Zdravím, občas se na NTB objeví modá smrt, příčina neznámá. Chtěl bych poprosit o kontrolu logů, zda v NTB není nějaká havěť.
Děkuji
Dalibor
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19.04.2024 01
Ran by daldo (administrator) on KALOUSEK-NTB (LENOVO 82EY) (18-05-2024 08:50:40)
Running from C:\Users\daldo\Desktop\FRST64.exe
Loaded Profiles: daldo
Platform: Microsoft Windows 10 Home Version 22H2 19045.4291 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe ->) (Avast Software s.r.o. -> Software Security System) C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\Ekag20nt.exe
(C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe ->) (Avast Software s.r.o. -> The CefSharp Authors) C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe <3>
(C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE ->) (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(GenericMessagingAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(LenovoGamingSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(C:\Users\daldo\AppData\Roaming\Seznam.cz\bin\szndesktop.exe ->) (Seznam.cz, a.s. -> ) C:\Users\daldo\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <2>
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~1.INF\DAX3API.exe
(explorer.exe ->) (20E7E2C9-A2A9-4A02-BB29-6FCFB9E042BB -> Lenovo) C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.6.12.0_x64__5grkq8ppsgwt4\LaunchUtility\utility.exe
(explorer.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe <2>
(explorer.exe ->) (Hanvon Ugee Technology Co., Ltd. -> XPPEN TECHNOLOGY CO.) C:\Program Files\Pentablet\PenTablet.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Seznam.cz, a.s. -> ) C:\Users\daldo\AppData\Roaming\Seznam.cz\szninstall.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0369673.inf_amd64_58833994acffc9ae\B369681\atiesrxx.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AntiTrackSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Lavasoft Software Canada Inc. -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvltig.inf_amd64_64ea833c46d6bad8\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Qualcomm Atheros, Inc. -> ) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Seznam.cz, a.s. -> ) C:\Users\daldo\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(svchost.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe
(svchost.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <43>
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2403.5.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [1086248 2020-05-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [423832 2024-04-02] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\...\Run: [PenTablet] => C:\Program Files\Pentablet\PenTablet.exe [1103480 2022-09-26] (Hanvon Ugee Technology Co., Ltd. -> XPPEN TECHNOLOGY CO.)
HKLM\...\Run: [DriverUpdUI.exe] => C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe [10276248 2024-03-18] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [114273560 2020-10-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-54108041-3537599779-3304371934-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\daldo\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-54108041-3537599779-3304371934-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\daldo\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-54108041-3537599779-3304371934-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [9255640 2024-02-05] (Lavasoft Software Canada Inc. -> Lavasoft) <==== ATTENTION
HKU\S-1-5-21-54108041-3537599779-3304371934-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe [46113536 2024-04-17] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-54108041-3537599779-3304371934-1001\...\Run: [MicrosoftEdgeAutoLaunch_990E1BFB3546B7698C65D0E199A6D191] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4081192 2024-05-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-54108041-3537599779-3304371934-1001\...\MountPoints2: {276eeb9b-70cd-11ec-8391-803049a697c2} - "D:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\Canon MG3000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDG.DLL [30720 2023-06-28] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3000 series: C:\Windows\system32\CNMLMDG.DLL [485376 2023-06-28] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3000 series XPS: C:\Windows\system32\CNMXLMDG.DLL [487424 2016-05-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\125.0.6422.60\Installer\chrmstp.exe [2024-05-17] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {B40AA9C1-8888-48BB-83E8-221110862C1A} - System32\Tasks\Avast Software\Avast Driver Updater BugReport => C:\Program Files\Avast Software\Driver Updater\AvBugReport.exe [4979096 2024-03-18] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 148 --programpath "C:\Program Files\Avast Software\Driver Updater\Setup\.." --configpath "C:\Program Files\Avast Software\Driver Updater\Setup" --path "C:\ProgramData\Avast Software\Driver Updater\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --log (the data entry has 99 more characters).
Task: {29D41059-839E-49C8-ABB3-68DB226E3119} - System32\Tasks\Avast Software\Avast Driver Updater Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-du\icarus.exe [7786904 2024-03-14] (Avast Software s.r.o. -> Avast Software)
Task: {B368E92E-6C2C-44FB-A61E-ADB2102BD129} - System32\Tasks\Avast Software\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5188504 2024-04-02] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {F8EE3AAA-8C9E-45D0-BEF5-11D0C6038F8F} - System32\Tasks\Avast Software\AvastAntiTrackPremiumStart => C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe [812456 2024-01-31] (Avast Software s.r.o. -> AVAST Software)
Task: {2160A7C6-3F8F-4C08-B196-91F1E97D2F9B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-01] (Avast Software s.r.o. -> Avast Software)
Task: {00C7D778-BB23-4C53-A242-406F73329AFD} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem126.0.6462.0{2E7BF87B-9716-4900-B818-8AFCB0B67D05} => C:\Program Files (x86)\Google\GoogleUpdater\126.0.6462.0\updater.exe [4794656 2024-05-06] (Google LLC -> Google LLC)
Task: {3871A6D7-C483-4892-973C-7102C32B4C53} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\Windows\system32\ImController.InfInstaller.exe [74952 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {0CB7B013-152F-428D-8AC0-781454A48146} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => C:\Windows\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> START ImControllerService
Task: {8FEBA907-F123-4017-B13F-C28D10848E01} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => C:\Windows\System32\reg.exe [77312 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {5157A689-4867-402E-8C3E-A9FFFADC53DF} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\22664f2c-1164-4817-b69e-9203c8f7f890 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {830CC4F2-8A8B-4D6A-9125-90112ED86441} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5859a7f7-086c-4cbd-8dcf-306bd89e0c29 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {407E2EE5-8B31-450F-A6D0-99DA185E719D} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\8e07a0e9-0b78-4317-8530-56c3f2579f11 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {8674C7C2-E56B-4CFA-880D-A868A9F8B4D3} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\c4887309-90c4-4b6e-97e0-2237ccc0f43b => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {C0B61463-C175-48A8-84D6-7EEBAA41BDAC} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ccfaddee-7f45-4830-af87-7439a3ccffe5 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {77B26A2F-981D-4371-B259-647D9D8C2AE4} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => C:\Windows\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> start LenovoVantageService
Task: {7748563E-50DD-4969-8DEE-C65E01DE83FB} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {6F4FB469-1B56-489B-94D7-311A3B2B7BA0} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {8AD9CF6F-91F6-4CF6-BA08-7634F4D16C13} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {C07C0F36-7276-41B4-9798-C52144A00CBF} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {1524FD18-0254-471A-9ADF-8294D4FBC189} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {5A4FE27F-8D7F-4C1D-83FC-1E8B1225BFC7} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {926D2E79-6891-4B47-9D1F-E55D66364067} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {38593243-0CDF-40A8-9EC9-C6FBE1D313A9} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {9D977C12-09A6-4A7D-B45E-1DC4027C54C7} - System32\Tasks\Lenovo\Vantage\Schedule\NotificationCenter => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe NotificationCenter (No File)
Task: {4EA21C5C-B26F-435E-B14E-B07C24C09E82} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {85EF0710-390A-4A22-B4FD-803E3C25A78F} - System32\Tasks\Lenovo\Vantage\Schedule\SmartPerformance.ExpireReminder => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {111DC431-0E94-408F-8A59-4F21B06E9340} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinWeekScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {7DD4CEF4-3AB7-4AE8-87B4-EDBB3B0D2740} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
Task: {1FE2ED55-64B5-4DC9-BA98-072B88289143} - System32\Tasks\Lenovo\Vantage\StartupFixPlan => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\uninstall.exe [365024 2024-03-03] (Lenovo -> Lenovo)
Task: {6AB336EB-8EF5-41E9-82F6-46C4A6D8F839} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe [5656192 2024-04-10] (Microsoft Windows -> Microsoft Corporation)
Task: {65325C96-180D-4143-B253-E7B0065D83B8} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28436048 2024-05-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {78E8C95C-77F2-46C2-AC4D-835FAA216F17} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28436048 2024-05-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {326612DD-958B-4980-B7E6-7BFAF54803B1} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309936 2024-05-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {F7DB5431-1D88-4E26-8C5A-F3E022970A62} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309936 2024-05-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {D2957216-1A67-4A82-8E45-D28188621AEA} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [168928 2024-05-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {CDFBECFD-AEBE-4A2E-91BE-1A44C0C61100} - System32\Tasks\Microsoft\Windows\NetFramework\Microsoft .NET Framework => C:\Windows\Microsoft.NET\Framework\v3.5\mscorsvw.exe [3691520 2020-12-30] () [File not signed] <==== ATTENTION
Task: {FB70E670-02DB-4BD4-8F83-18538E0D113E} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-18] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {0584940B-7722-4E2A-897B-1141BA34D2AB} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-10-18] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {F03BA546-371A-48AF-BA97-085753468F0A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3301176 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1E5FE67F-0C39-4E89-A6DD-898C244C8250} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {50A6B091-C345-4160-90E6-2797BEF93D21} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {26729A38-B0A3-415C-9E7D-0D3EBF05AF34} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EB84A66C-D410-4732-BC1E-348756776389} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {44D8CB4B-2FF3-4CD5-8FEC-E5CF0DB86372} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {44793E96-E0E5-42A4-B290-AAA5B7BCE8A9} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {ED60C142-6C86-4781-AFAB-1273266511F0} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1128424 2020-10-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {48EC2182-751E-4EF0-AD25-09B3A730017C} - System32\Tasks\Opera scheduled assistant Autoupdate 1607962508 => C:\Users\daldo\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\daldo\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {D50BD541-3B09-440C-BBDE-37AD9D13469A} - System32\Tasks\Opera scheduled Autoupdate 1607962503 => C:\Users\daldo\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 176.31.104.226 cod2master.activision.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{a7b53d25-c5de-42cf-8613-e2742191a48a}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{a7b53d25-c5de-42cf-8613-e2742191a48a}\35F4E45445D2055524C49434: [DhcpNameServer] 8.8.8.8 8.8.4.4 1.1.1.1
Tcpip\..\Interfaces\{a7b53d25-c5de-42cf-8613-e2742191a48a}\4505D2C494E4B4F553244443: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{a7b53d25-c5de-42cf-8613-e2742191a48a}\75966696F5352505E4052495846425: [DhcpNameServer] 192.168.10.10
Tcpip\..\Interfaces\{a7b53d25-c5de-42cf-8613-e2742191a48a}\75966696F5352545C4648574236553: [DhcpNameServer] 192.168.10.10
Tcpip\..\Interfaces\{d0876e07-e468-4378-ad92-0701b9cb14b0}: [DhcpNameServer] 150.211.1.2
Edge:
=======
Edge Profile: C:\Users\daldo\AppData\Local\Microsoft\Edge\User Data\Default [2024-05-18]
Edge Extension: (Dokumenty Google offline) - C:\Users\daldo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-27]
Edge Extension: (Edge relevant text changes) - C:\Users\daldo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2019-07-02] (CANON INC.) [File not signed]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\daldo\AppData\Local\Google\Chrome\User Data\Default [2024-05-18]
CHR Notifications: Default -> hxxps://cz.coccodrillo.eu; hxxps://www.vivre.cz
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTabSwitcher.html"
CHR Extension: (Seznam Doplněk – Email) - C:\Users\daldo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2023-10-17]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\daldo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-05-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\daldo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-21]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\daldo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2023-01-13]
CHR Extension: (SearchPreview) - C:\Users\daldo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcjdanpjacpeeppdjkppebobilhaglfo [2022-10-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\daldo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Seznam.cz) - C:\Users\daldo\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2023-08-12]
CHR Extension: (Avast AntiTrack Premium) - C:\Users\daldo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppdidpcihajhihmghhhkfnpklgdehold [2023-09-11]
CHR Profile: C:\Users\daldo\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-06-27]
CHR HKU\S-1-5-21-54108041-3537599779-3304371934-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-54108041-3537599779-3304371934-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
Opera:
=======
OPR Profile: C:\Users\daldo\AppData\Roaming\Opera Software\Opera Stable [2020-12-14]
OPR Extension: (Rich Hints Agent) - C:\Users\daldo\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2020-12-14]
OPR Extension: (Safe Torrent Scanner) - C:\Users\daldo\AppData\Roaming\Opera Software\Opera Stable\Extensions\gpabaecgmgbeapjghcfhohnbljcocknl [2020-12-14]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [9139608 2024-04-02] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [766360 2024-04-02] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [1201560 2024-04-02] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 AvastAntiTrackSvc; C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\AntiTrackSvc.exe [6013848 2024-01-23] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-05-24] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14248120 2024-05-07] (Microsoft Corporation -> Microsoft Corporation)
U2 DCIService; C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe [3413424 2022-04-08] (Lavasoft Software Canada Inc. -> ) <==== ATTENTION
R2 DolbyDAXAPI; C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe [1928648 2020-05-19] (Dolby Laboratories, Inc. -> Dolby Laboratories)
R2 DriverUpdSvc; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [16925592 2024-03-18] (Avast Software s.r.o. -> AVAST Software)
R2 FMAPOService; C:\Windows\System32\FMService64.exe [390400 2020-05-22] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
S2 GoogleUpdaterInternalService126.0.6462.0; C:\Program Files (x86)\Google\GoogleUpdater\126.0.6462.0\updater.exe [4794656 2024-05-06] (Google LLC -> Google LLC)
S2 GoogleUpdaterService126.0.6462.0; C:\Program Files (x86)\Google\GoogleUpdater\126.0.6462.0\updater.exe [4794656 2024-05-06] (Google LLC -> Google LLC)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [241104 2024-05-10] (HP Inc. -> HP Inc.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [443344 2020-05-25] (Canon Inc. -> )
R2 ImControllerService; C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe [34168 2024-03-03] (Lenovo -> Lenovo)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [11154176 2024-04-17] (Logitech Inc -> Logitech, Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2545752 2021-04-09] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3485784 2021-04-09] (Electronic Arts, Inc. -> Electronic Arts)
R2 QcomWlanSrv; C:\Windows\System32\drivers\QcomWlanSrvx64.exe [189768 2022-11-09] (Qualcomm Atheros, Inc. -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-22] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-22] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvltig.inf_amd64_64ea833c46d6bad8\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvltig.inf_amd64_64ea833c46d6bad8\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [20528 2024-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [230448 2024-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [379960 2024-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [292920 2024-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [84536 2024-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [27760 2024-02-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [28728 2024-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [268856 2024-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [548912 2024-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [93752 2024-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [69176 2024-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [935992 2024-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [695864 2024-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [201784 2024-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [306232 2024-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R2 BdDci; C:\Windows\system32\DRIVERS\bddci.sys [367096 2022-04-08] (Bitdefender SRL -> Bitdefender)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dtultrascsibus; C:\Windows\System32\drivers\dtultrascsibus.sys [42256 2020-12-29] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtultrausbbus; C:\Windows\System32\drivers\dtultrausbbus.sys [59344 2020-12-29] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 FBNetFilter; C:\Windows\System32\drivers\FBNetFlt.sys [60784 2023-12-06] (Lenovo -> Lenovo)
R3 H2OFFT; C:\Windows\System32\drivers\H2OFFT64.sys [76616 2021-08-23] (INSYDE SOFTWARE CORP. -> Insyde Software)
R3 hanvonugeemfilter; C:\Windows\System32\drivers\hanvonugeemfilter.sys [9728 2022-04-26] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 logi_generic_hid_filter; C:\Windows\system32\drivers\logi_generic_hid_filter.sys [62288 2022-10-14] (Logitech Inc -> Logitech)
R3 logi_joy_bus_enum; C:\Windows\system32\drivers\logi_joy_bus_enum.sys [44880 2022-10-14] (Logitech Inc -> Logitech)
S3 logi_joy_hid_filter; C:\Windows\system32\drivers\logi_joy_hid_filter.sys [63824 2022-10-14] (Logitech Inc -> Logitech)
S3 logi_joy_hid_lo; C:\Windows\system32\drivers\logi_joy_hid_lo.sys [51536 2022-10-14] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\Windows\system32\drivers\logi_joy_vir_hid.sys [32080 2022-10-14] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\Windows\system32\drivers\logi_joy_xlcore.sys [73040 2022-10-14] (Logitech Inc -> Logitech)
R1 netfilter2; C:\Windows\System32\drivers\netfilter2.sys [124952 2023-09-11] (Avast Software s.r.o. -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [48520 2021-11-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [435424 2021-11-22] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-22] (Microsoft Windows -> Microsoft Corporation)
R3 XPPenTablet; C:\Windows\System32\drivers\XPPenTablet.sys [10752 2022-04-26] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
U1 aswbdisk; no ImagePath
S3 mfeavfk01; \Device\mfeavfk01.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-05-18 08:50 - 2024-05-18 08:51 - 000038070 _____ C:\Users\daldo\Desktop\FRST.txt
2024-05-18 08:50 - 2024-05-18 08:50 - 000000000 ____D C:\FRST
2024-05-18 08:49 - 2024-05-18 08:49 - 002394112 _____ (Farbar) C:\Users\daldo\Desktop\FRST64.exe
2024-05-18 08:41 - 2024-05-18 08:41 - 002532268 _____ C:\Windows\Minidump\051824-10562-01.dmp
2024-05-18 07:34 - 2024-05-18 07:34 - 000000000 ___HD C:\$WinREAgent
2024-05-17 17:15 - 2024-05-17 17:15 - 000002586 _____ C:\Users\daldo\Desktop\Paradox Launcher v2.lnk
2024-05-17 17:15 - 2024-05-17 17:15 - 000000000 ____D C:\Users\daldo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paradox Interactive
2024-05-16 20:07 - 2024-05-17 22:53 - 000071215 _____ C:\Users\daldo\Desktop\MS v hokeji 2024 DOMA_all_test.xlsm
2024-05-15 17:52 - 2024-05-15 17:52 - 000000000 ____D C:\Users\daldo\AppData\LocalLow\IronGate
2024-05-10 12:00 - 2024-05-10 12:00 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2024-05-09 13:43 - 2024-05-09 13:43 - 000000000 ____D C:\Users\daldo\Documents\Warm Lamp Games
2024-05-09 13:43 - 2024-05-09 13:43 - 000000000 ____D C:\Users\daldo\AppData\LocalLow\Warm Lamp Games
2024-04-26 15:05 - 2024-04-26 15:05 - 000000039 _____ C:\Users\daldo\AppData\Local\kritadisplayrc
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-05-18 18:44 - 2019-12-07 11:52 - 000000000 ____D C:\Program Files\Windows Portable Devices
2024-05-18 18:44 - 2019-12-07 11:52 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2024-05-18 18:44 - 2019-12-07 11:52 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2024-05-18 18:44 - 2019-12-07 11:52 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2024-05-18 18:44 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\SysWOW64\F12
2024-05-18 18:44 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2024-05-18 18:44 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\UNP
2024-05-18 18:44 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\F12
2024-05-18 18:44 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2024-05-18 18:44 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\PrintDialog
2024-05-18 18:44 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-05-18 18:44 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2024-05-18 18:44 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2024-05-18 18:44 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2024-05-18 18:44 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2024-05-18 18:44 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2024-05-18 18:44 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2024-05-18 18:44 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2024-05-18 18:44 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\ShellExperiences
2024-05-18 18:44 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup
2024-05-18 18:44 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2024-05-18 18:44 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2024-05-18 18:44 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\migwiz
2024-05-18 18:44 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2024-05-18 18:44 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellExperiences
2024-05-18 18:44 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellComponents
2024-05-18 18:44 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2024-05-18 18:44 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\servicing
2024-05-18 08:51 - 2021-08-28 20:02 - 000000000 ____D C:\Users\daldo\AppData\Roaming\Seznam.cz
2024-05-18 08:48 - 2020-09-19 07:06 - 000000000 ____D C:\ProgramData\NVIDIA
2024-05-18 08:47 - 2023-09-11 21:46 - 000000000 ____D C:\Users\daldo\AppData\Local\AvastAntiTrackPremium
2024-05-18 08:47 - 2021-01-24 21:17 - 000000000 ____D C:\Users\daldo\AppData\Local\SquirrelTemp
2024-05-18 08:47 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-05-18 08:47 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2024-05-18 08:46 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2024-05-18 08:45 - 2020-05-06 20:33 - 000008192 ___SH C:\DumpStack.log.tmp
2024-05-18 08:45 - 2020-05-06 20:33 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-05-18 08:42 - 2023-09-25 20:49 - 000000000 ____D C:\Windows\Minidump
2024-05-18 08:42 - 2019-12-07 11:03 - 001048576 _____ C:\Windows\system32\config\BBI
2024-05-18 08:41 - 2023-09-25 20:49 - 3011751930 _____ C:\Windows\MEMORY.DMP
2024-05-18 08:41 - 2020-05-06 20:33 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-05-18 08:02 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2024-05-18 07:38 - 2020-09-19 07:46 - 000718024 _____ C:\Windows\system32\perfh005.dat
2024-05-18 07:38 - 2020-09-19 07:46 - 000145166 _____ C:\Windows\system32\perfc005.dat
2024-05-18 07:38 - 2020-05-06 20:41 - 001693140 _____ C:\Windows\system32\PerfStringBackup.INI
2024-05-18 00:49 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-05-18 00:49 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2024-05-18 00:35 - 2022-10-14 23:50 - 000000000 ____D C:\Users\daldo\AppData\Local\LGHUB
2024-05-18 00:33 - 2020-12-13 23:04 - 000000000 ____D C:\ProgramData\Avast Software
2024-05-18 00:30 - 2020-12-23 21:57 - 000000000 ____D C:\ProgramData\CanonIJPLM
2024-05-18 00:30 - 2020-12-14 12:50 - 000000000 ____D C:\Users\daldo
2024-05-18 00:30 - 2020-12-13 22:31 - 000000000 ____D C:\Program Files (x86)\Steam
2024-05-17 22:53 - 2021-01-05 10:38 - 000000000 ____D C:\Users\daldo\AppData\Roaming\Microsoft\Excel
2024-05-17 22:52 - 2023-05-26 12:54 - 000070979 _____ C:\Users\daldo\Desktop\MS v hokeji 2024 DOMA_all.xlsm
2024-05-17 22:43 - 2020-12-14 12:59 - 000000000 ____D C:\Users\daldo\AppData\Local\D3DSCache
2024-05-17 22:34 - 2020-12-13 23:05 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2024-05-17 22:34 - 2020-09-19 07:06 - 000003398 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-05-17 22:34 - 2020-09-19 07:06 - 000003196 _____ C:\Windows\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-05-17 22:34 - 2020-09-19 07:06 - 000003152 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-05-17 22:34 - 2020-09-19 07:06 - 000002984 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-05-17 22:34 - 2020-09-19 07:06 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-05-17 22:34 - 2020-09-19 07:06 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-05-17 22:34 - 2020-09-19 07:06 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-05-17 22:34 - 2020-09-19 07:06 - 000002948 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-05-17 22:34 - 2020-09-19 07:06 - 000002914 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-05-17 22:34 - 2020-09-19 07:06 - 000002744 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-05-17 22:34 - 2020-09-19 06:56 - 000003568 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-05-17 22:34 - 2020-09-19 06:56 - 000003344 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-05-17 20:23 - 2020-12-14 16:55 - 000000000 ____D C:\Users\daldo\AppData\Roaming\paradox-launcher-v2
2024-05-17 20:22 - 2020-12-13 22:33 - 000000000 ____D C:\Users\daldo\AppData\Local\Steam
2024-05-17 18:14 - 2022-11-13 15:17 - 000000000 ____D C:\Program Files\RUXIM
2024-05-17 17:15 - 2020-09-19 07:04 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2024-05-17 16:57 - 2021-12-20 08:55 - 000000000 ____D C:\Windows\SystemTemp
2024-05-17 16:57 - 2020-12-14 15:10 - 000000000 ____D C:\Windows\system32\MRT
2024-05-17 16:57 - 2020-12-14 13:05 - 000002258 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-05-17 11:25 - 2020-12-14 15:10 - 196465576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-05-16 19:55 - 2023-01-17 12:03 - 000002285 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-05-16 19:55 - 2020-09-19 06:56 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-05-15 17:56 - 2020-12-14 12:43 - 000000000 ____D C:\ProgramData\Packages
2024-05-10 17:17 - 2020-09-19 06:58 - 000000000 ____D C:\Program Files\Microsoft Office
2024-05-10 13:15 - 2020-12-14 12:59 - 000000000 ____D C:\Users\daldo\AppData\Local\Packages
2024-05-10 12:06 - 2020-12-19 12:07 - 000000000 ____D C:\Users\daldo\Desktop\Dalda
2024-05-08 17:47 - 2020-12-14 23:12 - 000000000 ____D C:\Users\daldo\Desktop\HRY
2024-05-05 10:48 - 2021-01-04 18:03 - 000000000 ____D C:\Users\daldo\AppData\Roaming\Microsoft\Word
2024-05-04 15:51 - 2020-12-14 08:48 - 000000000 ____D C:\Users\daldo\AppData\Local\CrashDumps
2024-04-26 15:05 - 2022-12-30 12:34 - 000022954 _____ C:\Users\daldo\AppData\Local\kritarc
2024-04-26 15:05 - 2022-12-30 12:34 - 000000000 ____D C:\Users\daldo\AppData\Roaming\krita
2024-04-26 15:05 - 2020-12-13 23:13 - 000000000 ____D C:\Users\daldo\Desktop\Sofinka
2024-04-20 16:30 - 2022-12-25 13:49 - 000000000 ____D C:\Users\daldo\Desktop\Sofinka_obrazky
==================== Files in the root of some directories ========
2022-12-30 12:34 - 2024-04-26 14:54 - 000007626 _____ () C:\Users\daldo\AppData\Local\krita-sysinfo.log
2022-12-30 12:34 - 2024-04-26 15:05 - 000058016 _____ () C:\Users\daldo\AppData\Local\krita.log
2022-12-30 12:44 - 2024-04-26 09:27 - 000109734 _____ () C:\Users\daldo\AppData\Local\kritacrash.log
2024-04-26 15:05 - 2024-04-26 15:05 - 000000039 _____ () C:\Users\daldo\AppData\Local\kritadisplayrc
2022-12-30 12:34 - 2024-04-26 15:05 - 000022954 _____ () C:\Users\daldo\AppData\Local\kritarc
2023-06-21 13:11 - 2023-06-21 13:11 - 000000880 _____ () C:\Users\daldo\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19.04.2024 01
Ran by daldo (18-05-2024 08:52:04)
Running from C:\Users\daldo\Desktop
Microsoft Windows 10 Home Version 22H2 19045.4291 (X64) (2020-12-14 10:39:33)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-54108041-3537599779-3304371934-500 - Administrator - Disabled)
daldo (S-1-5-21-54108041-3537599779-3304371934-1001 - Administrator - Enabled) => C:\Users\daldo
DefaultAccount (S-1-5-21-54108041-3537599779-3304371934-503 - Limited - Disabled)
Guest (S-1-5-21-54108041-3537599779-3304371934-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-54108041-3537599779-3304371934-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
7-Zip 22.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-2200-000001000000}) (Version: 22.00.00.0 - Igor Pavlov)
Avast AntiTrack Premium (HKLM-x32\...\AvastAntiTrackPremium) (Version: 3.4.1477.2066 - Avast Software)
Avast Driver Updater (HKLM\...\Avast Driver Updater) (Version: 23.4.4881.16862 - Avast Software)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 24.3.6108 - Avast Software)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1206.2 - AVAST Software) Hidden
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.3.0 - Canon Inc.)
Canon MG3000 series Elektronická příručka (HKLM-x32\...\Canon MG3000 series Elektronická příručka) (Version: 1.3.0 - Canon Inc.)
Canon MG3000 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3000_series) (Version: - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.4 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
DidaktaCZ 1.0.0 (HKLM-x32\...\7e81f6ca-38af-5207-b03c-2ecbe5f1ce8e) (Version: 1.0.0 - SILCOM Multimedia, s.r.o.)
FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version: - Marek Jasinski)
GIMP 2.10.32-1 (HKLM\...\GIMP-2_is1) (Version: 2.10.32 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 125.0.6422.60 - Google LLC)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Krita (x64) 5.1.4 (HKLM\...\Krita_x64) (Version: 5.1.4.100 - Krita Foundation)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 4.0.75.0 - Lenovo Group Ltd.)
Links version 1.0 (HKU\S-1-5-21-54108041-3537599779-3304371934-1001\...\Links_is1) (Version: 1.0 - Links)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2024.3.553733 - Logitech)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.17531.20140 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 124.0.2478.105 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 124.0.2478.97 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-54108041-3537599779-3304371934-1001\...\OneDriveSetup.exe) (Version: 21.002.0104.0005 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Navigation Updater (HKU\S-1-5-21-54108041-3537599779-3304371934-1001\...\{b6200a51-fb7c-4add-ab9c-9c4c6ea070fe}) (Version: 2.2.2.0 - HYUNDAI MOTOR GROUP)
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 472.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 472.19 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Observation v.1.17 (HKLM-x32\...\Observation_is1) (Version: - )
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17425.20146 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17531.20140 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.97.47554 - Electronic Arts, Inc.)
Paradox Launcher v2 (HKLM\...\{992827AC-2312-4B8A-BF33-C5DD19C61CEF}) (Version: 2.4.0 - Paradox Interactive)
Pentablet (HKLM\...\{5DAB8C1A-6D8E-467D-BE62-AC13087AA950}_is1) (Version: 3.3.10.220926 - XPPen Technology)
REDlauncher (HKU\S-1-5-21-54108041-3537599779-3304371934-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - GOG.com)
Seznam Software (HKU\S-1-5-21-54108041-3537599779-3304371934-1001\...\SeznamInstall) (Version: 2.1.35 - Seznam.cz)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.28779 - Microsoft Corporation)
The Sims 4 v.1.59.73.1020 (HKLM-x32\...\The Sims 4_is1) (Version: - )
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{85C69797-7336-4E83-8D97-32A7C8465A3B}) (Version: 8.94.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Web Companion (HKLM-x32\...\{fe5cd11c-74c5-4aab-bbfd-8ca90c9982dc}) (Version: 8.9.0.371 - Lavasoft) <==== ATTENTION
Zoom (HKU\S-1-5-21-54108041-3537599779-3304371934-1001\...\ZoomUMX) (Version: 5.10.0 (4306) - Zoom Video Communications, Inc.)
Packages:
=========
AMD Radeon™ Settings Lite -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.59462344778C5_10.19.40016.0_x64__0a9344xs7nr4m [2020-09-19] (Advanced Micro Devices Inc.)
Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.20602.609.0_x64__rz1tebttyb220 [2020-09-19] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-12-20] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-13] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_153.1.1137.0_x64__v10z8vjag6ke6 [2024-05-10] (HP Inc.)
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2403.25.0_x64__k1h2ywk1493x8 [2024-03-31] (LENOVO INC.)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.6.12.0_x64__5grkq8ppsgwt4 [2024-04-04] (LENOVO INC) [Startup Task]
Microsoft Copilot -> C:\Program Files\WindowsApps\Microsoft.Windows.Ai.Copilot.Provider_1.0.3.0_neutral__8wekyb3d8bbwe [2024-03-29] (Microsoft Corporation)
Microsoft Teams (work or school) -> C:\Program Files\WindowsApps\MSTeams_23306.3315.2560.6525_x64__8wekyb3d8bbwe [2023-12-13] (Microsoft) [Startup Task]
Minecraft Education -> C:\Program Files\WindowsApps\Microsoft.MinecraftEducationEdition_1.20.1305.0_x64__8wekyb3d8bbwe [2024-03-19] (Microsoft Studios)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-04-25] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.12.219.0_x64__dt26b99r8h8gj [2020-09-19] (Realtek Semiconductor Corp)
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.624.521.0_x64__55nm5eh3cm0pr [2024-05-11] (Roblox Corporation)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2023-08-24] (Microsoft Corporation)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0 [2024-05-08] (Spotify AB) [Startup Task]
Vyhledávání na webu z Microsoft Bingu -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.92.0_x64__8wekyb3d8bbwe [2024-04-12] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-54108041-3537599779-3304371934-1001_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> C:\Users\daldo\AppData\Local\Microsoft\OneDrive\21.002.0104.0005\Microsoft.Nucleus.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-54108041-3537599779-3304371934-1001_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> C:\Users\daldo\AppData\Local\Microsoft\OneDrive\21.002.0104.0005\Microsoft.Nucleus.exe (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-04-02] (Avast Software s.r.o. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-04-02] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-06-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-04-02] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-04-02] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-06-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Windows\System32\atiacm64.dll [2021-07-21] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvltig.inf_amd64_64ea833c46d6bad8\nvshext.dll [2023-09-14] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-06-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-04-02] (Avast Software s.r.o. -> Gen Digital Inc.)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-12-23 21:57 - 2020-03-04 17:08 - 000123904 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJPLM\CNMPU.DLL
2020-12-23 22:31 - 2017-07-05 14:43 - 000561152 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\Quick Menu\CCL.dll
2020-12-23 22:31 - 2017-07-05 14:49 - 000593920 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\Quick Menu\CNQMMWRP.dll
2023-09-11 21:46 - 2023-09-11 21:46 - 000180224 _____ (Software Security System) [File not signed] C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\Ekc3220.dll
2021-02-28 09:32 - 2021-02-28 09:31 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2021-02-28 09:32 - 2021-02-28 09:31 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2022-12-25 10:55 - 2022-09-13 11:55 - 001224704 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Pentablet\LIBEAY32.dll
2022-12-25 10:55 - 2022-09-13 11:55 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Pentablet\SSLEAY32.dll
2021-02-28 09:32 - 2021-02-28 09:31 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2021-04-29 14:27 - 2021-02-28 09:31 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2021-04-29 14:27 - 2021-02-28 09:31 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2021-04-29 14:27 - 2021-02-28 09:31 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2021-04-29 14:27 - 2021-02-28 09:31 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2021-04-29 14:27 - 2021-02-28 09:31 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2021-04-29 14:27 - 2021-02-28 09:31 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2022-12-25 10:55 - 2022-04-26 16:20 - 000036352 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\Pentablet\imageformats\qdds.dll
2022-12-25 10:55 - 2022-09-13 11:55 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qgif.dll
2022-12-25 10:55 - 2022-09-13 11:55 - 000033280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qicns.dll
2022-12-25 10:55 - 2022-09-13 11:55 - 000027648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qico.dll
2022-12-25 10:55 - 2022-09-13 11:55 - 000243712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qjpeg.dll
2022-12-25 10:55 - 2022-09-13 11:55 - 000021504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qsvg.dll
2022-12-25 10:55 - 2022-09-13 11:55 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qtga.dll
2022-12-25 10:55 - 2022-09-13 11:55 - 000333824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qtiff.dll
2022-12-25 10:55 - 2022-09-13 11:55 - 000019968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qwbmp.dll
2022-12-25 10:55 - 2022-09-13 11:55 - 000415232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\imageformats\qwebp.dll
2022-12-25 10:55 - 2022-09-13 11:55 - 001064960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\platforms\qwindows.dll
2022-12-25 10:55 - 2022-09-13 11:55 - 004814336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Core.dll
2022-12-25 10:55 - 2022-09-13 11:55 - 004965376 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Gui.dll
2022-12-25 10:55 - 2022-09-13 11:55 - 000930304 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Network.dll
2022-12-25 10:55 - 2022-09-13 11:55 - 000264704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Svg.dll
2022-12-25 10:55 - 2022-09-13 11:55 - 004464640 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Widgets.dll
2022-12-25 10:55 - 2022-09-13 11:55 - 000149504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Pentablet\Qt5Xml.dll
2022-12-25 10:55 - 2022-04-26 16:20 - 000146944 _____ (TODO: <公司名>) [File not signed] C:\Windows\system32\wintab32.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-54108041-3537599779-3304371934-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-54108041-3537599779-3304371934-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-05-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-05-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-05-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-05-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-05-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-05-10] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-05-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-05-10] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-54108041-3537599779-3304371934-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-54108041-3537599779-3304371934-1001\...\sharepoint.com -> hxxps://vixsd-files.sharepoint.com
IE trusted site: HKU\S-1-5-21-54108041-3537599779-3304371934-1001\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2021-08-28 18:11 - 000000866 _____ C:\Windows\system32\drivers\etc\hosts
176.31.104.226 cod2master.activision.com
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-54108041-3537599779-3304371934-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-54108041-3537599779-3304371934-1001\...\StartupApproved\Run: => "Steam"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{94E15789-D4A0-454E-934A-6163A915C80C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3D48E107-9709-4BE7-BA58-16180165AAD0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2DE083C2-1E45-45DA-8FA0-0E0F9DBB57CD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4D43B109-8DB2-45E6-8682-D28779602E9C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3F7E154D-69B0-421E-B473-7E726007EE1E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7ED35879-6F82-4F65-B609-241142DFBA15}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{BEB5105A-5832-482A-ACC1-13E376ED6C80}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings III\launcher\dowser.exe => No File
FirewallRules: [{77E3DD08-B692-4B05-8847-27824849F7A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings III\launcher\dowser.exe => No File
FirewallRules: [{C6FF07D6-A1BD-43C4-92BA-853A8511F2C2}] => (Allow) C:\Users\daldo\AppData\Roaming\uTorrent Web\utweb.exe => No File
FirewallRules: [{1EB8C839-3A05-4328-B378-CAE3C0CE10CF}] => (Allow) C:\Users\daldo\AppData\Roaming\uTorrent Web\utweb.exe => No File
FirewallRules: [{D629F786-0AB0-4C06-9BB8-057BBB88A001}] => (Allow) C:\Users\daldo\AppData\Local\Programs\Opera\73.0.3856.257\opera.exe => No File
FirewallRules: [{04DE552D-4670-43E7-BB08-CC9957186A37}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{DABD5391-1902-4859-B603-FCD8737BA669}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{D145041B-D62A-485B-A9B6-D7D2546FAD4E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planet Zoo\PlanetZoo.exe (Frontier Developments) [File not signed]
FirewallRules: [{1188E255-8018-47FE-BCB5-E58B439EB79B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planet Zoo\PlanetZoo.exe (Frontier Developments) [File not signed]
FirewallRules: [{1C71A1F7-F1A8-4871-9A7B-D331C969EE10}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{48797C86-EE5F-44D7-A30A-368E1F9CB8D6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{9F10076B-9382-4F13-86AC-50504616E49A}C:\program files (x86)\steam\steamapps\common\kards\kards\binaries\win64\kards-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\kards\kards\binaries\win64\kards-win64-shipping.exe => No File
FirewallRules: [UDP Query User{7B988FBB-9985-461A-A188-E05D1A7C9397}C:\program files (x86)\steam\steamapps\common\kards\kards\binaries\win64\kards-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\kards\kards\binaries\win64\kards-win64-shipping.exe => No File
FirewallRules: [TCP Query User{9A46863B-1C74-48CE-A388-0158C5831245}C:\games\the sims 4\game\bin\ts4_x64.exe] => (Block) C:\games\the sims 4\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [UDP Query User{154B7359-A681-492E-9359-0F3E7BA29552}C:\games\the sims 4\game\bin\ts4_x64.exe] => (Block) C:\games\the sims 4\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [TCP Query User{0B461E1D-F001-4835-BE9B-A4AD331F3597}C:\program files (x86)\steam\steamapps\common\battlefield v\bfv.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\battlefield v\bfv.exe => No File
FirewallRules: [UDP Query User{ACD203C7-F2B9-4B07-90A0-518B3533FFA9}C:\program files (x86)\steam\steamapps\common\battlefield v\bfv.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\battlefield v\bfv.exe => No File
FirewallRules: [TCP Query User{27F4D974-91A7-414B-8BA4-0D1206EB7D32}C:\users\daldo\appdata\local\enlisted\launcher.exe] => (Allow) C:\users\daldo\appdata\local\enlisted\launcher.exe => No File
FirewallRules: [UDP Query User{9A4D7610-9E12-4B6F-B277-4915AF4E5196}C:\users\daldo\appdata\local\enlisted\launcher.exe] => (Allow) C:\users\daldo\appdata\local\enlisted\launcher.exe => No File
FirewallRules: [TCP Query User{12200253-513E-4CA0-BDB3-CAAD49AC5D22}C:\games\anno 1800\bin\win64\anno1800.exe] => (Allow) C:\games\anno 1800\bin\win64\anno1800.exe => No File
FirewallRules: [UDP Query User{ADAD612A-5209-4774-9721-AEC9C36C75EB}C:\games\anno 1800\bin\win64\anno1800.exe] => (Allow) C:\games\anno 1800\bin\win64\anno1800.exe => No File
FirewallRules: [TCP Query User{0F25EA69-44C9-439D-8EA6-8E11C7472FF2}C:\games\the sims 4\game\bin\ts4_x64.exe] => (Allow) C:\games\the sims 4\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [UDP Query User{FE3686E6-F584-4691-93CF-6A2AF187DF9C}C:\games\the sims 4\game\bin\ts4_x64.exe] => (Allow) C:\games\the sims 4\game\bin\ts4_x64.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [TCP Query User{6C847499-1300-4AD7-8FAA-BBB351638526}C:\program files (x86)\call of duty 2\cod2mp_s.exe] => (Allow) C:\program files (x86)\call of duty 2\cod2mp_s.exe => No File
FirewallRules: [UDP Query User{37721A85-06A9-474B-AE9F-6702CBC39A43}C:\program files (x86)\call of duty 2\cod2mp_s.exe] => (Allow) C:\program files (x86)\call of duty 2\cod2mp_s.exe => No File
FirewallRules: [TCP Query User{E6CBB938-A094-4A29-8C1A-C45E0127B9D1}C:\games\medal of honor russian version\mohaa.exe] => (Allow) C:\games\medal of honor russian version\mohaa.exe => No File
FirewallRules: [UDP Query User{B49593FC-D1D2-4F8F-B1F7-A88B65C5F2D6}C:\games\medal of honor russian version\mohaa.exe] => (Allow) C:\games\medal of honor russian version\mohaa.exe => No File
FirewallRules: [TCP Query User{45C3E00F-C521-49A4-816B-77C093472B96}C:\games\anno 1800\bin\win64\anno1800.exe] => (Block) C:\games\anno 1800\bin\win64\anno1800.exe => No File
FirewallRules: [UDP Query User{05042700-3302-4DD4-818D-DD1DAD7DD78B}C:\games\anno 1800\bin\win64\anno1800.exe] => (Block) C:\games\anno 1800\bin\win64\anno1800.exe => No File
FirewallRules: [TCP Query User{F93C5428-5467-42FC-A017-ACC24CBCA6BB}C:\program files (x86)\wolfenstein - enemy territory\et.exe] => (Allow) C:\program files (x86)\wolfenstein - enemy territory\et.exe => No File
FirewallRules: [UDP Query User{1D994FA0-6DD7-4428-A3CE-EBAA38711F1F}C:\program files (x86)\wolfenstein - enemy territory\et.exe] => (Allow) C:\program files (x86)\wolfenstein - enemy territory\et.exe => No File
FirewallRules: [TCP Query User{5D9024B9-AB7D-44C5-8C80-59D0F154AD4A}C:\users\daldo\onedrive\desktop\dalda\hry\quake 3 arena\quake3.exe] => (Allow) C:\users\daldo\onedrive\desktop\dalda\hry\quake 3 arena\quake3.exe () [File not signed]
FirewallRules: [UDP Query User{713D598D-6712-42FC-A54D-2EEC88A6034F}C:\users\daldo\onedrive\desktop\dalda\hry\quake 3 arena\quake3.exe] => (Allow) C:\users\daldo\onedrive\desktop\dalda\hry\quake 3 arena\quake3.exe () [File not signed]
FirewallRules: [{86D45FD6-A750-4066-B4EE-F4FBF26B7B00}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{6420E002-CACA-4DB6-862E-76FEBADAF721}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [TCP Query User{45CD0907-C0C5-4DDD-85BA-0213F35145A1}C:\games\age of empires iv\reliccardinal.exe] => (Allow) C:\games\age of empires iv\reliccardinal.exe => No File
FirewallRules: [UDP Query User{00923CF1-7405-42FC-9C03-69B5932272D9}C:\games\age of empires iv\reliccardinal.exe] => (Allow) C:\games\age of empires iv\reliccardinal.exe => No File
FirewallRules: [{C6D3D1D2-5FDE-4DC1-9C10-1DF375CBDC7E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7C3372CB-F78D-4F47-876A-956890566640}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B2933FBD-9C1E-478A-8A6E-44A92AAFF82B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B76AAFDD-641D-4FD5-9F88-DCA168EFDE4E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EE3F5F9F-76F7-46B1-843B-F593266E913F}] => (Allow) C:\Users\daldo\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{3F93D942-E643-4AFE-8345-235D5A72A0A0}] => (Allow) C:\Users\daldo\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{461BA2B6-20B8-4DC1-873A-B0FF4FCFAB5A}] => (Allow) C:\Users\daldo\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [TCP Query User{6C55B52F-4567-48E6-AF58-6702E6F93543}C:\program files (x86)\steam\steamapps\common\kards\kards\binaries\win64\kards-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\kards\kards\binaries\win64\kards-win64-shipping.exe => No File
FirewallRules: [UDP Query User{435658B1-F29D-48A5-8013-289E0B905638}C:\program files (x86)\steam\steamapps\common\kards\kards\binaries\win64\kards-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\kards\kards\binaries\win64\kards-win64-shipping.exe => No File
FirewallRules: [{893C5620-3B89-4B6A-98C6-14BB8DB0445D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings III\launcher\dowser.exe => No File
FirewallRules: [{8AE3CF5E-3656-4971-B274-6A50CC62B0B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crusader Kings III\launcher\dowser.exe => No File
FirewallRules: [{268F7512-2EA9-4EF6-AEEE-786B39057E86}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [{EC8A66CD-4EC6-4631-B8C8-2B5FD2A2C48F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe => No File
FirewallRules: [{443809A6-2042-417E-B1DF-AA06CBB0C1D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [{0DE6F76E-1235-41DF-9667-3C4B3FA45348}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe => No File
FirewallRules: [TCP Query User{56064F6D-C8AA-4C43-A210-4F680F2BB954}C:\program files (x86)\steam\steamapps\common\the vanishing of ethan carter redux\ethancarter\binaries\win64\ethancarter-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the vanishing of ethan carter redux\ethancarter\binaries\win64\ethancarter-win64-shipping.exe => No File
FirewallRules: [UDP Query User{0F49BDB8-B9EE-4D84-97E8-924A941DBAF1}C:\program files (x86)\steam\steamapps\common\the vanishing of ethan carter redux\ethancarter\binaries\win64\ethancarter-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the vanishing of ethan carter redux\ethancarter\binaries\win64\ethancarter-win64-shipping.exe => No File
FirewallRules: [{05710458-4102-4EF4-A73F-947E4E0959C4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{33D4E8C2-D3BB-4552-AC5D-9D36330DDD74}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spore\SporeBin\SporeApp.exe (Maxis, a division of Electronic Arts Inc.) [File not signed]
FirewallRules: [{32D52497-69FD-41DF-98B3-A7D4FE00DAEF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spore\SporeBin\SporeApp.exe (Maxis, a division of Electronic Arts Inc.) [File not signed]
FirewallRules: [{0DA376FB-9383-453B-ABE3-484D749372D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Five Nights at Freddy's\FiveNightsatFreddys.exe () [File not signed]
FirewallRules: [{65720530-3600-490B-B395-27D5BC0BDB01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Five Nights at Freddy's\FiveNightsatFreddys.exe () [File not signed]
FirewallRules: [{BB715049-F234-406C-B5A9-85ECCCD57B2D}] => (Allow) C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe (Avast Software s.r.o. -> The CefSharp Authors)
FirewallRules: [{35C05AFE-2A6B-4A59-8E17-3516DF234EB9}] => (Allow) C:\Program Files (x86)\Avast Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe (Avast Software s.r.o. -> The CefSharp Authors)
FirewallRules: [{F9B078A3-7CD2-460C-AFB8-0005A99EB728}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Machinarium\Machinarium.exe (Amanita Design) [File not signed]
FirewallRules: [{919BBAF9-9803-4893-9ABC-0545F26B2459}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Machinarium\Machinarium.exe (Amanita Design) [File not signed]
FirewallRules: [{B2C5BB85-013B-47FA-9E03-67C8EF5356C5}] => (Allow) C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{9EFD27AF-2E6D-464F-87A3-79266731F191}] => (Allow) C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{24893ABF-EAD3-4E1C-84B9-DF39A7E9E04F}] => (Allow) C:\Program Files\WindowsApps\MSTeams_23306.3315.2560.6525_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E4D708F7-F630-432E-9FBC-49CCFDD8D481}] => (Allow) C:\Program Files\WindowsApps\MSTeams_23306.3315.2560.6525_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8BCDC2ED-FDAE-435E-B6F5-79CE027D7474}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SovietRepublic\SETUPAPPLICATION SOVIET.exe (3DIVISION) [File not signed]
FirewallRules: [{5A8D0ED2-11FE-4C6A-82D0-F1BD892F24DC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SovietRepublic\SETUPAPPLICATION SOVIET.exe (3DIVISION) [File not signed]
FirewallRules: [{89B5E15D-4D2B-4C09-84AE-BF9AC9D10C03}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ArmyOfRuin\ArmyOfRuin.exe () [File not signed]
FirewallRules: [{20472698-4728-4DF9-9F47-6368CBB46DF4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ArmyOfRuin\ArmyOfRuin.exe () [File not signed]
FirewallRules: [{86CB8DA8-03BF-455D-93D9-293CF65F9CFF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.MinecraftEducationEdition_1.20.1305.0_x64__8wekyb3d8bbwe\Minecraft.Windows.exe (Microsoft Corporation -> )
FirewallRules: [{049E0AE5-42E1-430D-91FF-7319BA7D36F7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.MinecraftEducationEdition_1.20.1305.0_x64__8wekyb3d8bbwe\Minecraft.Windows.exe (Microsoft Corporation -> )
FirewallRules: [{67CC4258-26F3-4104-8C0E-F9DAC31FC8F4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{69971483-3D2E-42AF-BA3B-129103E3D12E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{04881067-EBB5-496A-AAA1-A6993DFD016E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F8099A91-47F4-4C01-96F9-BE240F50BDD7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5CEB8359-B06D-4A23-BE4C-E189374E9070}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{33A4367D-C8F1-4F2B-8DAD-9C1A7349FFE5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{07F584E7-56D8-4345-BA3D-66D9F83B448F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4081A432-5546-445F-A68C-8540D75CA010}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{FB3A2C7A-12F6-48C0-85B1-91CD4E85EB54}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{779F9AF5-D93F-4791-8DF2-4E78E44E6AC8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{40712215-2F3D-4884-89E4-D61DBC7821A5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D1422400-34D9-435D-98DF-92ED01AA16F7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.237.701.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [TCP Query User{87CED7F2-2AB2-4571-9061-AF8DA98B6134}C:\program files (x86)\steam\steamapps\common\medieval dynasty\medieval_dynasty\binaries\win64\medieval_dynasty-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\medieval dynasty\medieval_dynasty\binaries\win64\medieval_dynasty-win64-shipping.exe => No File
FirewallRules: [UDP Query User{10BE5A81-0679-4488-A005-A6CD01119F5F}C:\program files (x86)\steam\steamapps\common\medieval dynasty\medieval_dynasty\binaries\win64\medieval_dynasty-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\medieval dynasty\medieval_dynasty\binaries\win64\medieval_dynasty-win64-shipping.exe => No File
FirewallRules: [{05985A37-AA1A-4650-970E-CF92896EC1E9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.119.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6F736555-861C-43B0-A90F-A4676818AF19}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.119.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0303FC58-3284-4A01-9F1B-BAB7B961F1CF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.119.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2643FDBA-951B-4FC7-8636-D1E48D35991E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.119.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E79CB818-0EF4-483B-9AF7-223B3101E1DC}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.97\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D7DCA455-DB00-4995-B19D-7F465202FAE6}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
17-05-2024 18:14:51 Instalační služba modulů systému Windows
17-05-2024 18:16:44 Instalační služba modulů systému Windows
17-05-2024 18:37:19 Instalační služba modulů systému Windows
18-05-2024 07:57:16 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (05/18/2024 08:46:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: WebCompanion.exe, verze: 8.9.0.992, časové razítko: 0x65607ba5
Název chybujícího modulu: KERNELBASE.dll, verze: 6.2.19041.4291, časové razítko: 0x9a786c8a
Kód výjimky: 0xe0434f4d
Posun chyby: 0x0013fae2
ID chybujícího procesu: 0x%9
Čas spuštění chybující aplikace: 0xWebCompanion.exe0
Cesta k chybující aplikaci: WebCompanion.exe1
Cesta k chybujícímu modulu: WebCompanion.exe2
ID zprávy: WebCompanion.exe3
Úplný název chybujícího balíčku: WebCompanion.exe4
ID aplikace související s chybujícím balíčkem: WebCompanion.exe5
Error: (05/18/2024 08:45:22 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\KALOUSEK-NTB$ přes https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sat, 18 May 2024 06:45:21 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 6295d562-912b-4e4e-80ce-471dd8659894
Metoda: GET(500ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (05/18/2024 12:35:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: WebCompanion.exe, verze: 8.9.0.992, časové razítko: 0x65607ba5
Název chybujícího modulu: KERNELBASE.dll, verze: 6.2.19041.4291, časové razítko: 0x9a786c8a
Kód výjimky: 0xe0434f4d
Posun chyby: 0x0013fae2
ID chybujícího procesu: 0x%9
Čas spuštění chybující aplikace: 0xWebCompanion.exe0
Cesta k chybující aplikaci: WebCompanion.exe1
Cesta k chybujícímu modulu: WebCompanion.exe2
ID zprávy: WebCompanion.exe3
Úplný název chybujícího balíčku: WebCompanion.exe4
ID aplikace související s chybujícím balíčkem: WebCompanion.exe5
Error: (05/18/2024 12:34:07 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\KALOUSEK-NTB$ přes https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Fri, 17 May 2024 22:34:07 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: e0ce10d5-d65e-42bc-a192-bef935146f29
Metoda: GET(563ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (05/17/2024 06:38:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: WebCompanion.exe, verze: 8.9.0.992, časové razítko: 0x65607ba5
Název chybujícího modulu: KERNELBASE.dll, verze: 6.2.19041.4291, časové razítko: 0x9a786c8a
Kód výjimky: 0xe0434f4d
Posun chyby: 0x0013fae2
ID chybujícího procesu: 0x%9
Čas spuštění chybující aplikace: 0xWebCompanion.exe0
Cesta k chybující aplikaci: WebCompanion.exe1
Cesta k chybujícímu modulu: WebCompanion.exe2
ID zprávy: WebCompanion.exe3
Úplný název chybujícího balíčku: WebCompanion.exe4
ID aplikace související s chybujícím balíčkem: WebCompanion.exe5
Error: (05/17/2024 06:32:33 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\KALOUSEK-NTB$ přes https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Fri, 17 May 2024 16:32:33 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 3b72cab9-825f-4469-9582-dae16e37fa68
Metoda: GET(375ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (05/14/2024 06:21:36 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 12) (User: KALOUSEK-NTB)
Description: Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy-2147023878
Error: (05/04/2024 03:51:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: backgroundTaskHost.exe, verze: 10.0.19041.3636, časové razítko: 0xe9186526
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.4239, časové razítko: 0xad5435e9
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000ff349
ID chybujícího procesu: 0x47dc
Čas spuštění chybující aplikace: 0x01da9b0ed749405c
Cesta k chybující aplikaci: C:\Windows\system32\backgroundTaskHost.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: 0feb1a59-83e5-4330-b27b-0ce0439a9e31
Úplný název chybujícího balíčku: E046963F.LenovoCompanion_10.2403.25.0_x64__k1h2ywk1493x8
ID aplikace související s chybujícím balíčkem: App
System errors:
=============
Error: (05/18/2024 08:47:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (05/18/2024 08:47:19 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).
Error: (05/18/2024 08:46:41 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x800f0845): 2024-05 Kumulativní aktualizace pro Windows 10 Version 22H2 pro systémy typu x64 (KB5037768).
Error: (05/18/2024 08:42:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba DriverUpdSvc neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (05/18/2024 08:42:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AvastAntiTrackSvc neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (05/18/2024 08:42:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba ClickToRunSvc neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (05/18/2024 08:42:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba GoogleUpdaterInternalService126.0.6462.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (05/18/2024 08:42:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba GoogleUpdaterService126.0.6462.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Windows Defender:
================
Date: 2021-11-23 20:47:10
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {6BED8BA4-6E10-4A9E-BF6B-D13BF624F62D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-03-04 10:11:05
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {45B7B1BE-90BF-4020-8DAA-21F753EFE38B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-03-03 09:57:26
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {7A1AB36C-D2BD-4768-B406-44373437532A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-03-02 10:22:23
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {62F829D7-7360-4770-AB04-35D84449E064}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-03-01 09:30:44
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5B041852-551E-4BD2-9256-327C93784061}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
CodeIntegrity:
===============
Date: 2024-05-18 08:47:19
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2024-05-18 08:46:16
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO FCCN15WW 12/23/2020
Motherboard: LENOVO LNVNB161216
Processor: AMD Ryzen 5 4600H with Radeon Graphics
Percentage of memory in use: 41%
Total physical RAM: 15741.32 MB
Available physical RAM: 9262.14 MB
Total Virtual: 21629.32 MB
Available Virtual: 12538.42 MB
==================== Drives ================================
Drive c: (Windows-SSD) (Fixed) (Total:475.69 GB) (Free:102.22 GB) (Model: SKHynix_HFM512GDHTNI-87A0B) NTFS
\\?\Volume{18bf5320-b8f5-44fd-ae5d-b43296aa61a6}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.39 GB) NTFS
\\?\Volume{a3e741d8-c9eb-41b2-9050-d95cab8572d3}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: AFF98664)
Partition: GPT.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Modrá smrt - kontrola logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Modrá smrt - kontrola logu
Ahoj,
su tam drobne breberky
Vycisti PC s Adwcleanerom a MBAM - logy sem
su tam drobne breberky
Vycisti PC s Adwcleanerom a MBAM - logy sem
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Modrá smrt - kontrola logu
Zde logy. Zatim jsem provedl jen sken, nic jsem nemazal a necistil.
# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build: 03-04-2024
# Database: 2024-03-04.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 05-18-2024
# Duration: 00:00:04
# OS: Windows 10 (Build 19045.4291)
# Scanned: 32107
# Detected: 34
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
PUP.Optional.Seznam.cz C:\Program Files (x86)\Seznam.cz
PUP.Optional.Seznam.cz C:\Users\daldo\AppData\Roaming\Seznam.cz
PUP.Optional.WebCompanion C:\Program Files (x86)\Lavasoft\Web Companion
PUP.Optional.WebCompanion C:\ProgramData\Application Data\Lavasoft\Web Companion
PUP.Optional.WebCompanion C:\ProgramData\Lavasoft\Web Companion
PUP.Optional.WebCompanion C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
PUP.Optional.WebCompanion C:\Users\daldo\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG
PUP.Optional.WebCompanion C:\Users\daldo\AppData\Roaming\Lavasoft\Web Companion
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Adware.Heuristic HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{fe5cd11c-74c5-4aab-bbfd-8ca90c9982dc}|DisplayIcon
PUP.Adware.Heuristic HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{fe5cd11c-74c5-4aab-bbfd-8ca90c9982dc}|DisplayName
PUP.Adware.Heuristic HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{fe5cd11c-74c5-4aab-bbfd-8ca90c9982dc}|UninstallString
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.autoupdate
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
PUP.Optional.Seznam.cz HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
PUP.Optional.Seznam.cz HKCU\Software\Seznam.cz
PUP.Optional.Seznam.cz HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
PUP.Optional.Seznam.cz HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce
PUP.Optional.WebCompanion HKCU\Software\Lavasoft\Web Companion
PUP.Optional.WebCompanion HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Lavasoft\Web Companion
PUP.Optional.WebCompanion HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
***** [ Chromium (and derivatives) ] *****
PUP.Optional.Seznam.cz Seznam Doplněk – Email - bgjpfhpjcgdppjbgnpnjllokbmcdllig
PUP.Optional.Seznam.cz Seznam Doplněk – Esko - olfeabkoenfaoljndfecamgilllcpiak
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Users\daldo\AppData\Local\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
Malwarebytes
www.malwarebytes.com
-Log Details-
Scan Date: 5/18/2024
Scan Time: 9:14 AM
Log File: 45334a4c-14e6-11ef-a18a-803049a697c2.json
-Software Information-
Version: 5.1.4.112
Components Version: 1.0.1233
Update Package Version: 1.0.84819
License: Trial
-System Information-
OS: Windows 10 (Build 19045.4291)
CPU: x64
File System: NTFS
User: Kalousek-NTB\daldo
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 247595
Threats Detected: 16
Threats Quarantined: 0
Time Elapsed: 2 min, 3 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
File system: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 3
Trojan.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Microsoft\Windows\NetFramework\Microsoft .NET Framework, No Action By User, 478, 1221292, 1.0.84819, , ame, , ,
Trojan.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{CDFBECFD-AEBE-4A2E-91BE-1A44C0C61100}, No Action By User, 478, 1221292, 1.0.84819, , ame, , ,
Trojan.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{CDFBECFD-AEBE-4A2E-91BE-1A44C0C61100}, No Action By User, 478, 1221292, 1.0.84819, , ame, , ,
Registry Value: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 13
Trojan.BitCoinMiner, C:\WINDOWS\SYSTEM32\TASKS\Microsoft\Windows\NetFramework\Microsoft .NET Framework, No Action By User, 478, 1221292, 1.0.84819, , ame, , 8622F817F0B5A1719ED7C751F3D796BC, 6B8541A53A3A8CE330D1B232D8DD8FD31EDD1DD5D8B0855152FAE969C5AE0436
Trojan.WMIHijacker, C:\USERS\DALDO\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\WORLD OF TANKS.LNK, No Action By User, 6322, 514947, 1.0.84819, , ame, , 85E05EA192E89B522FB85889D4476F8B, 18CEEE32B23731ED4036933A1E20E9975CED11687D64DBB1CBDA39C4152E9107
Trojan.WMIHijacker, C:\USERS\DALDO\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\CROSSOUT.LNK, No Action By User, 6322, 514947, 1.0.84819, , ame, , D8B30D35E7EC0A171402408E72A4AD2E, 30B8452FEC8DD50F2570FBC26F49BB5CA6463C37259EAD2AAFC972182335EE77
Trojan.WMIHijacker, C:\USERS\DALDO\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\BLOOD AND SOUL.LNK, No Action By User, 6322, 514947, 1.0.84819, , ame, , 15F41FBA0073846C35619D6A80DB3CE3, DE9DF316E85D667F51C2E08555854AFAD188A2A38C99716ED0E54FF6BA47F0D0
Trojan.WMIHijacker, C:\USERS\DALDO\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\WORLD OF WARSHIPS.LNK, No Action By User, 6322, 514947, 1.0.84819, , ame, , CC74F9C16D6D816179ED3838AF0EBECF, 425D25E061CBAB5624D2258A9F1D366F7BEFEA10AAC81E7940174323F8535F79
PUP.Optional.BundleInstaller.DDS, C:\USERS\DALDO\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46590.EXE, No Action By User, 1000002, 0, 1.0.84819, B980C6209754A622661C1298, dds, 02828469, 4B4149C544EA79ACCC7CB55015FCC0FA, 761BE1C00F156CAA8D04DB5BD0E2F7B3F12FD0B4B9F29BD4E0AF13125F2E4646
Trojan.WMIHijacker, C:\USERS\DALDO\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\RAIL NATION.LNK, No Action By User, 6322, 514947, 1.0.84819, , ame, , B93D2470FF99E64C5EF360B486362A56, BB61369E6454ADC244A1EC088DAD21241DA13DF14A799731C27E4A11C2C34E15
PUP.Optional.BundleInstaller.DDS, C:\USERS\DALDO\APPDATA\ROAMING\UTORRENT\UPDATES\UTORRENT.EXE, No Action By User, 1000002, 0, 1.0.84819, B980C6209754A622661C1298, dds, 02828469, 06F659E92A757AEC084403EC483E3D55, 98053C48D68FDCBFCE8905C70305F2AD69CC2775691106D321A52E09BC64F983
Trojan.WMIHijacker, C:\USERS\DALDO\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\WAR THUNDER.LNK, No Action By User, 6322, 514947, 1.0.84819, , ame, , 495F4AF7712218970A8338C1EDCBC1E3, E72D469A03081E6472EFD577F84BE54838669E998DA3AD30FA8979EC979165ED
Trojan.WMIHijacker, C:\USERS\DALDO\DESKTOP\HRY\WORLD OF TANKS.LNK, No Action By User, 6322, 514947, 1.0.84819, , ame, , 24C9BD56543E9D19396DD24D301C9490, A57436F3277007BC3CA939AB38418469758A47AB68FE35BDA7783E1F06AB8A2C
Trojan.WMIHijacker, C:\USERS\DALDO\DESKTOP\HRY\WAR THUNDER.LNK, No Action By User, 6322, 514947, 1.0.84819, , ame, , CBCBC299B9F72265D5400FAF41AC2975, AD75401A349C589577A2E03F63A159DCF46FDC9F84BBF2635B519B71390586DE
Trojan.WMIHijacker, C:\USERS\DALDO\DESKTOP\HRY\CROSSOUT.LNK, No Action By User, 6322, 514947, 1.0.84819, , ame, , 8E2A63377DF53695CA66F9DE216901C4, F0C28DB0C5C12F8A70373107B66E508B8D6268433870F33FB5D037311C79054D
Trojan.WMIHijacker, C:\USERS\DALDO\DESKTOP\HRY\WORLD OF WARSHIPS.LNK, No Action By User, 6322, 514947, 1.0.84819, , ame, , 667CCC1D5195FB14ED7956F4E924433A, 05062051752A1F6180F44D71DE093970BB0DCE7435B7A0EA7FF3355987B8075D
Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build: 03-04-2024
# Database: 2024-03-04.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 05-18-2024
# Duration: 00:00:04
# OS: Windows 10 (Build 19045.4291)
# Scanned: 32107
# Detected: 34
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
PUP.Optional.Seznam.cz C:\Program Files (x86)\Seznam.cz
PUP.Optional.Seznam.cz C:\Users\daldo\AppData\Roaming\Seznam.cz
PUP.Optional.WebCompanion C:\Program Files (x86)\Lavasoft\Web Companion
PUP.Optional.WebCompanion C:\ProgramData\Application Data\Lavasoft\Web Companion
PUP.Optional.WebCompanion C:\ProgramData\Lavasoft\Web Companion
PUP.Optional.WebCompanion C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
PUP.Optional.WebCompanion C:\Users\daldo\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG
PUP.Optional.WebCompanion C:\Users\daldo\AppData\Roaming\Lavasoft\Web Companion
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Adware.Heuristic HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{fe5cd11c-74c5-4aab-bbfd-8ca90c9982dc}|DisplayIcon
PUP.Adware.Heuristic HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{fe5cd11c-74c5-4aab-bbfd-8ca90c9982dc}|DisplayName
PUP.Adware.Heuristic HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{fe5cd11c-74c5-4aab-bbfd-8ca90c9982dc}|UninstallString
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.autoupdate
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
PUP.Optional.Seznam.cz HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
PUP.Optional.Seznam.cz HKCU\Software\Seznam.cz
PUP.Optional.Seznam.cz HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
PUP.Optional.Seznam.cz HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce
PUP.Optional.WebCompanion HKCU\Software\Lavasoft\Web Companion
PUP.Optional.WebCompanion HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Lavasoft\Web Companion
PUP.Optional.WebCompanion HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
***** [ Chromium (and derivatives) ] *****
PUP.Optional.Seznam.cz Seznam Doplněk – Email - bgjpfhpjcgdppjbgnpnjllokbmcdllig
PUP.Optional.Seznam.cz Seznam Doplněk – Esko - olfeabkoenfaoljndfecamgilllcpiak
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Users\daldo\AppData\Local\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
Malwarebytes
www.malwarebytes.com
-Log Details-
Scan Date: 5/18/2024
Scan Time: 9:14 AM
Log File: 45334a4c-14e6-11ef-a18a-803049a697c2.json
-Software Information-
Version: 5.1.4.112
Components Version: 1.0.1233
Update Package Version: 1.0.84819
License: Trial
-System Information-
OS: Windows 10 (Build 19045.4291)
CPU: x64
File System: NTFS
User: Kalousek-NTB\daldo
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 247595
Threats Detected: 16
Threats Quarantined: 0
Time Elapsed: 2 min, 3 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
File system: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 3
Trojan.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Microsoft\Windows\NetFramework\Microsoft .NET Framework, No Action By User, 478, 1221292, 1.0.84819, , ame, , ,
Trojan.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{CDFBECFD-AEBE-4A2E-91BE-1A44C0C61100}, No Action By User, 478, 1221292, 1.0.84819, , ame, , ,
Trojan.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\LOGON\{CDFBECFD-AEBE-4A2E-91BE-1A44C0C61100}, No Action By User, 478, 1221292, 1.0.84819, , ame, , ,
Registry Value: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 13
Trojan.BitCoinMiner, C:\WINDOWS\SYSTEM32\TASKS\Microsoft\Windows\NetFramework\Microsoft .NET Framework, No Action By User, 478, 1221292, 1.0.84819, , ame, , 8622F817F0B5A1719ED7C751F3D796BC, 6B8541A53A3A8CE330D1B232D8DD8FD31EDD1DD5D8B0855152FAE969C5AE0436
Trojan.WMIHijacker, C:\USERS\DALDO\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\WORLD OF TANKS.LNK, No Action By User, 6322, 514947, 1.0.84819, , ame, , 85E05EA192E89B522FB85889D4476F8B, 18CEEE32B23731ED4036933A1E20E9975CED11687D64DBB1CBDA39C4152E9107
Trojan.WMIHijacker, C:\USERS\DALDO\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\CROSSOUT.LNK, No Action By User, 6322, 514947, 1.0.84819, , ame, , D8B30D35E7EC0A171402408E72A4AD2E, 30B8452FEC8DD50F2570FBC26F49BB5CA6463C37259EAD2AAFC972182335EE77
Trojan.WMIHijacker, C:\USERS\DALDO\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\BLOOD AND SOUL.LNK, No Action By User, 6322, 514947, 1.0.84819, , ame, , 15F41FBA0073846C35619D6A80DB3CE3, DE9DF316E85D667F51C2E08555854AFAD188A2A38C99716ED0E54FF6BA47F0D0
Trojan.WMIHijacker, C:\USERS\DALDO\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\WORLD OF WARSHIPS.LNK, No Action By User, 6322, 514947, 1.0.84819, , ame, , CC74F9C16D6D816179ED3838AF0EBECF, 425D25E061CBAB5624D2258A9F1D366F7BEFEA10AAC81E7940174323F8535F79
PUP.Optional.BundleInstaller.DDS, C:\USERS\DALDO\APPDATA\ROAMING\UTORRENT\UPDATES\3.6.0_46590.EXE, No Action By User, 1000002, 0, 1.0.84819, B980C6209754A622661C1298, dds, 02828469, 4B4149C544EA79ACCC7CB55015FCC0FA, 761BE1C00F156CAA8D04DB5BD0E2F7B3F12FD0B4B9F29BD4E0AF13125F2E4646
Trojan.WMIHijacker, C:\USERS\DALDO\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\RAIL NATION.LNK, No Action By User, 6322, 514947, 1.0.84819, , ame, , B93D2470FF99E64C5EF360B486362A56, BB61369E6454ADC244A1EC088DAD21241DA13DF14A799731C27E4A11C2C34E15
PUP.Optional.BundleInstaller.DDS, C:\USERS\DALDO\APPDATA\ROAMING\UTORRENT\UPDATES\UTORRENT.EXE, No Action By User, 1000002, 0, 1.0.84819, B980C6209754A622661C1298, dds, 02828469, 06F659E92A757AEC084403EC483E3D55, 98053C48D68FDCBFCE8905C70305F2AD69CC2775691106D321A52E09BC64F983
Trojan.WMIHijacker, C:\USERS\DALDO\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\WAR THUNDER.LNK, No Action By User, 6322, 514947, 1.0.84819, , ame, , 495F4AF7712218970A8338C1EDCBC1E3, E72D469A03081E6472EFD577F84BE54838669E998DA3AD30FA8979EC979165ED
Trojan.WMIHijacker, C:\USERS\DALDO\DESKTOP\HRY\WORLD OF TANKS.LNK, No Action By User, 6322, 514947, 1.0.84819, , ame, , 24C9BD56543E9D19396DD24D301C9490, A57436F3277007BC3CA939AB38418469758A47AB68FE35BDA7783E1F06AB8A2C
Trojan.WMIHijacker, C:\USERS\DALDO\DESKTOP\HRY\WAR THUNDER.LNK, No Action By User, 6322, 514947, 1.0.84819, , ame, , CBCBC299B9F72265D5400FAF41AC2975, AD75401A349C589577A2E03F63A159DCF46FDC9F84BBF2635B519B71390586DE
Trojan.WMIHijacker, C:\USERS\DALDO\DESKTOP\HRY\CROSSOUT.LNK, No Action By User, 6322, 514947, 1.0.84819, , ame, , 8E2A63377DF53695CA66F9DE216901C4, F0C28DB0C5C12F8A70373107B66E508B8D6268433870F33FB5D037311C79054D
Trojan.WMIHijacker, C:\USERS\DALDO\DESKTOP\HRY\WORLD OF WARSHIPS.LNK, No Action By User, 6322, 514947, 1.0.84819, , ame, , 667CCC1D5195FB14ED7956F4E924433A, 05062051752A1F6180F44D71DE093970BB0DCE7435B7A0EA7FF3355987B8075D
Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
Re: Modrá smrt - kontrola logu
vsetko najdene v MBAM nechaj zmazat - restart -
prescanuj s ADWCleanerom a Zmaz vsetko okrem preinstalled
prescanuj s ADWCleanerom a Zmaz vsetko okrem preinstalled
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Modrá smrt - kontrola logu
OK...hotovo...mám poslat nějaký log na dalsi kontrolu?
Re: Modrá smrt - kontrola logu
Nemusis, zatial to sleduj, ak by nieco podozrive posli logy FRST
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Modrá smrt - kontrola logu
Diky moc...preju fajn vikend.
Re: Modrá smrt - kontrola logu
aj Tebe 
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Přispějete na provoz fóra?