vidc.mjpg] => C:\WINDOWS\system32\pvmjpg30.dll [401408 2007-06-21] (Pegasus Imaging Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mpeg] => C:\WINDOWS\system32\bdmpegv.dll [73728 2010-02-17] () [File not signed]
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\WINDOWS\system32\bdmpega.acm [73728 2010-02-17] () [File not signed]
HKLM\...\Drivers32: [vidc.mjpx] => C:\WINDOWS\system32\bdmjpeg.dll [14848 2010-02-17] () [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\LuciFafa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=2&aff_sub2=3vW7d674xwPahcoL14LJA8P1yFGNipcgG3isbGA4nyxhisd8ssKwisHipJgAAAOisBiszMie&click_id=1eb056b9ba3ba75af06c956758d86d20b332eab2
ShortcutWithArgument: C:\Users\LuciFafa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=2&aff_sub2=3vW7d674xwPahcoL14LJA8P1yFGNipcgG3isbGA4nyxhisd8ssKwisHipJgAAAOisBiszMie&click_id=1eb056b9ba3ba75af06c956758d86d20b332eab2
==================== Loaded Modules (Whitelisted) =============
2018-04-24 23:07 - 2018-04-24 23:07 - 000013824 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2018-04-24 23:07 - 2018-04-24 23:07 - 001951232 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2015-09-25 12:56 - 2014-07-23 03:59 - 000104448 ____R () [File not signed] C:\Program Files\ASUS\AXSP\1.02.00\ATKEX.dll
2015-09-25 12:56 - 2022-06-15 09:20 - 000026112 _____ () [File not signed] C:\Program Files\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2007-06-16 17:18 - 2007-06-16 17:18 - 000032768 _____ () [File not signed] C:\Program Files\Media Player Utilities 4.46\AMVConverter\AmvTransform.dll
2012-04-11 10:40 - 2012-04-11 10:40 - 000067584 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.dll
2015-09-25 12:56 - 2014-07-23 03:59 - 000028672 ____R (ASUSTek Computer Inc.) [File not signed] C:\WINDOWS\SYSTEM32\asio.dll
2009-09-16 18:37 - 2009-09-16 18:37 - 000118784 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hptcpmib.dll
2009-09-16 18:38 - 2009-09-16 18:38 - 000200704 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\HpTcpMon.dll
2009-09-16 11:44 - 2009-09-16 11:44 - 000139264 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hpzjrd01.dll
2009-09-16 18:40 - 2009-09-16 18:40 - 000245760 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\HPTcpMUI.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000026112 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000033280 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000027648 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000243712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000020992 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000020992 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000019968 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000400896 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 001091072 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2018-09-26 00:17 - 2018-09-26 00:17 - 004756992 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 004958720 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000759296 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000226816 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 002601472 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 002841600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000265216 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000264192 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 052137984 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000086528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 004452352 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000234496 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000150016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 002236928 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000040960 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000015360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000015360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000257024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000071168 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2018-04-24 23:07 - 2018-04-24 23:07 - 000015360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKU\S-1-5-21-1117677789-4214877554-3075564690-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2019-11-03 16:00 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
2018-11-25 14:19 - 2018-11-25 14:28 - 000000440 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 LuciFafa-PC.mshome.net # 2023 11 5 24 12 28 50 123
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\ProgramData\Oracle\Java\javapath;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files\Common Files\Teleca Shared;C:\Program Files\Pinnacle\Shared Files\;C:\Windows\system32\Wbem;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\LuciFafa\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
DNS Servers: 10.0.0.138
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: MyComGames => "C:\Users\LuciFafa\AppData\Local\MyComGames\MyComGames.exe" -autostart
HKLM\...\StartupApproved\StartupFolder: => "Avast SecureLine VPN.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "DriverUpdUI.exe"
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\StartupApproved\Run: => "GlassWire"
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_27C6E36BE91D64CEA30EC2D1951DF011"
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1117677789-4214877554-3075564690-1000\...\StartupApproved\Run: => "GUDelayStartup"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{AF58EBE6-9047-4600-BD74-3557F4A98BEA}C:\valofeeu\ca_classic\voicechat.exe] => (Allow) C:\valofeeu\ca_classic\voicechat.exe (VALOFE Co.,Ltd. -> )
FirewallRules: [TCP Query User{4C2C283E-2680-45AF-B60F-7C5F69186551}C:\valofeeu\ca_classic\voicechat.exe] => (Allow) C:\valofeeu\ca_classic\voicechat.exe (VALOFE Co.,Ltd. -> )
FirewallRules: [UDP Query User{C9D5680E-B989-4E48-BE51-378F27EA5DD0}C:\program files\assassins creed iv black flag\ac4bfmp.exe] => (Block) C:\program files\assassins creed iv black flag\ac4bfmp.exe (Ubisoft Entertainment SA -> ) [File not signed]
FirewallRules: [TCP Query User{F2A83DB1-07EE-433B-AF71-CBE1BA6EFA7A}C:\program files\assassins creed iv black flag\ac4bfmp.exe] => (Block) C:\program files\assassins creed iv black flag\ac4bfmp.exe (Ubisoft Entertainment SA -> ) [File not signed]
FirewallRules: [TCP Query User{46399DCA-573F-4286-B236-9030E170AA85}C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe => No File
FirewallRules: [UDP Query User{3B1B9D02-F2AA-4AE3-8F5E-34376C338569}C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe => No File
FirewallRules: [{EC87A27C-4074-4AA5-BBFD-9211877F2D38}] => (Allow) C:\Program Files\GameforgeLive\gfl_client.exe (Gameforge 4D GmbH -> )
FirewallRules: [{CDD954B7-20A5-498C-9D61-42E0CAA801E8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7B950B8E-B792-4B3C-9C6B-16CA488974BC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{FCF751CB-8BE5-4862-BF29-4484D9A2273E}C:\r.g. catalyst\assassin`s creed iii\ac3sp.exe] => (Block) C:\r.g. catalyst\assassin`s creed iii\ac3sp.exe (Ubisoft Entertainment SA -> )
FirewallRules: [UDP Query User{F3F2ABE5-DE71-4224-A7CC-C5F87635F948}C:\r.g. catalyst\assassin`s creed iii\ac3sp.exe] => (Block) C:\r.g. catalyst\assassin`s creed iii\ac3sp.exe (Ubisoft Entertainment SA -> )
FirewallRules: [{7EF9D1B9-A961-412F-8121-54703B007668}] => (Allow) C:\ProgramData\VALOFEEU\NGM\NGM.exe (valofe Co.,Ltd. -> Nexon)
FirewallRules: [{D94F133B-68D5-4D67-802E-BBAB479A690A}] => (Allow) C:\ProgramData\VALOFEEU\NGM\NGM.exe (valofe Co.,Ltd. -> Nexon)
FirewallRules: [{B62F51D2-CB7F-4467-B68F-05ADACF73D9B}] => (Allow) C:\VALOFEEU\CA_Classic\NMService.exe (VALOFE Co.,Ltd. -> Nexon Corp.)
FirewallRules: [{FE8601DC-5AF1-4D41-9EE1-43B036E365C3}] => (Allow) C:\VALOFEEU\CA_Classic\NMService.exe (VALOFE Co.,Ltd. -> Nexon Corp.)
FirewallRules: [{28D684D2-201F-4CCE-86A4-569C7B53CFB8}] => (Allow) C:\Program Files\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{CE685811-8353-43A0-A229-8CCF53A9D23D}] => (Allow) C:\Program Files\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{D95C7E3B-0885-4494-8F1D-52E56FAFE42F}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{8857EC3E-97CB-4162-978D-67E0E074E9D2}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{F9DDEA7B-3523-497E-BE08-4FE3153575F6}] => (Allow) C:\Program Files\Steam\steamapps\common\AVA\launcher.exe (En Masse Entertainment -> En Masse Entertainment)
FirewallRules: [{D446791A-4EC4-4388-9308-91E40AE6E082}] => (Allow) C:\Program Files\Steam\steamapps\common\AVA\launcher.exe (En Masse Entertainment -> En Masse Entertainment)
FirewallRules: [TCP Query User{F53E705D-E7F5-45B9-915F-19E5944A1C59}C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe => No File
FirewallRules: [UDP Query User{0957E6CE-664B-4153-818A-2F79CEFC3259}C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe => No File
FirewallRules: [{220C6B6F-CA5A-4F4C-9728-D0CEFCDA7C97}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{3E15E737-175B-4C45-B5DC-5A51FA4AE876}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{A048AB68-9C44-4BAA-93F6-D7CB77BB7F31}] => (Allow) C:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{7268D25D-F217-4CA9-86E2-FB6B413E2033}] => (Allow) C:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [TCP Query User{63968150-81BF-476E-A288-660AD9FB5B96}C:\program files\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\program files\pro evolution soccer 2016\pes2016.exe (Konami Digital Entertainment Co., Ltd. -> Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [UDP Query User{6C5050AF-2961-45EE-8CE0-062ACF12A65F}C:\program files\pro evolution soccer 2016\pes2016.exe] => (Allow) C:\program files\pro evolution soccer 2016\pes2016.exe (Konami Digital Entertainment Co., Ltd. -> Konami Digital Entertainment Co., Ltd.) [File not signed]
FirewallRules: [{F311D39B-F000-4043-BB9A-068CA6FFAE17}] => (Allow) C:\Program Files\GameforgeLive\Games\CZE_ces\S.K.I.L.L\Binaries\Win32\sf2.exe (DRAGONFLY GF CO., LTD. -> DragonflyGames, Inc.)
FirewallRules: [{C2C938D0-FF05-49C9-896D-4AF0FCCF670D}] => (Allow) C:\Program Files\GameforgeLive\Games\CZE_ces\S.K.I.L.L\Binaries\Win32\sf2.exe (DRAGONFLY GF CO., LTD. -> DragonflyGames, Inc.)
FirewallRules: [{3F7C807D-766A-4EBD-87E4-10D24E364A3A}] => (Allow) C:\VALOFEEU\CA_Classic\NMService.exe (VALOFE Co.,Ltd. -> Nexon Corp.)
FirewallRules: [{AFA2B0E8-B9B3-4FA9-98CC-50FDEE2826A9}] => (Allow) C:\VALOFEEU\CA_Classic\NMService.exe (VALOFE Co.,Ltd. -> Nexon Corp.)
FirewallRules: [{76F3E7E5-B4B1-4935-80B6-91FA1E7E914C}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{33B957B4-FDB5-4287-89AE-075D6A35681F}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{A970E5AC-8814-4D21-850F-EDDABDE8A561}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{85CD6CF5-EBDD-445F-975E-82EF5F1559E1}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{186ED2F4-EFFC-492A-971D-A3038B3DCBEA}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{F5D385D5-4DF8-49D0-80C6-B994543C132F}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{20C40F1E-B9E0-4043-8E16-522526821F6D}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{4C109B9C-0E86-4579-8B31-83C415CF9520}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{6C428E1A-D6D7-41B8-90B2-A32A5F88D61B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{0C668B2E-5EB3-4E6E-B551-B76A61A9478E}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{BC8A7952-E93F-4222-A265-863CA59E4B1B}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{D4370749-044F-46E1-B33F-AF6319809BCF}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{4070370E-CB0A-4A34-931A-B4BFE8ED7411}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
DomainProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\CombatArms.exe] => C:\Nexon\Combat Arms EU\Combatarms.exe:*Enabled:Combatarms.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\Engine.exe] => :*Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe] => Enabled:CombatArms.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe] => Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe] => Enabled:NMService.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\CombatArms.exe] => :*Enabled:CombatArms.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\Engine.exe] => :*Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\NMService.exe] => Enabled:NMService.exe
DomainProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\CombatArms.exe] => :*Enabled:CombatArms.exe
DomainProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\Engine.exe] => :*Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\NMService.exe] => Enabled:NMService.exe
DomainProfile\AuthorizedApplications: [C:\VALOFEEU\CA_Classic\CombatArmsClassic.exe] => :*Enabled:CombatArmsClassic.exe
DomainProfile\AuthorizedApplications: [C:\VALOFEEU\CA_Classic\Engine.exe] => :*Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Valofe\CombatArms\CombatArms.exe] => Enabled:CombatArms.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Valofe\CombatArms\Engine.exe] => Enabled:Engine.exe
DomainProfile\AuthorizedApplications: [C:\Program Files\Valofe\CombatArms\NMService.exe] => Enabled:NMService.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\CombatArms.exe] => C:\Nexon\Combat Arms EU\Combatarms.exe:*Enabled:Combatarms.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\Engine.exe] => :*Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\CombatArms.exe] => Enabled:CombatArms.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\Engine.exe] => Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\CombatArmsBeta\appdata\NMService.exe] => Enabled:NMService.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\CombatArms.exe] => :*Enabled:CombatArms.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\Engine.exe] => :*Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\Nexon\Library\combatarms\appdata\NMService.exe] => Enabled:NMService.exe
StandardProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\CombatArms.exe] => :*Enabled:CombatArms.exe
StandardProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\Engine.exe] => :*Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\VALOFEEU\CombatArms\NMService.exe] => Enabled:NMService.exe
StandardProfile\AuthorizedApplications: [C:\VALOFEEU\CA_Classic\CombatArmsClassic.exe] => :*Enabled:CombatArmsClassic.exe
StandardProfile\AuthorizedApplications: [C:\VALOFEEU\CA_Classic\Engine.exe] => :*Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Valofe\CombatArms\CombatArms.exe] => Enabled:CombatArms.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Valofe\CombatArms\Engine.exe] => Enabled:Engine.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Valofe\CombatArms\NMService.exe] => Enabled:NMService.exe
==================== Restore Points =========================
10-06-2022 12:30:51 Naplánovaný kontrolní bod
14-06-2022 11:38:15 Instalační služba modulů systému Windows
14-06-2022 16:01:39 Instalační služba modulů systému Windows
15-06-2022 08:18:12 Instalační služba modulů systému Windows
15-06-2022 08:32:36 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (06/15/2022 09:20:53 AM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu FirewallProduct z úložiště dat.
Error: (06/15/2022 09:18:53 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (06/15/2022 09:18:53 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (06/15/2022 09:18:53 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (06/15/2022 09:18:53 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (06/15/2022 08:32:37 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).
System Error:
Přístup byl odepřen.
.
Error: (06/15/2022 08:18:44 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).
System Error:
Přístup byl odepřen.
.
Error: (06/14/2022 06:54:44 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu FirewallProduct z úložiště dat.
System errors:
=============
Error: (06/14/2022 03:53:39 PM) (Source: DCOM) (EventID: 10001) (User: LuciFafa-PC)
Description: Nelze spustit server DCOM: Microsoft.MicrosoftEdge_44.19041.1266.0_neutral__8wekyb3d8bbwe!MicrosoftEdge.AppXeb42j1vh6rk395pm0vmcx57dxqjhej5d.mca jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
Error: (06/14/2022 03:39:48 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Správce stažených map přestala během spouštění reagovat.
Error: (06/14/2022 03:31:28 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {338B40F9-9D68-4B53-A793-6B9AA0C5F63B} se v daném časovém limitu neregistroval u služby DCOM.
Error: (06/13/2022 03:41:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba amdacpusrsvc neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (06/13/2022 03:41:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba amdacpksd neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (06/13/2022 03:41:46 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (15:27:40, 13.6.2022) bylo neočekávané.
Error: (06/12/2022 06:49:18 PM) (Source: DCOM) (EventID: 10005) (User: LuciFafa-PC)
Description: Služba DCOM zjistila chybu 1053 při pokusu o spuštění služby BcastDVRUserService_35ac4bb s argumenty Není k dispozici za účelem spuštění serveru:
Windows.Media.Capture.Internal.AppCaptureShell
Error: (06/12/2022 06:49:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Uživatelská služba pro GameDVR a vysílání her_35ac4bb neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Windows Defender:
================
Date: 2022-02-11 09:58:29
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {CB9D779E-6F36-4D22-8F8F-8AC500F3D74B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-02-11 09:43:56
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {7D0C70E9-E2E2-47B1-B05D-192075B7D766}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-01-09 15:48:22
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {37353852-E8D8-4FA2-9319-60C0A0C84079}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: LuciFafa-PC\LuciFafa
Date: 2021-01-09 15:35:55
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CryptInject!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\LuciFafa\Downloads\FRST.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.329.1924.0, AS: 1.329.1924.0, NIS: 1.329.1924.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4
Date: 2021-01-09 15:34:23
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CryptInject!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\LuciFafa\Downloads\FRST.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: LuciFafa-PC\LuciFafa
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.329.1924.0, AS: 1.329.1924.0, NIS: 1.329.1924.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4
Event[0]:
Date: 2022-06-01 11:35:19
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.359.12.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18900.3
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2022-06-01 11:35:19
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.359.12.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18900.3
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2022-06-01 11:35:19
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.359.12.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18900.3
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2022-06-01 11:35:19
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.359.12.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18900.3
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2022-06-01 11:35:19
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.359.12.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18900.3
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
CodeIntegrity:
===============
Date: 2022-06-15 09:27:48
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\amdihk32.dll that did not meet the Microsoft signing level requirements.
Date: 2022-06-15 09:21:54
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2022-06-15 09:21:06
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 2301 04/24/2015
Motherboard: ASUSTeK COMPUTER INC. A88XM-A
Processor: AMD A8-7600 Radeon R7, 10 Compute Cores 4C+6G
Percentage of memory in use: 62%
Total physical RAM: 3030.36 MB
Available physical RAM: 1145.02 MB
Total Virtual: 6102.36 MB
Available Virtual: 3933.74 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.97 GB) (Free:443.17 GB) (Model: ST1000DM 003-1SB10C SATA Disk Device) NTFS
\\?\Volume{bfa7490a-636e-11e5-a8d8-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS
\\?\Volume{09292a41-0000-0000-0000-90c4e8000000}\ () (Fixed) (Total:0.44 GB) (Free:0.1 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 09292A41)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
==================== End of Addition.txt =======================
- Rudy
- Site Admin
- Příspěvky: 118715
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kotrolu nebo skála
Stane se a nic se neděje. Jsme tu také od toho, abychom na to upozornili. Nyní spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kotrolu nebo skála
Tak snad ok jen restart neproběhl což bych potřebovala asi už já.
# -------------------------------
# Malwarebytes AdwCleaner 8.3.2.0
# -------------------------------
# Build: 03-23-2022
# Database: 2022-03-15.3 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 06-15-2022
# Duration: 00:00:08
# OS: Windows 10 Home
# Scanned: 32044
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S14].txt - [2629 octets] - [05/03/2021 08:38:24]
AdwCleaner[C14].txt - [2799 octets] - [05/03/2021 08:38:35]
AdwCleaner[S15].txt - [2687 octets] - [05/03/2021 08:39:12]
AdwCleaner[S16].txt - [2748 octets] - [05/08/2021 09:14:00]
AdwCleaner[S17].txt - [2809 octets] - [05/01/2022 16:00:23]
AdwCleaner[S18].txt - [2870 octets] - [05/01/2022 16:01:09]
AdwCleaner[C18].txt - [3060 octets] - [05/01/2022 16:01:55]
AdwCleaner[S19].txt - [2992 octets] - [05/01/2022 16:05:52]
AdwCleaner[C19].txt - [3182 octets] - [05/01/2022 16:05:59]
AdwCleaner[S20].txt - [3114 octets] - [11/02/2022 10:06:45]
AdwCleaner[S21].txt - [3175 octets] - [24/03/2022 08:10:54]
AdwCleaner[S22].txt - [3236 octets] - [11/05/2022 09:34:12]
AdwCleaner[S23].txt - [3297 octets] - [31/05/2022 11:02:21]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S24].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 8.3.2.0
# -------------------------------
# Build: 03-23-2022
# Database: 2022-03-15.3 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 06-15-2022
# Duration: 00:00:08
# OS: Windows 10 Home
# Scanned: 32044
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S14].txt - [2629 octets] - [05/03/2021 08:38:24]
AdwCleaner[C14].txt - [2799 octets] - [05/03/2021 08:38:35]
AdwCleaner[S15].txt - [2687 octets] - [05/03/2021 08:39:12]
AdwCleaner[S16].txt - [2748 octets] - [05/08/2021 09:14:00]
AdwCleaner[S17].txt - [2809 octets] - [05/01/2022 16:00:23]
AdwCleaner[S18].txt - [2870 octets] - [05/01/2022 16:01:09]
AdwCleaner[C18].txt - [3060 octets] - [05/01/2022 16:01:55]
AdwCleaner[S19].txt - [2992 octets] - [05/01/2022 16:05:52]
AdwCleaner[C19].txt - [3182 octets] - [05/01/2022 16:05:59]
AdwCleaner[S20].txt - [3114 octets] - [11/02/2022 10:06:45]
AdwCleaner[S21].txt - [3175 octets] - [24/03/2022 08:10:54]
AdwCleaner[S22].txt - [3236 octets] - [11/05/2022 09:34:12]
AdwCleaner[S23].txt - [3297 octets] - [31/05/2022 11:02:21]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S24].txt ##########
Re: Prosím o kotrolu nebo skála
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1420 octets] - [16/05/2020 11:38:24]
AdwCleaner[C00].txt - [1590 octets] - [16/05/2020 11:39:13]
AdwCleaner[S01].txt - [1574 octets] - [24/06/2020 10:18:22]
AdwCleaner[S02].txt - [1635 octets] - [24/06/2020 10:19:42]
AdwCleaner[S03].txt - [1696 octets] - [17/08/2020 16:43:40]
AdwCleaner[C03].txt - [1866 octets] - [17/08/2020 16:52:24]
AdwCleaner[S04].txt - [1818 octets] - [28/08/2020 18:40:59]
AdwCleaner[C04].txt - [1988 octets] - [28/08/2020 18:41:12]
AdwCleaner[S05].txt - [1940 octets] - [28/10/2020 14:38:01]
AdwCleaner[C05].txt - [2110 octets] - [28/10/2020 14:38:20]
AdwCleaner[S06].txt - [2016 octets] - [11/11/2020 12:03:35]
AdwCleaner[S07].txt - [2077 octets] - [11/11/2020 12:04:06]
AdwCleaner[C07].txt - [2267 octets] - [11/11/2020 12:04:33]
AdwCleaner[S08].txt - [2199 octets] - [11/11/2020 12:11:36]
AdwCleaner[S09].txt - [2260 octets] - [19/12/2020 19:42:08]
AdwCleaner[S10].txt - [2321 octets] - [19/12/2020 19:42:49]
AdwCleaner[S11].txt - [2382 octets] - [03/01/2021 13:02:05]
AdwCleaner[S12].txt - [2443 octets] - [01/02/2021 16:30:11]
AdwCleaner[S13].txt - [2504 octets] - [01/02/2021 16:30:51]
AdwCleaner[S14].txt - [2629 octets] - [05/03/2021 08:38:24]
AdwCleaner[C14].txt - [2799 octets] - [05/03/2021 08:38:35]
AdwCleaner[S15].txt - [2687 octets] - [05/03/2021 08:39:12]
AdwCleaner[S16].txt - [2748 octets] - [05/08/2021 09:14:00]
AdwCleaner[S17].txt - [2809 octets] - [05/01/2022 16:00:23]
AdwCleaner[S18].txt - [2870 octets] - [05/01/2022 16:01:09]
AdwCleaner[C18].txt - [3060 octets] - [05/01/2022 16:01:55]
AdwCleaner[S19].txt - [2992 octets] - [05/01/2022 16:05:52]
AdwCleaner[C19].txt - [3182 octets] - [05/01/2022 16:05:59]
AdwCleaner[S20].txt - [3114 octets] - [11/02/2022 10:06:45]
AdwCleaner[S21].txt - [3175 octets] - [24/03/2022 08:10:54]
AdwCleaner[S22].txt - [3236 octets] - [11/05/2022 09:34:12]
AdwCleaner[S23].txt - [3297 octets] - [31/05/2022 11:02:21]
AdwCleaner[S24].txt - [2199 octets] - [15/06/2022 10:30:09]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C24].txt ##########
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1420 octets] - [16/05/2020 11:38:24]
AdwCleaner[C00].txt - [1590 octets] - [16/05/2020 11:39:13]
AdwCleaner[S01].txt - [1574 octets] - [24/06/2020 10:18:22]
AdwCleaner[S02].txt - [1635 octets] - [24/06/2020 10:19:42]
AdwCleaner[S03].txt - [1696 octets] - [17/08/2020 16:43:40]
AdwCleaner[C03].txt - [1866 octets] - [17/08/2020 16:52:24]
AdwCleaner[S04].txt - [1818 octets] - [28/08/2020 18:40:59]
AdwCleaner[C04].txt - [1988 octets] - [28/08/2020 18:41:12]
AdwCleaner[S05].txt - [1940 octets] - [28/10/2020 14:38:01]
AdwCleaner[C05].txt - [2110 octets] - [28/10/2020 14:38:20]
AdwCleaner[S06].txt - [2016 octets] - [11/11/2020 12:03:35]
AdwCleaner[S07].txt - [2077 octets] - [11/11/2020 12:04:06]
AdwCleaner[C07].txt - [2267 octets] - [11/11/2020 12:04:33]
AdwCleaner[S08].txt - [2199 octets] - [11/11/2020 12:11:36]
AdwCleaner[S09].txt - [2260 octets] - [19/12/2020 19:42:08]
AdwCleaner[S10].txt - [2321 octets] - [19/12/2020 19:42:49]
AdwCleaner[S11].txt - [2382 octets] - [03/01/2021 13:02:05]
AdwCleaner[S12].txt - [2443 octets] - [01/02/2021 16:30:11]
AdwCleaner[S13].txt - [2504 octets] - [01/02/2021 16:30:51]
AdwCleaner[S14].txt - [2629 octets] - [05/03/2021 08:38:24]
AdwCleaner[C14].txt - [2799 octets] - [05/03/2021 08:38:35]
AdwCleaner[S15].txt - [2687 octets] - [05/03/2021 08:39:12]
AdwCleaner[S16].txt - [2748 octets] - [05/08/2021 09:14:00]
AdwCleaner[S17].txt - [2809 octets] - [05/01/2022 16:00:23]
AdwCleaner[S18].txt - [2870 octets] - [05/01/2022 16:01:09]
AdwCleaner[C18].txt - [3060 octets] - [05/01/2022 16:01:55]
AdwCleaner[S19].txt - [2992 octets] - [05/01/2022 16:05:52]
AdwCleaner[C19].txt - [3182 octets] - [05/01/2022 16:05:59]
AdwCleaner[S20].txt - [3114 octets] - [11/02/2022 10:06:45]
AdwCleaner[S21].txt - [3175 octets] - [24/03/2022 08:10:54]
AdwCleaner[S22].txt - [3236 octets] - [11/05/2022 09:34:12]
AdwCleaner[S23].txt - [3297 octets] - [31/05/2022 11:02:21]
AdwCleaner[S24].txt - [2199 octets] - [15/06/2022 10:30:09]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C24].txt ##########
- Rudy
- Site Admin
- Příspěvky: 118715
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kotrolu nebo skála
Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe (No File)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe (No File)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
GroupPolicy\User: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {3A95B8C8-B1C9-402B-ADA9-0FC3D224F57C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (No File)
Task: {3F983359-DF03-40CA-8C66-C8389544BBF5} - System32\Tasks\{002AE781-3C13-4988-9DD7-5C950841373F} => C:\Program Files\Nexon\Nexon Launcher\nexon_launcher.exe (No File)
Task: {83CC6E3E-1B1E-46A5-9804-E32CB79B5FA5} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (No File)
Task: {8E5D4FB0-BC25-4160-9C8A-D8F458BE987F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (No File)
Task: {9ED3DE3C-4F79-485B-9306-97AFE797BB4E} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (No File)
Task: {AB4E247F-3307-4A04-A06F-34E942D8613D} - System32\Tasks\Java Updater => C:\Users\LuciFafa\AppData\Roaming\nircmd.exe [44032 2013-08-11] (NirSoft) [File not signed] -> exec hide "C:\Users\LuciFafa\AppData\Roaming\Redist.exe" <==== ATTENTION
Task: {E5A10CDF-C165-46D4-92E0-60FE090D47C5} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (No File)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
FirewallRules: [TCP Query User{46399DCA-573F-4286-B236-9030E170AA85}C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe => No File
FirewallRules: [UDP Query User{3B1B9D02-F2AA-4AE3-8F5E-34376C338569}C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe => No File
FirewallRules: [TCP Query User{F53E705D-E7F5-45B9-915F-19E5944A1C59}C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe => No File
FirewallRules: [UDP Query User{0957E6CE-664B-4153-818A-2F79CEFC3259}C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe => No File
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kotrolu nebo skála
Doufám že je to dobře
Fix result of Farbar Recovery Scan Tool (x86) Version: 15-06-2022
Ran by LuciFafa (15-06-2022 18:03:02) Run:1
Running from C:\Users\LuciFafa\Desktop
Loaded Profiles: LuciFafa
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe (No File)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe (No File)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
GroupPolicy\User: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {3A95B8C8-B1C9-402B-ADA9-0FC3D224F57C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (No File)
Task: {3F983359-DF03-40CA-8C66-C8389544BBF5} - System32\Tasks\{002AE781-3C13-4988-9DD7-5C950841373F} => C:\Program Files\Nexon\Nexon Launcher\nexon_launcher.exe (No File)
Task: {83CC6E3E-1B1E-46A5-9804-E32CB79B5FA5} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (No File)
Task: {8E5D4FB0-BC25-4160-9C8A-D8F458BE987F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (No File)
Task: {9ED3DE3C-4F79-485B-9306-97AFE797BB4E} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (No File)
Task: {AB4E247F-3307-4A04-A06F-34E942D8613D} - System32\Tasks\Java Updater => C:\Users\LuciFafa\AppData\Roaming\nircmd.exe [44032 2013-08-11] (NirSoft) [File not signed] -> exec hide "C:\Users\LuciFafa\AppData\Roaming\Redist.exe" <==== ATTENTION
Task: {E5A10CDF-C165-46D4-92E0-60FE090D47C5} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (No File)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
FirewallRules: [TCP Query User{46399DCA-573F-4286-B236-9030E170AA85}C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe => No File
FirewallRules: [UDP Query User{3B1B9D02-F2AA-4AE3-8F5E-34376C338569}C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe => No File
FirewallRules: [TCP Query User{F53E705D-E7F5-45B9-915F-19E5944A1C59}C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe => No File
FirewallRules: [UDP Query User{0957E6CE-664B-4153-818A-2F79CEFC3259}C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe => No File
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
"HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin" => removed successfully.
"HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{503739d0-4c5e-4cfd-b3ba-d881334f0df2}" => removed successfully.
C:\WINDOWS\system32\GroupPolicy\User => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully.
HKLM\SOFTWARE\Policies\Google => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3A95B8C8-B1C9-402B-ADA9-0FC3D224F57C}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3A95B8C8-B1C9-402B-ADA9-0FC3D224F57C}" => removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW2" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3F983359-DF03-40CA-8C66-C8389544BBF5}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F983359-DF03-40CA-8C66-C8389544BBF5}" => removed successfully.
C:\Windows\System32\Tasks\{002AE781-3C13-4988-9DD7-5C950841373F} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{002AE781-3C13-4988-9DD7-5C950841373F}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{83CC6E3E-1B1E-46A5-9804-E32CB79B5FA5}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{83CC6E3E-1B1E-46A5-9804-E32CB79B5FA5}" => removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURDiscovery" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8E5D4FB0-BC25-4160-9C8A-D8F458BE987F}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8E5D4FB0-BC25-4160-9C8A-D8F458BE987F}" => removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate_scheduled" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9ED3DE3C-4F79-485B-9306-97AFE797BB4E}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9ED3DE3C-4F79-485B-9306-97AFE797BB4E}" => removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrRecoveryTask" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{AB4E247F-3307-4A04-A06F-34E942D8613D}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AB4E247F-3307-4A04-A06F-34E942D8613D}" => removed successfully.
C:\Windows\System32\Tasks\Java Updater => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Java Updater" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E5A10CDF-C165-46D4-92E0-60FE090D47C5}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E5A10CDF-C165-46D4-92E0-60FE090D47C5}" => removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrScheduleTask" => removed successfully.
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully.
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully.
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully.
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully.
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{46399DCA-573F-4286-B236-9030E170AA85}C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3B1B9D02-F2AA-4AE3-8F5E-34376C338569}C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F53E705D-E7F5-45B9-915F-19E5944A1C59}C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0957E6CE-664B-4153-818A-2F79CEFC3259}C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe" => removed successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 1572864 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 54993577 B
Java, Discord, Steam htmlcache => 93529577 B
Windows/system/drivers => 15233645 B
Edge => 17408 B
Chrome => 151552 B
Firefox => 1585216955 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
LocalService => 69816 B
NetworkService => 19853496 B
LuciFafa => 560688304 B
RecycleBin => 0 B
EmptyTemp: => 2.2 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 18:07:18 ====
Fix result of Farbar Recovery Scan Tool (x86) Version: 15-06-2022
Ran by LuciFafa (15-06-2022 18:03:02) Run:1
Running from C:\Users\LuciFafa\Desktop
Loaded Profiles: LuciFafa
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe (No File)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe (No File)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
GroupPolicy\User: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {3A95B8C8-B1C9-402B-ADA9-0FC3D224F57C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (No File)
Task: {3F983359-DF03-40CA-8C66-C8389544BBF5} - System32\Tasks\{002AE781-3C13-4988-9DD7-5C950841373F} => C:\Program Files\Nexon\Nexon Launcher\nexon_launcher.exe (No File)
Task: {83CC6E3E-1B1E-46A5-9804-E32CB79B5FA5} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (No File)
Task: {8E5D4FB0-BC25-4160-9C8A-D8F458BE987F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (No File)
Task: {9ED3DE3C-4F79-485B-9306-97AFE797BB4E} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (No File)
Task: {AB4E247F-3307-4A04-A06F-34E942D8613D} - System32\Tasks\Java Updater => C:\Users\LuciFafa\AppData\Roaming\nircmd.exe [44032 2013-08-11] (NirSoft) [File not signed] -> exec hide "C:\Users\LuciFafa\AppData\Roaming\Redist.exe" <==== ATTENTION
Task: {E5A10CDF-C165-46D4-92E0-60FE090D47C5} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (No File)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
FirewallRules: [TCP Query User{46399DCA-573F-4286-B236-9030E170AA85}C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe => No File
FirewallRules: [UDP Query User{3B1B9D02-F2AA-4AE3-8F5E-34376C338569}C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe => No File
FirewallRules: [TCP Query User{F53E705D-E7F5-45B9-915F-19E5944A1C59}C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe => No File
FirewallRules: [UDP Query User{0957E6CE-664B-4153-818A-2F79CEFC3259}C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe => No File
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
"HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin" => removed successfully.
"HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{503739d0-4c5e-4cfd-b3ba-d881334f0df2}" => removed successfully.
C:\WINDOWS\system32\GroupPolicy\User => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully.
HKLM\SOFTWARE\Policies\Google => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3A95B8C8-B1C9-402B-ADA9-0FC3D224F57C}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3A95B8C8-B1C9-402B-ADA9-0FC3D224F57C}" => removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW2" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3F983359-DF03-40CA-8C66-C8389544BBF5}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F983359-DF03-40CA-8C66-C8389544BBF5}" => removed successfully.
C:\Windows\System32\Tasks\{002AE781-3C13-4988-9DD7-5C950841373F} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{002AE781-3C13-4988-9DD7-5C950841373F}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{83CC6E3E-1B1E-46A5-9804-E32CB79B5FA5}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{83CC6E3E-1B1E-46A5-9804-E32CB79B5FA5}" => removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURDiscovery" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8E5D4FB0-BC25-4160-9C8A-D8F458BE987F}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8E5D4FB0-BC25-4160-9C8A-D8F458BE987F}" => removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate_scheduled" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9ED3DE3C-4F79-485B-9306-97AFE797BB4E}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9ED3DE3C-4F79-485B-9306-97AFE797BB4E}" => removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrRecoveryTask" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{AB4E247F-3307-4A04-A06F-34E942D8613D}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AB4E247F-3307-4A04-A06F-34E942D8613D}" => removed successfully.
C:\Windows\System32\Tasks\Java Updater => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Java Updater" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E5A10CDF-C165-46D4-92E0-60FE090D47C5}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E5A10CDF-C165-46D4-92E0-60FE090D47C5}" => removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrScheduleTask" => removed successfully.
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully.
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully.
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully.
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully.
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{46399DCA-573F-4286-B236-9030E170AA85}C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3B1B9D02-F2AA-4AE3-8F5E-34376C338569}C:\users\lucifafa\appdata\local\mycomgames\mycomgames.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F53E705D-E7F5-45B9-915F-19E5944A1C59}C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0957E6CE-664B-4153-818A-2F79CEFC3259}C:\users\lucifafa\appdata\local\gamecenter\gamecenter.exe" => removed successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 1572864 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 54993577 B
Java, Discord, Steam htmlcache => 93529577 B
Windows/system/drivers => 15233645 B
Edge => 17408 B
Chrome => 151552 B
Firefox => 1585216955 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
LocalService => 69816 B
NetworkService => 19853496 B
LuciFafa => 560688304 B
RecycleBin => 0 B
EmptyTemp: => 2.2 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 18:07:18 ====
- Rudy
- Site Admin
- Příspěvky: 118715
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kotrolu nebo skála
Je to OK. Bylo smazáno, log by již měl být v pořádku.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kotrolu nebo skála
Děkuji moc o poznání je rychlejší víc asi nenáděláme. Ono by také pomohlo přeinstalování je plný blbostí odpadu atd. copak na to má člověk čas a náladu.
Ještě jednou díky dám mu šanci a skála nebude.
Jste zlatý pánové a skláním se před vámi že jste tu již tolik let a stále pomáháte.
S pozdravem Vaše věrná zákaznice.
Ještě jednou díky dám mu šanci a skála nebude.
Jste zlatý pánové a skláním se před vámi že jste tu již tolik let a stále pomáháte.
S pozdravem Vaše věrná zákaznice.
- Rudy
- Site Admin
- Příspěvky: 118715
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kotrolu nebo skála
Děkujeme za uznání a nemáte zač! Máme to tu jako relax
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.