Ahoj, omlouvám se za pozdní odpověď byl jsem na operaci.
Za příspěvek na provoz infrastruktury děkujeme.
Není zač, myslím, že si to zasloužíte!
Co jsi dělal včera před 21. hodinou (10 minut před instalací avastu)?
Je mi líto, ale to nepamatuji si.
Podle všeho by mělo jít o soubory čínského zálohovacího SW do Alibaba Cloudu... očekávám výstup podobný jako zde, tak mě zajímá i tvoje odpověď, podle které se zařídíme.
Pokud rozumím informacím z logu správně, včera po 21. hodině sis nainstaloval Avast a dnes před 9. ranní Norton 360. Stále nerozumím unali-xxxxxx složkám...
Už jsem začínal mít dojem, že bude počítač čistý. Avast mi nevyhovoval, tak jsem se rozhodl zkusit Norton, je sice lepší co se týče otravnosti, ale jdu ještě zkusit McAfee family, případně ESET.
Fixlist log:
Fix result of Farbar Recovery Scan Tool (x64) Version: 04-01-2025
Ran by Parek (08-01-2025 18:03:30) Run:4
Running from C:\tmp\frst
Loaded Profiles: Parek
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
Folder: C:\temp
Folder: C:\Users\Parek\AppData\Local\Notepad
Folder: C:\Users\Parek\AppData\Local\unali-121296
Folder: C:\Users\Parek\AppData\Local\unali-121625
Folder: C:\Intel
Folder: C:\ProgramData\boost_interprocess
End
*****************
========================= Folder: C:\temp ========================
====== End of Folder: ======
========================= Folder: C:\Users\Parek\AppData\Local\Notepad ========================
2025-01-05 00:32 - 2025-01-05 00:32 - 000000000 ___AH [D41D8CD98F00B204E9800998ECF8427E] (Access Denied) C:\Users\Parek\AppData\Local\Notepad\probe.autosave
====== End of Folder: ======
========================= Folder: C:\Users\Parek\AppData\Local\unali-121296 ========================
2025-01-05 20:53 - 2024-11-21 21:14 - 000001518 ____A [BC1E8DCCED64BEEC82B186C0CB569F98] () C:\Users\Parek\AppData\Local\unali-121296\AliyunConfig.ini
2025-01-05 20:53 - 2022-08-16 13:11 - 000509064 ____A [DD1D78806A7E22B4C22BBF1D2C542EB0] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Users\Parek\AppData\Local\unali-121296\AliyunWrap.dll
2025-01-05 20:53 - 2022-08-16 13:12 - 000120456 ____A [1CC76517B0F06220F098EEC5924B803B] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Users\Parek\AppData\Local\unali-121296\AliyunWrapExe.exe
2025-01-05 20:53 - 2025-01-05 20:53 - 000000088 ____A [7F411750D07619F38537E7FD612B8B44] () C:\Users\Parek\AppData\Local\unali-121296\DataFile.ini
2025-01-05 20:53 - 2022-08-16 13:12 - 000067208 ____A [252D9F875B00F98881CDD87C30FF44F6] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Users\Parek\AppData\Local\unali-121296\InfoForSetup.exe
====== End of Folder: ======
========================= Folder: C:\Users\Parek\AppData\Local\unali-121625 ========================
2025-01-05 20:53 - 2024-11-21 21:14 - 000001518 ____A [BC1E8DCCED64BEEC82B186C0CB569F98] () C:\Users\Parek\AppData\Local\unali-121625\AliyunConfig.ini
2025-01-05 20:53 - 2022-08-16 13:11 - 000509064 ____A [DD1D78806A7E22B4C22BBF1D2C542EB0] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Users\Parek\AppData\Local\unali-121625\AliyunWrap.dll
2025-01-05 20:53 - 2022-08-16 13:12 - 000120456 ____A [1CC76517B0F06220F098EEC5924B803B] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Users\Parek\AppData\Local\unali-121625\AliyunWrapExe.exe
2025-01-05 20:53 - 2025-01-05 20:53 - 000000088 ____A [7F411750D07619F38537E7FD612B8B44] () C:\Users\Parek\AppData\Local\unali-121625\DataFile.ini
2025-01-05 20:53 - 2022-08-16 13:12 - 000067208 ____A [252D9F875B00F98881CDD87C30FF44F6] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed] C:\Users\Parek\AppData\Local\unali-121625\InfoForSetup.exe
====== End of Folder: ======
========================= Folder: C:\Intel ========================
2025-01-06 11:21 - 2025-01-06 11:21 - 000000000 __SHD [00000000000000000000000000000000] () C:\Intel\GfxCPLBatchFiles
====== End of Folder: ======
========================= Folder: C:\ProgramData\boost_interprocess ========================
2024-12-29 13:58 - 2024-12-29 13:58 - 000000000 ____D [00000000000000000000000000000000] () C:\ProgramData\boost_interprocess\A1000000_26070000
2024-12-29 13:58 - 2024-12-29 13:58 - 000000012 ___AT [E4A1661C2C886EBB688DEC494532431C] () C:\ProgramData\boost_interprocess\A1000000_26070000\pdfarchitect_update_cache_mutex
====== End of Folder: ======
==== End of Fixlog 18:03:31 ====
FRST log:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-01-2025
Ran by Parek (administrator) on PAREK-X360 (HP HP Spectre x360 Convertible 15-eb0xxx) (08-01-2025 18:04:29)
Running from C:\tmp\frst\FRST64.exe
Loaded Profiles: Parek
Platform: Microsoft Windows 10 Pro Version 22H2 19045.5247 (X64) Language: English (United States)
Default browser: "C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe" --single-argument %1
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(C:\Program Files (x86)\Fortinet\FortiClient\FCHelper64.exe ->) (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files (x86)\Fortinet\FortiClient\FortiTray.exe
(C:\Program Files (x86)\Fortinet\FortiClient\scheduler.exe ->) (Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\FCDBLog.exe
(C:\Program Files (x86)\Fortinet\FortiClient\scheduler.exe ->) (Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\FortiESNAC.exe
(C:\Program Files (x86)\Fortinet\FortiClient\scheduler.exe ->) (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files (x86)\Fortinet\FortiClient\FortiSSLVPNdaemon.exe
(C:\Program Files\Norton\Suite\NortonSvc.exe ->) (NortonLifeLock Inc. -> Gen Digital Inc.) C:\Program Files\Norton\Suite\aswEngSrv.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_baf36d4852e8e257\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_baf36d4852e8e257\igfxEM.exe
(DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\dptf_helper.exe
(explorer.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Browser\Application\AvastBrowser.exe <34>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo10de_sc.inf_amd64_27f7a4b4c0b30ba1\WavesSvc64.exe
(NortonLifeLock Inc. -> Gen Digital Inc.) C:\Program Files\Norton\Suite\NortonUI.exe <5>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Broadcom Inc -> ) C:\Windows\System32\bcmUshUpgradeService.exe
(services.exe ->) (Broadcom Inc -> Broadcom Corporation) C:\Windows\System32\bcmHostControlService.exe
(services.exe ->) (Broadcom Inc -> Broadcom Corporation) C:\Windows\System32\bcmHostStorageService.exe
(services.exe ->) (Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\scheduler.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_7dcf4ebd9d1b4772\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8a181b75f1f43801\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8a181b75f1f43801\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8a181b75f1f43801\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8a181b75f1f43801\x64\SysInfoCap.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_baf36d4852e8e257\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a439e07c373809e2\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_e8b0d2fc8e70edd8\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_e8b0d2fc8e70edd8\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_9bda45a3425e7880\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\TbtP2pShortcutService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\ThunderboltService.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Software Development Products -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_bff7913eb62bbf90\aesm_service.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (NortonLifeLock Inc. -> Gen Digital Inc.) C:\Program Files\Norton\Suite\afwServ.exe
(services.exe ->) (NortonLifeLock Inc. -> Gen Digital Inc.) C:\Program Files\Norton\Suite\AvDump.exe
(services.exe ->) (NortonLifeLock Inc. -> Gen Digital Inc.) C:\Program Files\Norton\Suite\nllToolsSvc.exe
(services.exe ->) (NortonLifeLock Inc. -> Gen Digital Inc.) C:\Program Files\Norton\Suite\NortonSvc.exe
(services.exe ->) (NortonLifeLock Inc. -> Gen Digital Inc.) C:\Program Files\Norton\Suite\VpnSvc.exe
(services.exe ->) (NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton\Suite\aswidsagent.exe
(services.exe ->) (NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton\Suite\wsc_proxy.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhm.inf_amd64_69784b7a3902e1a0\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_04ff63d068f8c626\RtkAudUService64.exe <3>
(services.exe ->) (Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\IAS\IntelAudioService.exe
(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(services.exe ->) (VMware Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd) C:\Windows\System32\DriverStore\FileRepository\wavesapo10de_sc.inf_amd64_27f7a4b4c0b30ba1\WavesAudioService.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo10de_sc.inf_amd64_27f7a4b4c0b30ba1\WavesSysSvc64.exe
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2411.1.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\FCHelper64.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.226.1110.0004\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [WavesSvc] => C:\Windows\System32\DriverStore\FileRepository\wavesapo10de_sc.inf_amd64_27f7a4b4c0b30ba1\WavesSvc64.exe [5332192 2023-10-11] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_04ff63d068f8c626\RtkAudUService64.exe [1961360 2023-11-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3952720 2022-05-31] (Microsoft Windows Hardware Compatibility Publisher -> Logitech, Inc.)
HKLM\...\Run: [NortonUI.exe] => C:\Program Files\Norton\Suite\AvLaunch.exe [429160 2025-01-06] (NortonLifeLock Inc. -> Gen Digital Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [369488 2024-10-12] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [114112 2024-04-30] (VMware, Inc. -> VMware, Inc.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3391527302-3298552988-2452015091-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [5006880 2024-12-18] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3391527302-3298552988-2452015091-1001\...\Run: [MicrosoftEdgeAutoLaunch_D7E5E7C0A9696275910388A174E5F120] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3911240 2024-12-19] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3391527302-3298552988-2452015091-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4406632 2024-09-17] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3391527302-3298552988-2452015091-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [36981208 2025-01-02] (Epic Games Inc. -> Epic Games, Inc.)
HKLM\...\Windows x64\Print Processors\CnXP0PP: C:\Windows\System32\spool\prtprocs\x64\CnXP0PP.DLL [1829376 2024-06-06] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\CPCA Language Monitor4: C:\Windows\system32\CNAS0MPK.DLL [1879552 2024-06-04] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [196096 2024-11-02] (pdfforge GmbH) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\131.0.6778.205\Installer\chrmstp.exe [2025-01-06] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files\AVAST Software\Browser\Application\131.0.27760.140\Installer\chrmstp.exe [2025-01-05] (Avast Software s.r.o. -> Gen Digital Inc.)
Startup: C:\Users\Parek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2025-01-06]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
BootExecute:
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {7D108C1A-E51E-4A67-B337-339A2BC0F8BC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1574856 2024-09-25] (Adobe Inc. -> Adobe Inc.)
Task: {9D230D84-29BF-49D4-A8DF-348E33614554} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [3271064 2024-12-13] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {87A7BB1F-7345-48E7-AD1D-382A15030F33} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [3271064 2024-12-13] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {525C0657-9F52-46B6-B511-4D3D68022B10} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [192664 2025-01-05] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {502D412D-984D-4AB8-82A7-7EB3E69CFB4A} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [192664 2025-01-05] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {0CA436D0-5B09-46E2-96B6-A94B8B79004B} - System32\Tasks\CCleanerCrashReporting => C:\Users\Parek\Downloads\ccsetup631\x64\CCleanerBugReport.exe [5983536 2024-12-04] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Users\Parek\Downloads\ccsetup631\LOG" --programpath "C:\Users\Parek\Downloads\ccsetup631" --guid "" --version "6.31.11415" --silent
Task: {D53EAE2B-19E9-4A6B-946D-C0A02322D551} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{E847C06D-173E-4D1F-A46A-88BAE79277FC} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {4D8A0455-E1FD-41E6-AD7A-E04FE99B81ED} - System32\Tasks\Meta\Messenger-SL-Helper-S-1-5-21-3391527302-3298552988-2452015091-1001 => C:\Users\Parek\AppData\Local\Programs\Messenger\MessengerHelper.exe [2192632 2024-09-17] (Facebook, Inc. -> Meta Platforms, Inc.)
Task: {BA9DC40E-7CA2-48EB-9706-358A2FF4AFBF} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28660920 2024-12-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {833EEEBE-1ABD-4D6F-B1C8-A37D31A6F13E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28660920 2024-12-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {70279CCA-5CEF-4B0B-B0D7-4725EC155553} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [311976 2024-12-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {4B87A016-3F33-4624-98A7-3DC97FB16301} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [311976 2024-12-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {BB9976A5-C8FC-4DE8-91FC-A58C9018ACEE} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [186992 2024-12-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {845EBD79-50E0-4734-88FF-485218F7292A} - System32\Tasks\Norton\Norton 360 Patcher => C:\Program Files\Common Files\Norton\Icarus\norton-suite\icarus.exe [8661096 2024-12-16] (NortonLifeLock Inc. -> Gen Digital Inc.)
Task: {4B1D6E7E-568D-436E-8F76-C5A4FF978D24} - System32\Tasks\Norton\Norton VPN Bug Report => C:\Program Files\Norton\Suite\AvBugReport.exe [5998184 2025-01-06] (NortonLifeLock Inc. -> Gen Digital Inc.) -> --send "dumps|report" --silent --product 187 --programpath "C:\Program Files\Norton\Suite" --configpath "C:\ProgramData\Norton\VPN" --path "C:\ProgramData\Norton\VPN\log" --path "C:\ProgramData\Norton\Icarus\Logs" --logpath "C:\ProgramData\Norton\VPN\log" --guid c8dddca6-f22c-46a9-a2c5-a62adceb43df
Task: {BBDDDE20-D5DC-46C1-9CAF-42CFA959C66D} - System32\Tasks\Norton\Overseer => C:\Program Files\Common Files\Norton\Overseer\overseer.exe [2566760 2025-01-06] (NortonLifeLock Inc. -> Gen Digital Inc.)
Task: {3AFCAE4F-7026-4375-9A8D-220A3CBAA896} - System32\Tasks\Norton\Suite Emergency Update => C:\Program Files\Norton\Suite\AvEmUpdate.exe [5215848 2025-01-06] (NortonLifeLock Inc. -> Gen Digital Inc.)
Task: {A1781271-B23F-4A85-A2CA-0E59B1B84CB4} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4214288 2024-12-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {C8105478-0A37-45EC-8D69-35DF0BF2FC5B} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3391527302-3298552988-2452015091-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4214288 2024-12-18] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Users\Parek\Downloads\ccsetup631\x64\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\..\Interfaces\{012fd79b-f57a-4bab-b72b-a352bcbf1331}: [DhcpNameServer] 192.168.88.1
Tcpip\..\Interfaces\{012fd79b-f57a-4bab-b72b-a352bcbf1331}: [DhcpDomain] home.parek.net
Tcpip\..\Interfaces\{012fd79b-f57a-4bab-b72b-a352bcbf1331}\140513: [DhcpNameServer] 192.168.1.99 8.8.8.8
Tcpip\..\Interfaces\{012fd79b-f57a-4bab-b72b-a352bcbf1331}\140513: [DhcpDomain] chata.parek.net
Tcpip\..\Interfaces\{012fd79b-f57a-4bab-b72b-a352bcbf1331}\368616368616: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{012fd79b-f57a-4bab-b72b-a352bcbf1331}\84F64756C6F564275656: [DhcpNameServer] 185.75.138.254 185.75.138.253
Tcpip\..\Interfaces\{5c3c7bcc-9433-4506-8e59-842e80d043eb}: [DhcpNameServer] 192.168.88.1
Tcpip\..\Interfaces\{5c3c7bcc-9433-4506-8e59-842e80d043eb}: [DhcpDomain] home.parek.net
Tcpip\..\Interfaces\{9cc330eb-c712-4df8-a8a7-ad3bb867bef7}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{af4e37ef-d24f-4efb-8470-6ec7f68a2f2d}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{af4e37ef-d24f-4efb-8470-6ec7f68a2f2d}: [DhcpDomain] home
Tcpip\..\Interfaces\{cacc309f-13e3-4feb-be61-251dd47a765a}: [DhcpNameServer] 192.168.88.1
Tcpip\..\Interfaces\{cacc309f-13e3-4feb-be61-251dd47a765a}: [DhcpDomain] home.parek.net
Tcpip\..\Interfaces\{cacc309f-13e3-4feb-be61-251dd47a765a}\140513: [DhcpNameServer] 192.168.1.99 8.8.8.8
Tcpip\..\Interfaces\{cacc309f-13e3-4feb-be61-251dd47a765a}\140513: [DhcpDomain] chata.parek.net
Tcpip\..\Interfaces\{cacc309f-13e3-4feb-be61-251dd47a765a}\5436F6665756C6: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{cacc309f-13e3-4feb-be61-251dd47a765a}\B6271626963656: [DhcpNameServer] 192.168.100.1
Edge:
=======
Edge DefaultProfile: Profile 3
Edge Profile: C:\Users\Parek\AppData\Local\Microsoft\Edge\User Data\Profile 3 [2025-01-05]
Edge Notifications: Profile 3 -> hxxps://calendar.google.com; hxxps://
www.messenger.com
Edge Extension: (Google Docs Offline) - C:\Users\Parek\AppData\Local\Microsoft\Edge\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-01-05]
Edge Extension: (Edge relevant text changes) - C:\Users\Parek\AppData\Local\Microsoft\Edge\User Data\Profile 3\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2025-01-05]
Edge Profile: C:\Users\Parek\AppData\Local\Microsoft\Edge\User Data\Profile 4 [2025-01-04]
Edge Session Restore: Profile 4 -> is enabled.
Edge Extension: (lock) - C:\Users\Parek\AppData\Local\Microsoft\Edge\User Data\Profile 4\Extensions\dppgmdbiimibapkepcbdbmkaabgiofem [2024-12-27]
Edge Extension: (Google Docs Offline) - C:\Users\Parek\AppData\Local\Microsoft\Edge\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-27]
Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\Parek\AppData\Local\Microsoft\Edge\User Data\Profile 4\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2024-12-27]
Edge Extension: (Bitwarden Password Manager) - C:\Users\Parek\AppData\Local\Microsoft\Edge\User Data\Profile 4\Extensions\jbkfoedolllekgbhcbcoahefnbanhhlh [2024-12-28]
Edge Extension: (Edge relevant text changes) - C:\Users\Parek\AppData\Local\Microsoft\Edge\User Data\Profile 4\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-11-03]
FireFox:
========
FF HKU\S-1-5-21-3391527302-3298552988-2452015091-1001\...\Firefox\Extensions: [
fdm_ffext@freedownloadmanager.org] - C:\ProgramData\Free Download Manager\Firefox\Extensions\2.1.13
FF Extension: (Free Download Manager extension) - C:\ProgramData\Free Download Manager\Firefox\Extensions\2.1.13 [2024-09-13] [Legacy]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-12-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.21 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-12-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @FortinetCacheClean -> C:\Program Files (x86)\Fortinet\FortiClient\npccplugin.dll [2016-06-23] (Fortinet Inc.) [File not signed]
FF Plugin-x32: @FortinetCacheCleanEx -> C:\Program Files (x86)\Fortinet\FortiClient\npccpluginex.dll [2016-06-23] (Fortinet Inc.) [File not signed]
FF Plugin-x32: @FortinetTunnelControl -> C:\Program Files (x86)\Fortinet\FortiClient\nptcplugin.dll [2016-06-23] (Fortinet Inc.) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-12-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1697.6\npAvastBrowserUpdate3.dll [2025-01-05] (Avast Software s.r.o. -> Gen Digital Inc.)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1697.6\npAvastBrowserUpdate3.dll [2025-01-05] (Avast Software s.r.o. -> Gen Digital Inc.)
Chrome:
=======
CHR Profile: C:\Users\Parek\AppData\Local\Google\Chrome\User Data\Default [2025-01-06]
CHR Notifications: Default -> hxxps://
www.messenger.com
CHR HomePage: Default -> hxxp://
www.google.com
CHR StartupUrls: Default -> "hxxp://websearch.thesearchpage.info/?pid=2171&r=2015/01/23&hid=14513732107745859819&lg=EN&cc=ME&unqvl=74","hxxp://
www.mystartsearch.com/?type=hp&ts=14380 ... SAF780112A"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Entanglement Web App) - C:\Users\Parek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2025-01-06]
CHR Extension: (BeFunky Photo Editor) - C:\Users\Parek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apfkepiiddolifkgjmfdgpnipgnfejab [2025-01-06]
CHR Extension: (DuckDuckGo) - C:\Users\Parek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2025-01-06]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Parek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2025-01-06]
CHR Extension: (OneTab) - C:\Users\Parek\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2025-01-06]
CHR Extension: (Google Tips) - C:\Users\Parek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnhacgcmhcgppboemgoobibkhlpglejb [2025-01-06]
CHR Extension: (change-language) - C:\Users\Parek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cofdbpoegempjloogbagkncekinflcnj [2025-01-06]
CHR Extension: (Enhancer for Telegram™) - C:\Users\Parek\AppData\Local\Google\Chrome\User Data\Default\Extensions\dafiggkhlbbhfcpgggcfeeoliillkabn [2025-01-06]
CHR Extension: (iCloud Bookmarks) - C:\Users\Parek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2025-01-06]
CHR Extension: (Norton Safe Web) - C:\Users\Parek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnpbeacklnhmkkilekogeiekaglbmmka [2025-01-06]
CHR Extension: (Google Docs Offline) - C:\Users\Parek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-01-06]
CHR Extension: (Read Aloud: A Text to Speech Voice Reader) - C:\Users\Parek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdhinadidafjejdhmfkjgnolgimiaplp [2025-01-06]
CHR Extension: (Picture-in-Picture Extension (by Google)) - C:\Users\Parek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkgfoiooedgoejojocmhlaklaeopbecg [2025-01-06]
CHR Extension: (Simple Translate) - C:\Users\Parek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibplnjkanclpjokhdolnendpplpjiace [2025-01-06]
CHR Extension: (Office - Enable Copy and Paste) - C:\Users\Parek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifbmcpbgkhlpfcodhjhdbllhiaomkdej [2025-01-06]
CHR Extension: (Dropbox) - C:\Users\Parek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2025-01-06]
CHR Extension: (Grepolis) - C:\Users\Parek\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkgkognjknhcgbgbeijjondlikfkgnog [2025-01-06]
CHR Extension: (Norton Safe) - C:\Users\Parek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpnlkmlkncncpgnnkmkgoobfpnjmblnk [2025-01-06]
CHR Extension: (OneDrive) - C:\Users\Parek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2025-01-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Parek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2025-01-06]
CHR Extension: (Bitwarden Password Manager) - C:\Users\Parek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nngceckbapebfimnlniiiahkandclblb [2025-01-06]
CHR Extension: (Drive Files to OneDrive™) - C:\Users\Parek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcagpleiioillikneeillgemaanajfae [2025-01-06]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-09-25] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [103776 2024-10-02] (Apple Inc. -> Apple Inc.)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [192664 2025-01-05] (Avast Software s.r.o. -> Gen Digital Inc.)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [192664 2025-01-05] (Avast Software s.r.o. -> Gen Digital Inc.)
S3 AvastSecureBrowserElevationService; C:\Program Files\AVAST Software\Browser\Application\131.0.27760.140\elevation_service.exe [1910616 2024-12-13] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13512888 2024-12-18] (Microsoft Corporation -> Microsoft Corporation)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [367064 2024-11-23] (Epic Games Inc. -> Epic Games, Inc.)
R2 FA_Scheduler; C:\Program Files (x86)\Fortinet\FortiClient\scheduler.exe [110098 2016-06-23] (Fortinet Inc.) [File not signed]
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.226.1110.0004\FileSyncHelper.exe [3528208 2024-12-18] (Microsoft Corporation -> Microsoft Corporation)
R2 hostcontrolsvc; C:\Windows\System32\bcmHostControlService.exe [840416 2023-07-05] (Broadcom Inc -> Broadcom Corporation)
R2 hoststoragesvc; C:\Windows\System32\bcmHostStorageService.exe [176864 2023-07-05] (Broadcom Inc -> Broadcom Corporation)
R2 HPAppHelperCap; C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8a181b75f1f43801\x64\AppHelperCap.exe [912480 2024-11-10] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8a181b75f1f43801\x64\DiagsCap.exe [910944 2024-11-10] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8a181b75f1f43801\x64\NetworkCap.exe [906848 2024-11-10] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8a181b75f1f43801\x64\SysInfoCap.exe [911480 2024-11-10] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_7dcf4ebd9d1b4772\x64\TouchpointAnalyticsClientService.exe [569008 2024-05-07] (HP Inc. -> HP Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 nllbIDSAgent; C:\Program Files\Norton\Suite\aswidsagent.exe [7641704 2025-01-06] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R2 Norton Antivirus; C:\Program Files\Norton\Suite\NortonSvc.exe [779880 2025-01-06] (NortonLifeLock Inc. -> Gen Digital Inc.)
R2 Norton Firewall; C:\Program Files\Norton\Suite\afwServ.exe [2376296 2025-01-06] (NortonLifeLock Inc. -> Gen Digital Inc.)
R2 Norton Tools; C:\Program Files\Norton\Suite\nllToolsSvc.exe [1230952 2025-01-06] (NortonLifeLock Inc. -> Gen Digital Inc.)
R2 nortonAvDumper64; C:\Program Files\Norton\Suite\AvDump.exe [3498088 2025-01-06] (NortonLifeLock Inc. -> Gen Digital Inc.)
R2 NortonVpn; C:\Program Files\Norton\Suite\VpnSvc.exe [12924008 2025-01-06] (NortonLifeLock Inc. -> Gen Digital Inc.)
R2 NortonWscReporter; C:\Program Files\Norton\Suite\wsc_proxy.exe [76552 2025-01-06] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvhm.inf_amd64_69784b7a3902e1a0\Display.NvContainer\NVDisplay.Container.exe [1274904 2024-08-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.226.1110.0004\OneDriveUpdaterService.exe [3873312 2024-12-18] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559368 2024-10-24] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TbtP2pShortcutService; C:\Windows\TbtP2pShortcutService.exe [256856 2024-03-15] (Intel Corporation -> Intel Corporation)
R2 ushupgradesvc; C:\Windows\System32\bcmUshUpgradeService.exe [333064 2023-07-05] (Broadcom Inc -> )
S3 VmwareAutostartService; C:\Program Files (x86)\VMware\VMware Workstation\vmware-autostart.exe [64960 2024-04-30] (VMware, Inc. -> )
R2 WavesAudioService; C:\Windows\System32\DriverStore\FileRepository\wavesapo10de_sc.inf_amd64_27f7a4b4c0b30ba1\WavesAudioService.exe [161000 2023-10-11] (Waves Inc -> Waves Audio Ltd)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AcxHdAudio; C:\Windows\System32\drivers\AcxHdAudio.sys [526848 2024-09-09] (Microsoft Windows -> Microsoft Corporation)
S3 ampa; C:\Windows\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 ddmdrv; C:\Windows\SysWOW64\ddmdrv.sys [34216 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 dlcdcncm; C:\Windows\System32\drivers\dlcdcncm660.sys [150336 2023-10-06] (DISPLAYLINK (UK) LIMITED -> DisplayLink Corp.)
S3 DPMDriver; C:\Windows\System32\drivers\DPMDriver.sys [139680 2022-12-08] (IndiLogic LLC -> Dell Inc.)
S3 e1dexpress; C:\Windows\System32\DriverStore\FileRepository\e1d.inf_amd64_7e337195b92a35b6\e1d.sys [611936 2023-08-31] (Intel Corporation -> Intel Corporation)
S3 fortiapd; C:\Windows\System32\drivers\fortiapd.sys [18000 2016-06-23] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
R1 FortiFilter; C:\Windows\system32\DRIVERS\FortiFilter.sys [45792 2015-08-26] (Fortinet Technologies -> Fortinet Inc)
S1 FortiFW; C:\Windows\System32\drivers\FortiFW2.sys [37456 2016-06-23] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S3 Fortips; C:\Windows\System32\drivers\fortips.sys [147536 2016-06-23] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S3 fortisniff; C:\Windows\System32\drivers\fortisniff2.sys [40016 2016-06-23] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
R3 ft_vnic; C:\Windows\System32\drivers\ftvnic.sys [71928 2015-08-26] (Fortinet Technologies -> Fortinet Inc)
R2 hcmon; C:\Windows\system32\DRIVERS\hcmon.sys [72144 2023-08-08] (Microsoft Windows Hardware Compatibility Publisher -> VMware, Inc.)
R3 HPCustomCapDriver; C:\Windows\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1421dec2010cc057\x64\hpcustomcapdriver.sys [18984 2024-05-07] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.)
S3 iaLPSS2_GPIO2_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_d0e63c4e3754f42f\iaLPSS2_GPIO2_TGL.sys [128152 2020-08-09] (Intel Corporation -> Intel Corporation)
S3 iaLPSS2_I2C_TGL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_i2c_tgl.inf_amd64_ab87bf17a571e523\iaLPSS2_I2C_TGL.sys [197272 2020-08-09] (Intel Corporation -> Intel Corporation)
S3 IntcUSB; C:\Windows\System32\DriverStore\FileRepository\intcusb.inf_amd64_bc398e7169495415\IntcUSB.sys [922712 2023-10-18] (Intel Corporation -> Intel(R) Corporation)
S3 Netaapl; C:\Windows\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R0 nllArDisk; C:\Windows\System32\drivers\nllArDisk.sys [20560 2025-01-06] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 nllArPot; C:\Windows\System32\drivers\nllArPot.sys [235088 2025-01-06] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 nllbidsdriver; C:\Windows\System32\drivers\nllbidsdriver.sys [383056 2025-01-06] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 nllbidsh; C:\Windows\System32\drivers\nllbidsh.sys [296016 2025-01-06] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 nllbuniv; C:\Windows\System32\drivers\nllbuniv.sys [84560 2025-01-06] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 nllElam; C:\Windows\System32\drivers\nllElam.sys [28280 2025-01-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 nllKbd; C:\Windows\System32\drivers\nllKbd.sys [28728 2025-01-06] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 nllMonFlt; C:\Windows\System32\drivers\nllMonFlt.sys [275024 2025-01-06] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 nllNetHub; C:\Windows\System32\drivers\nllNetHub.sys [550992 2025-01-06] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 nllRdr; C:\Windows\System32\drivers\nllRdr2.sys [98360 2025-01-06] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 nllRvrt; C:\Windows\System32\drivers\nllRvrt.sys [69712 2025-01-06] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 nllSnx; C:\Windows\System32\drivers\nllSnx.sys [955960 2025-01-06] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 nllSP; C:\Windows\System32\drivers\nllSP.sys [1424952 2025-01-06] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 nllStm; C:\Windows\System32\drivers\nllStm.sys [204344 2025-01-06] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 nllVmm; C:\Windows\System32\drivers\nllVmm.sys [381488 2025-01-06] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S3 nllVpnRdr; C:\Windows\System32\drivers\nllVpnRdr.sys [80504 2025-01-06] (Microsoft Windows Hardware Compatibility Publisher -> NortonLifelock Inc.)
R3 pppop; C:\Windows\System32\drivers\pppop64.sys [54344 2016-03-29] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
S3 rtump64x64; C:\Windows\System32\drivers\rtump64x64.sys [1169096 2023-06-15] (Realtek Semiconductor Corp. -> Realtek Corporation)
S2 SecDrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [12464 2024-12-22] (Macrovision Europe Ltd) [File not signed]
R0 vmci; C:\Windows\System32\drivers\vmci.sys [104888 2023-06-14] (Microsoft Windows Hardware Compatibility Publisher -> VMware, Inc.)
R3 VMnetAdapter; C:\Windows\system32\DRIVERS\vmnetadapter.sys [31120 2024-04-30] (Microsoft Windows Hardware Compatibility Publisher -> VMware, Inc.)
R2 VMnetBridge; C:\Windows\system32\DRIVERS\vmnetbridge.sys [53704 2024-04-30] (Microsoft Windows Hardware Compatibility Publisher -> VMware, Inc.)
R2 VMnetuserif; C:\Windows\system32\DRIVERS\vmnetuserif.sys [30664 2024-04-30] (Microsoft Windows Hardware Compatibility Publisher -> VMware, Inc.)
R2 vmx86; C:\Windows\system32\DRIVERS\vmx86.sys [100776 2024-04-30] (Microsoft Windows Hardware Compatibility Publisher -> VMware, Inc.)
R0 vsock; C:\Windows\System32\DRIVERS\vsock.sys [88976 2023-06-14] (Microsoft Windows Hardware Compatibility Publisher -> VMware, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [22104 2024-10-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [606624 2024-10-30] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105888 2024-10-30] (Microsoft Windows -> Microsoft Corporation)
R3 WiManH; C:\Windows\System32\DriverStore\FileRepository\wiman.inf_amd64_fd307d9242e9056e\WiManH\WiManH.sys [182864 2023-11-09] (Intel Corporation -> Intel Corporation)
S3 WirelessKeyboardFilter; C:\Windows\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)
U3 aswArDisk; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-01-06 13:49 - 2025-01-06 13:49 - 001611543 _____ C:\Users\Parek\Downloads\BAKALÁŘSKÁ+PRÁCE.pdf
2025-01-06 10:15 - 2025-01-06 10:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2025-01-06 10:14 - 2025-01-06 10:15 - 000000000 ____D C:\Program Files\iTunes
2025-01-06 09:03 - 2025-01-06 09:03 - 000002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-01-06 09:03 - 2025-01-06 09:03 - 000000000 ____D C:\Windows\system32\Tasks\GoogleSystem
2025-01-06 09:03 - 2025-01-06 09:03 - 000000000 ____D C:\Program Files\Google
2025-01-06 09:03 - 2025-01-06 09:03 - 000000000 ____D C:\Program Files (x86)\Google
2025-01-06 09:02 - 2025-01-06 09:03 - 126284672 _____ (Google LLC) C:\Users\Parek\Downloads\ChromeStandaloneSetup64.exe
2025-01-06 09:01 - 2025-01-06 11:21 - 000000000 ___HD C:\Norton sandbox
2025-01-06 09:00 - 2025-01-06 09:00 - 010384768 _____ (Google LLC) C:\Users\Parek\Downloads\ChromeSetup.exe
2025-01-06 08:53 - 2025-01-06 08:53 - 000316008 _____ (Gen Digital Inc.) C:\Windows\system32\nllBoot.exe
2025-01-06 08:53 - 2025-01-06 08:53 - 000002081 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360.lnk
2025-01-06 08:53 - 2025-01-06 08:53 - 000000000 ____D C:\Windows\system32\Tasks\Norton
2025-01-06 08:53 - 2025-01-06 08:53 - 000000000 ____D C:\Users\Parek\AppData\Roaming\Norton
2025-01-06 08:53 - 2025-01-06 08:53 - 000000000 ____D C:\Users\Parek\AppData\Local\Norton
2025-01-06 08:53 - 2025-01-06 08:53 - 000000000 ____D C:\Program Files\Norton
2025-01-06 08:53 - 2025-01-06 08:53 - 000000000 ____D C:\Program Files\Common Files\Norton
2025-01-06 08:53 - 2025-01-06 08:52 - 000053048 _____ (Gen Digital Inc.) C:\Windows\system32\icarus_rvrt.exe
2025-01-06 08:52 - 2025-01-06 11:22 - 000000000 ____D C:\ProgramData\Norton
2025-01-06 08:48 - 2025-01-06 08:48 - 001917672 _____ (Gen Digital Inc.) C:\Users\Parek\Downloads\norton_360_online_setup.exe
2025-01-05 21:10 - 2025-01-05 21:10 - 000002520 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2025-01-05 21:04 - 2025-01-06 08:50 - 000000000 ____D C:\Users\Parek\AppData\Local\AVAST Software
2025-01-05 21:04 - 2025-01-05 21:04 - 000003844 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2025-01-05 21:04 - 2025-01-05 21:04 - 000003260 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2025-01-05 21:03 - 2025-01-05 21:03 - 000003456 _____ C:\Windows\system32\Tasks\AvastUpdateTaskMachineUA
2025-01-05 21:03 - 2025-01-05 21:03 - 000003332 _____ C:\Windows\system32\Tasks\AvastUpdateTaskMachineCore
2025-01-05 21:03 - 2025-01-05 21:03 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2025-01-05 21:02 - 2025-01-06 08:52 - 000000000 ____D C:\ProgramData\Avast Software
2025-01-05 21:02 - 2025-01-06 08:52 - 000000000 ____D C:\Program Files\Avast Software
2025-01-05 21:02 - 2025-01-05 21:02 - 000249072 _____ (Gen Digital Inc.) C:\Users\Parek\Downloads\online_instalační_soubor_aplikace_avast_free_antivirus.exe
2025-01-05 20:53 - 2025-01-05 20:53 - 000000000 ____D C:\Users\Parek\AppData\Local\unali-121625
2025-01-05 20:53 - 2025-01-05 20:53 - 000000000 ____D C:\Users\Parek\AppData\Local\unali-121296
2025-01-05 00:32 - 2025-01-05 08:52 - 000000000 ____D C:\Users\Parek\AppData\Local\Notepad
2025-01-04 21:26 - 2025-01-04 21:26 - 000000008 _____ C:\ProgramData\ntuser.pol
2025-01-04 17:36 - 2025-01-04 21:26 - 000000662 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2025-01-04 17:36 - 2025-01-04 17:39 - 000000000 ____D C:\Users\Parek\Downloads\ccsetup631
2025-01-04 17:36 - 2025-01-04 17:36 - 000003378 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2025-01-04 17:35 - 2025-01-04 17:35 - 079982561 _____ C:\Users\Parek\Downloads\ccsetup631.zip
2025-01-04 17:14 - 2025-01-04 17:16 - 000000000 ____D C:\AdwCleaner
2025-01-04 17:14 - 2025-01-04 17:14 - 008790880 _____ (Malwarebytes) C:\Users\Parek\Downloads\adwcleaner.exe
2025-01-04 14:15 - 2025-01-08 18:04 - 000000000 ____D C:\FRST
2025-01-04 14:05 - 2025-01-04 14:05 - 002833136 _____ (Malwarebytes) C:\Users\Parek\Downloads\MBSetup.exe
2025-01-02 20:18 - 2025-01-02 20:18 - 000000389 _____ C:\Users\Parek\OneDrive\Desktop\Kingdom Come Deliverance.url
2025-01-02 19:24 - 2025-01-02 19:24 - 000000000 ____D C:\Program Files\Epic Games
2025-01-02 19:22 - 2025-01-04 15:46 - 000000000 ____D C:\Users\Parek\AppData\Local\EpicGamesLauncher
2025-01-02 19:22 - 2025-01-03 23:40 - 000000000 ____D C:\Users\Parek\AppData\Local\Epic Games
2025-01-02 19:22 - 2025-01-02 19:22 - 000000000 ____D C:\Users\Parek\AppData\Local\UnrealEngineLauncher
2025-01-02 19:21 - 2025-01-02 19:23 - 000000000 ____D C:\ProgramData\Epic
2025-01-02 19:21 - 2025-01-02 19:22 - 000000000 ____D C:\Program Files (x86)\Epic Games
2025-01-02 19:21 - 2025-01-02 19:21 - 203468800 _____ C:\Users\Parek\Downloads\EpicInstaller-17.2.0.msi
2025-01-02 19:21 - 2025-01-02 19:21 - 000001270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2025-01-02 17:48 - 2025-01-02 17:48 - 000150411 _____ C:\Users\Parek\Downloads\zakazane_zasilky_obecne_CZ.pdf
2025-01-01 19:38 - 2025-01-01 19:38 - 070486104 _____ C:\Users\Parek\Downloads\GPlus_PCL6_Driver_V311_32_64_00.exe
2025-01-01 19:38 - 2025-01-01 19:38 - 000000000 ____D C:\Users\Parek\Downloads\GPlus_PCL6_Driver_V311_32_64_00
2024-12-31 00:19 - 2024-12-31 00:19 - 000002410 _____ C:\Users\Parek\OneDrive\Desktop\Quake 4.lnk
2024-12-30 23:52 - 2025-01-02 19:23 - 000000000 ____D C:\Users\Parek\AppData\Local\NVIDIA Corporation
2024-12-30 23:51 - 2024-12-30 23:51 - 000000000 ____D C:\Users\Parek\AppData\Roaming\NVIDIA
2024-12-30 23:51 - 2024-12-30 23:51 - 000000000 ____D C:\Users\Parek\ansel
2024-12-30 16:53 - 2024-12-30 16:53 - 000000802 _____ C:\Users\Parek\OneDrive\Desktop\Manor Lords.lnk
2024-12-30 11:18 - 2024-12-30 11:18 - 000000000 ____D C:\Users\Parek\AppData\Local\ManorLords
2024-12-30 00:12 - 2024-12-30 00:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\[K-Repack]
2024-12-29 18:10 - 2024-12-29 18:10 - 000000852 _____ C:\Users\Parek\OneDrive\Desktop\Warcraft I Remastered.lnk
2024-12-28 00:18 - 2024-12-28 13:53 - 000000000 ____D C:\Users\Parek\OneDrive\Dokumenty\Mount and Blade II Bannerlord
2024-12-28 00:18 - 2024-12-28 00:18 - 000000000 ____D C:\Users\Parek\AppData\Local\NVIDIA
2024-12-28 00:18 - 2024-12-28 00:18 - 000000000 ____D C:\ProgramData\Mount and Blade II Bannerlord
2024-12-27 23:29 - 2024-12-27 23:29 - 000000000 ____D C:\ProgramData\GOG.com
2024-12-27 10:45 - 2024-12-27 10:45 - 003243852 _____ C:\Windows\Minidump\122724-12703-01.dmp
2024-12-25 11:25 - 2024-12-25 11:25 - 000000000 ____D C:\Users\Parek\AppData\Local\CrashDumps
2024-12-23 08:30 - 2024-12-23 08:31 - 000000000 ____D C:\Users\Parek\OneDrive\Dokumenty\CnCRemastered
2024-12-23 08:30 - 2024-12-23 08:30 - 000000000 ____D C:\Users\Parek\AppData\Roaming\CnCRemastered
2024-12-23 08:26 - 2024-12-23 08:26 - 000000000 ___HD C:\temp
2024-12-23 08:21 - 2024-12-23 08:21 - 000001045 _____ C:\Users\Parek\OneDrive\Desktop\Command and Conquer Remastered Collection.lnk
2024-12-23 08:21 - 2024-12-23 08:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Command and Conquer Remastered Collection
2024-12-23 08:18 - 2025-01-06 10:16 - 000000837 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2024-12-23 08:18 - 2024-12-24 11:09 - 000000000 ____D C:\Users\Parek\AppData\Roaming\Notepad++
2024-12-23 08:18 - 2024-12-23 08:18 - 000000000 ____D C:\Program Files\Notepad++
2024-12-23 08:17 - 2024-12-23 08:17 - 006652296 _____ (Don HO
don.h@free.fr) C:\Users\Parek\Downloads\npp.8.7.4.Installer.x64.exe
2024-12-22 09:43 - 2024-12-22 09:53 - 000000000 ____D C:\Users\Parek\AppData\Roaming\FileZilla
2024-12-22 09:43 - 2024-12-22 09:46 - 000000000 ____D C:\Users\Parek\AppData\Local\FileZilla
2024-12-22 09:43 - 2024-12-22 09:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2024-12-22 09:43 - 2024-12-22 09:43 - 000000000 ____D C:\Program Files\FileZilla FTP Client
2024-12-22 09:11 - 2024-12-22 09:13 - 000000000 ____D C:\VMs
2024-12-22 09:10 - 2024-12-22 11:15 - 000000000 ____D C:\Users\Parek\AppData\Roaming\VMware
2024-12-22 09:10 - 2024-12-22 11:15 - 000000000 ____D C:\Users\Parek\AppData\Local\VMware
2024-12-22 09:09 - 2025-01-06 11:21 - 000000000 ____D C:\ProgramData\VMware
2024-12-22 09:09 - 2024-12-22 09:09 - 000817478 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2024-12-22 09:09 - 2024-12-22 09:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2024-12-22 09:09 - 2024-12-22 09:09 - 000000000 ____D C:\Program Files\Common Files\VMware
2024-12-22 09:09 - 2024-12-22 09:09 - 000000000 ____D C:\Program Files (x86)\VMware
2024-12-22 09:09 - 2024-04-30 03:35 - 000420288 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
2024-12-22 09:09 - 2024-04-30 03:34 - 001310656 _____ (VMware, Inc.) C:\Windows\system32\vnetlib64.dll
2024-12-22 09:09 - 2024-04-30 03:34 - 000373184 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
2024-12-22 09:02 - 2024-12-24 12:09 - 000000000 ____D C:\Users\Parek\OneDrive\Dokumenty\Command and Conquer Generals Zero Hour Data
2024-12-22 08:45 - 2024-12-22 08:46 - 000012464 _____ (Macrovision Europe Ltd) C:\Windows\SysWOW64\Drivers\SECDRV.SYS
2024-12-22 08:44 - 2024-12-22 16:31 - 000000981 _____ C:\Windows\eReg.dat
2024-12-22 08:44 - 2024-12-22 16:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games
2024-12-22 08:44 - 2024-12-22 08:49 - 000000000 ____D C:\Program Files (x86)\EA Games
2024-12-21 11:57 - 2024-12-21 11:57 - 000000000 ____D C:\Users\Parek\AppData\Roaming\GHISLER
2024-12-21 11:57 - 2024-12-21 11:57 - 000000000 ____D C:\Users\Parek\AppData\Local\GHISLER
2024-12-20 17:23 - 2024-12-20 17:23 - 000000000 ___HD C:\$WinREAgent
2024-12-20 17:07 - 2024-12-20 17:07 - 000099732 _____ C:\Users\Parek\Downloads\CENÍK-PARKOVNÉHO_ARGENTINSKÁ_KRÁTKODOBÉ_13.6.2024.pdf
2024-12-20 17:06 - 2024-12-20 17:06 - 000084202 _____ C:\Users\Parek\Downloads\CENÍK-PARKOVNÉHO_ŽELEZNIČÁŘŮ_KRÁTKODOBÉ_13.6.2024.pdf
2024-12-18 22:03 - 2024-12-18 22:03 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-12-18 21:58 - 2025-01-06 09:03 - 000000000 ____D C:\Users\Parek\AppData\Local\Google
2024-12-18 21:58 - 2024-12-18 21:58 - 000000000 ____D C:\Windows\system32\Tasks\GoogleUser
2024-12-18 21:53 - 2024-12-18 00:13 - 000000717 _____ C:\Users\Parek\OneDrive\Desktop\Age of Empires IV.lnk
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-01-08 17:47 - 2024-09-09 18:48 - 000000000 ____D C:\Users\Parek\AppData\Local\D3DSCache
2025-01-08 17:46 - 2024-09-09 18:30 - 000000000 ____D C:\Windows\system32\SleepStudy
2025-01-08 17:46 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2025-01-08 17:46 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-01-07 16:19 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2025-01-07 16:15 - 2024-09-09 18:40 - 000000000 ___RD C:\Users\Parek\OneDrive
2025-01-06 11:28 - 2024-09-09 18:38 - 000799974 _____ C:\Windows\system32\PerfStringBackup.INI
2025-01-06 11:28 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2025-01-06 11:22 - 2024-09-09 18:51 - 000000000 __SHD C:\Users\Parek\IntelGraphicsProfiles
2025-01-06 11:21 - 2024-10-27 14:55 - 000000000 ____D C:\ProgramData\NVIDIA
2025-01-06 11:21 - 2024-09-09 18:51 - 000000000 ____D C:\Intel
2025-01-06 11:21 - 2024-09-09 18:30 - 000008192 ___SH C:\DumpStack.log.tmp
2025-01-06 11:21 - 2024-09-09 18:30 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2025-01-06 11:21 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2025-01-06 10:23 - 2019-12-07 10:03 - 001048576 _____ C:\Windows\system32\config\BBI
2025-01-06 10:16 - 2024-09-11 18:34 - 000000000 ____D C:\ProgramData\Package Cache
2025-01-06 10:15 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2025-01-06 10:15 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2025-01-06 10:15 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2025-01-06 10:14 - 2023-12-04 03:56 - 000000000 ____D C:\Windows\SystemTemp
2025-01-06 09:05 - 2024-09-09 18:38 - 000000000 ____D C:\Users\Parek\AppData\Local\Packages
2025-01-06 08:53 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2025-01-05 22:04 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\LiveKernelReports
2025-01-05 21:02 - 2024-09-11 18:34 - 000000000 ____D C:\ProgramData\Logishrd
2025-01-05 20:59 - 2024-10-07 21:20 - 000000000 ____D C:\Users\Parek\AppData\Local\Logi
2025-01-05 20:55 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Registration
2025-01-05 20:53 - 2024-11-21 21:14 - 000000000 ____D C:\Program Files (x86)\EaseUS
2025-01-04 22:39 - 2024-09-09 20:13 - 000000000 ____D C:\tmp
2025-01-04 21:25 - 2024-09-20 06:41 - 000000000 ____D C:\Users\Parek\AppData\LocalLow\Temp
2025-01-04 21:25 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2025-01-03 20:09 - 2024-09-09 19:39 - 000000000 ____D C:\Users\Parek\OneDrive\Dokumenty\Záruční listy
2025-01-02 19:23 - 2024-09-14 11:32 - 000000000 ____D C:\GOG Games
2025-01-02 19:22 - 2024-09-15 13:09 - 000000000 ____D C:\Users\Parek\AppData\Local\UnrealEngine
2025-01-01 19:44 - 2024-09-26 16:22 - 000000000 ____D C:\Users\Parek\AppData\Roaming\Microsoft\Word
2025-01-01 19:39 - 2024-09-18 17:55 - 000000000 ____D C:\Users\Parek\AppData\Roaming\Microsoft\Excel
2024-12-31 15:55 - 2024-09-09 19:39 - 000000000 ____D C:\Users\Parek\OneDrive\Dokumenty\Rodina
2024-12-31 00:22 - 2024-09-13 20:08 - 000000000 ____D C:\Users\Parek\AppData\Roaming\Free Download Manager
2024-12-30 23:51 - 2024-09-09 18:37 - 000000000 ____D C:\Users\Parek
2024-12-30 10:04 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-12-30 00:05 - 2024-09-14 18:30 - 000000000 ____D C:\Games
2024-12-29 23:06 - 2024-11-11 18:36 - 000000000 ____D C:\Program Files (x86)\DODI-Repacks
2024-12-29 23:05 - 2024-09-09 19:39 - 000000000 ____D C:\Users\Parek\OneDrive\Dokumenty\My Games
2024-12-29 13:58 - 2024-11-02 19:58 - 000000000 ____D C:\ProgramData\boost_interprocess
2024-12-27 10:45 - 2024-10-11 16:42 - 1482165546 _____ C:\Windows\MEMORY.DMP
2024-12-27 10:45 - 2024-10-11 16:42 - 000000000 ____D C:\Windows\Minidump
2024-12-23 08:28 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-12-23 06:08 - 2024-09-09 18:30 - 000479088 _____ C:\Windows\system32\FNTCACHE.DAT
2024-12-22 16:31 - 2024-09-28 20:39 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2024-12-22 16:06 - 2024-09-09 19:39 - 000000000 ____D C:\Users\Parek\OneDrive\Dokumenty\Command and Conquer Generals Data
2024-12-22 08:46 - 2024-09-09 18:38 - 000000000 ____D C:\Users\Parek\AppData\Local\VirtualStore
2024-12-21 11:58 - 2024-09-09 18:30 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-12-21 11:57 - 2024-09-09 18:30 - 000003536 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-12-21 11:57 - 2024-09-09 18:30 - 000003412 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-12-20 17:38 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-12-20 17:38 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2024-12-20 17:38 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2024-12-20 17:38 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2024-12-20 17:37 - 2024-09-09 18:38 - 000000000 ____D C:\ProgramData\Packages
2024-12-20 17:36 - 2024-09-09 18:44 - 000000000 ____D C:\Users\Parek\AppData\Local\PlaceholderTileLogoFolder
2024-12-20 17:33 - 2024-09-09 18:36 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-12-20 17:26 - 2024-09-13 19:55 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-12-20 17:25 - 2024-09-09 19:17 - 000000000 ____D C:\Windows\system32\compatrel
2024-12-20 17:25 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\PrintDialog
2024-12-20 17:25 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\ShellExperiences
2024-12-20 17:25 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2024-12-20 17:25 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2024-12-20 17:25 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\appraiser
2024-12-20 17:25 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences
2024-12-20 17:25 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellComponents
2024-12-18 22:05 - 2024-09-11 19:49 - 000000000 ____D C:\Program Files\Microsoft Office
2024-12-18 22:01 - 2024-09-13 20:29 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2024-12-18 22:01 - 2024-09-13 20:28 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-12-18 21:53 - 2024-09-09 19:40 - 000000000 ____D C:\Users\Parek\OneDrive\Dokumenty\Jízdenky
2024-12-18 21:52 - 2024-09-11 19:59 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-12-18 21:52 - 2024-09-11 19:59 - 000002132 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-12-18 21:52 - 2024-09-09 19:39 - 000000000 ____D C:\Users\Parek\OneDrive\Dokumenty\Vstupenky
2024-12-18 21:52 - 2024-09-09 19:22 - 000003596 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3391527302-3298552988-2452015091-1001
2024-12-14 20:34 - 2024-09-09 19:39 - 000002424 _____ C:\Users\Parek\OneDrive\Dokumenty\Default.rdp
==================== Files in the root of some directories ========
2024-11-21 21:24 - 2024-11-21 21:24 - 000000024 _____ () C:\Users\Parek\AppData\Roaming\epm_user.ini
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Adition log:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-01-2025
Ran by Parek (08-01-2025 18:05:22)
Running from C:\tmp\frst
Microsoft Windows 10 Pro Version 22H2 19045.5247 (X64) (2024-09-09 17:32:23)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3391527302-3298552988-2452015091-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3391527302-3298552988-2452015091-503 - Limited - Disabled)
Guest (S-1-5-21-3391527302-3298552988-2452015091-501 - Limited - Disabled)
Parek (S-1-5-21-3391527302-3298552988-2452015091-1001 - Administrator - Enabled) => C:\Users\Parek
WDAGUtilityAccount (S-1-5-21-3391527302-3298552988-2452015091-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton 360 (Enabled - Up to date) {343E1860-FD6F-AB8D-96E4-A5006AA98D2C}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 (Enabled) {0C059945-B700-AAD5-BDBB-0C35947ACA57}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 24.09 (x64) (HKLM\...\7-Zip) (Version: 24.09 - Igor Pavlov)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 24.005.20320 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601102}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AOMEI Partition Assistant 9.6.1 (HKLM-x32\...\AOMEI Partition Assistant_is1) (Version: 9.6.1 - RePack 9649)
Apple Mobile Device Support (HKLM\...\{AAFEC555-4154-4A21-9523-30B8CDE94533}) (Version: 18.0.0.33 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{B292D163-23D2-4523-A699-1ABEC1875609}) (Version: 2.7.0.3 - Apple Inc.)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 131.0.27760.140 - Gen Digital Inc.)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1697.6 - AVAST Software) Hidden
Bitwarden (HKLM\...\173a9bac-6f0d-50c4-8202-4744c69d091a) (Version: 2024.11.1 - Bitwarden Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Command & Conquer Generals (HKLM-x32\...\InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}) (Version: 0.50.0000 - Electronic Arts)
Command and Conquer Remastered Collection (HKLM-x32\...\Command and Conquer Remastered Collection_is1) (Version: - )
Command and ConquerTM Generals Zero Hour (HKLM-x32\...\InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}) (Version: 1.00.0000 - Electronic Arts)
DisplayLink Graphics (HKLM\...\{FF7B0409-B387-4215-B575-7971A6B57F5D}) (Version: 11.2.3146.0 - DisplayLink Corp.)
Epic Games Launcher (HKLM-x32\...\{C5C3EE71-4047-4144-946E-18D500510CB5}) (Version: 1.3.128.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{5122B8BC-D6DF-48FF-8D4E-15A63EEC5073}) (Version: 2.8.1 - Epic Games, Inc.)
FileZilla 3.68.1 (HKLM-x32\...\FileZilla Client) (Version: 3.68.1 - Tim Kosse)
FortiClient (HKLM\...\{B611B858-9363-42FC-AE47-3430D54CCE1B}) (Version: 5.4.1.0840 - Fortinet Inc)
Free Download Manager 3.9.7 (HKLM-x32\...\Free Download Manager_is1) (Version: - FreeDownloadManager.ORG)
FreeTube 0.21.3 (HKLM\...\609c326f-6a5e-5cd1-9fc0-6e966fad073f) (Version: 0.21.3 - PrestonN)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 131.0.6778.205 - Google LLC)
iTunes (HKLM\...\{655EA96D-A278-4566-BECF-50417EF47F1E}) (Version: 12.13.4.4 - Apple Inc.)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Manor Lords [K] (HKLM\...\Manor Lords [K]_is1) (Version: 0.8.004 - K-Repack)
Messenger (HKU\S-1-5-21-3391527302-3298552988-2452015091-1001\...\c1b3adcf-2068-5e8d-b25d-30ce588e3a4c) (Version: 215.6.643112060 - Facebook, Inc.)
Microsoft .NET Host - 8.0.11 (x64) (HKLM\...\{362B4D0D-8438-44DA-86B2-FEC44E000FCA}) (Version: 64.44.23191 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.11 (x64) (HKLM\...\{F59C11F0-D73F-452B-8D1D-8C33B82D8507}) (Version: 64.44.23191 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.11 (x64) (HKLM\...\{9C80213E-9079-4561-8D57-1FDD0D62251F}) (Version: 64.44.23191 - Microsoft Corporation) Hidden
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.18227.20162 - Microsoft Corporation)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.18227.20162 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 131.0.2903.112 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 131.0.2903.112 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.226.1110.0004 - Microsoft Corporation)
Microsoft S/MIME Control for Outlook on the web for Edge/Chrome (HKLM-x32\...\{80C59609-6400-4E37-A0F4-BAF6D3725E60}) (Version: 15.21.18833 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.42.34433 (HKLM-x32\...\{804e7d66-ccc2-4c12-84ba-476da31d103d}) (Version: 14.42.34433.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.42.34433 (HKLM-x32\...\{e7802eac-3305-4da0-9378-e55d1ed05518}) (Version: 14.42.34433.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.42.34433 (HKLM\...\{E1902FC6-C423-4719-AB8A-AC7B2694B367}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.42.34433 (HKLM\...\{382F1166-A409-4C5B-9B1E-85ED538B8291}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.42.34433 (HKLM-x32\...\{84E3E712-6343-484B-8B6C-9F145F019A70}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.42.34433 (HKLM-x32\...\{C2BB95AA-90F3-4891-81C1-A7E565BB836C}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.11 (x64) (HKLM\...\{C0790AA0-0F40-4836-85B2-677B87625E63}) (Version: 64.44.23253 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.11 (x64) (HKLM-x32\...\{bd40e761-3e88-4202-9b53-26c6bed3d467}) (Version: 8.0.11.34221 - Microsoft Corporation)
MiniTool Partition Wizard v12.7 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: 12.7 - MiniTool Software Limited (RePack by Dodakaedr))
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Norton 360 (HKLM\...\Norton 360) (Version: 24.12.9725.1248 - Gen Digital Inc.)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.7.5 - Notepad++ Team)
NVIDIA Graphics Driver 556.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 556.13 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.18227.20082 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.18227.20162 - Microsoft Corporation) Hidden
PDFCreator (HKLM\...\{6F668A7E-FD30-4B9F-A8CD-FC3A0F9AF32A}) (Version: 5.3.1 - Avanquest pdfforge GmbH)
Rise Of Legends (HKLM-x32\...\InstallShield_{CADDE354-C78C-46CB-A006-E2B178EFC271}) (Version: 1.00.0000 - Název spolecnosti:)
Rise of Nations (HKLM-x32\...\RiseOfNationsExpansion 1.0) (Version: 1.0 - Microsoft)
Roblox Player for Parek (HKU\S-1-5-21-3391527302-3298552988-2452015091-1001\...\roblox-player) (Version: - Roblox Corporation)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.21 - VideoLAN)
WinRAR 7.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.01.0 - win.rar GmbH)
Packages:
=========
Bang & Olufsen Audio Control -> C:\Program Files\WindowsApps\AD2F1837.BangOlufsenAudioControl_1.26.249.0_x64__v10z8vjag6ke6 [2024-10-07] (HP Inc.)
Bitwarden -> C:\Program Files\WindowsApps\bitwarden.com-8AD4A5AF_1.0.0.1_neutral__cm1p359qmnrhw [2024-11-17] (bitwarden.com)
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2410.16001.0_x64__8wekyb3d8bbwe [2024-11-14] (Microsoft Corporation) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.967.0_x64__56jybvy8sckqj [2024-12-28] (NVIDIA Corp.)
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt [2024-12-18] (INTEL CORP) [Startup Task]
Thunderbolt™ Control Center -> C:\Program Files\WindowsApps\AppUp.ThunderboltControlCenter_1.0.37.0_x64__8j3eq9eme6ctt [2024-09-09] (INTEL CORP)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2450.6.0_x64__cv1g1gvanyjgm [2024-12-28] (WhatsApp Inc.) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3391527302-3298552988-2452015091-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
ShellIconOverlayIdentifiers: [ BUOverlayExcluded] -> {42DE06EE-09E4-4808-A8AA-F63B1D3F6CE5} => C:\Program Files\Norton\Suite\ashShell.dll [2025-01-06] (NortonLifeLock Inc. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers: [ BUOverlayPending] -> {5A4597A9-CC87-4ED2-A7E5-3BC62CF54901} => C:\Program Files\Norton\Suite\ashShell.dll [2025-01-06] (NortonLifeLock Inc. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers: [ BUOverlayProtected] -> {9C11454A-4B5C-4586-B0BB-E51BB6033668} => C:\Program Files\Norton\Suite\ashShell.dll [2025-01-06] (NortonLifeLock Inc. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.226.1110.0004\FileSyncShell64.dll [2024-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.226.1110.0004\FileSyncShell64.dll [2024-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.226.1110.0004\FileSyncShell64.dll [2024-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.226.1110.0004\FileSyncShell64.dll [2024-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.226.1110.0004\FileSyncShell64.dll [2024-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.226.1110.0004\FileSyncShell64.dll [2024-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.226.1110.0004\FileSyncShell64.dll [2024-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00nll] -> {472083B2-C522-11CF-8763-00608CC02F24} => C:\Program Files\Norton\Suite\ashShell.dll [2025-01-06] (NortonLifeLock Inc. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.226.1110.0004\FileSyncShell64.dll [2024-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.226.1110.0004\FileSyncShell64.dll [2024-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.226.1110.0004\FileSyncShell64.dll [2024-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.226.1110.0004\FileSyncShell64.dll [2024-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.226.1110.0004\FileSyncShell64.dll [2024-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.226.1110.0004\FileSyncShell64.dll [2024-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.226.1110.0004\FileSyncShell64.dll [2024-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [00nll] -> {472083B2-C522-11CF-8763-00608CC02F24} => C:\Program Files\Norton\Suite\ashShell.dll [2025-01-06] (NortonLifeLock Inc. -> Gen Digital Inc.)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.226.1110.0004\FileSyncShell64.dll [2024-12-18] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-11-29] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [norton] -> {472083B2-C522-11CF-8763-00608CC02F24} => C:\Program Files\Norton\Suite\ashShell.dll [2025-01-06] (NortonLifeLock Inc. -> Gen Digital Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00nll] -> {472083B2-C522-11CF-8763-00608CC02F24} => C:\Program Files\Norton\Suite\ashShell.dll [2025-01-06] (NortonLifeLock Inc. -> Gen Digital Inc.)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.226.1110.0004\FileSyncShell64.dll [2024-12-18] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-11-29] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.226.1110.0004\FileSyncShell64.dll [2024-12-18] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvhm.inf_amd64_69784b7a3902e1a0\nvshext.dll [2024-08-05] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-11-29] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [norton] -> {472083B2-C522-11CF-8763-00608CC02F24} => C:\Program Files\Norton\Suite\ashShell.dll [2025-01-06] (NortonLifeLock Inc. -> Gen Digital Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Parek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\53b77523eaecddc1\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Profile 3"
ShortcutWithArgument: C:\Users\Parek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\39a55e8d68262d97\Profile 2 - Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Profile 4"
==================== Loaded Modules (Whitelisted) =============
2016-06-23 14:23 - 2016-06-23 14:23 - 000552978 _____ () [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\sqlite3.dll
2016-06-23 14:25 - 2016-06-23 14:25 - 000145426 _____ (Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\FortiSkin.dll
2016-06-23 14:22 - 2016-06-23 14:22 - 000291346 _____ (Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\FortiTrayResc.dll
2016-06-23 14:23 - 2016-06-23 14:23 - 000061458 _____ (Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\libcfg.dll
2016-06-23 14:24 - 2016-06-23 14:24 - 000408082 _____ (Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\sslvpnlib.dll
2016-06-23 14:22 - 2016-06-23 14:22 - 000716818 _____ (Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\utilsdll.dll
2024-11-02 15:49 - 2024-11-02 15:49 - 000196096 _____ (pdfforge GmbH) [File not signed] C:\Windows\System32\pdfcmon.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\nllSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nllSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-12-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2015-12-03] (Softdeluxe Ltd. -> FreeDownloadManager.ORG)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-12-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-12-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-12-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-12-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-12-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-12-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-12-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-12-18] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3391527302-3298552988-2452015091-1001\...\sharepoint.com -> hxxps://cgiitczech-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 10:14 - 2025-01-04 21:25 - 000000027 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\VMware\VMware Workstation\bin\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\
HKU\S-1-5-21-3391527302-3298552988-2452015091-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Parek\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalCache\Microsoft\IrisService\5628546655569156232\133805776978152479.jpg
DNS Servers: 192.168.88.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Local Area Connection: PPPoP WAN Adapter -> pppop64.sys
VMware Network Adapter VMnet8: VMware Virtual Ethernet Adapter for VMnet8 -> vmnetadapter.sys
Ethernet 5: Fortinet Virtual Ethernet Adapter (NDIS 6.30) -> ftvnic.sys
VMware Network Adapter VMnet1: VMware Virtual Ethernet Adapter for VMnet1 -> vmnetadapter.sys
Bluetooth Network Connection 2: Bluetooth Device (Personal Area Network) #2 -> bthpan.sys
Wi-Fi 2: Intel(R) Wi-Fi 6 AX201 160MHz #2 -> Netwtw10.sys
vmware_bridge: VMware Bridge Protocol
ft_fortifilter: FortiClient NDIS 6.3 Packet Filter Driver
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "vmware-tray.exe"
HKU\S-1-5-21-3391527302-3298552988-2452015091-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-3391527302-3298552988-2452015091-1001\...\StartupApproved\Run: => "com.messenger"
HKU\S-1-5-21-3391527302-3298552988-2452015091-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_D7E5E7C0A9696275910388A174E5F120"
HKU\S-1-5-21-3391527302-3298552988-2452015091-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3391527302-3298552988-2452015091-1001\...\StartupApproved\Run: => "GoogleUpdaterTaskUser132.0.6833.0"
HKU\S-1-5-21-3391527302-3298552988-2452015091-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B605F3CE-F421-4095-AAD9-6D20C57681DE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C4B000B3-904A-42CF-9005-45CC68DD1420}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{70B53AB0-0A4B-4F73-85F4-BDBC6792DC96}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{65B472B7-0627-4046-B1A0-F83EE5E4D876}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0FF19C45-E2FF-4F3C-B64A-66DE5FB73C85}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\ipsec.exe (Fortinet Inc.) [File not signed]
FirewallRules: [{A8DA1959-2F69-4F6F-8A4A-33AF116C36DD}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\fortiesnac.exe (Fortinet Inc.) [File not signed]
FirewallRules: [{5C4EE56C-14B3-42BD-929F-32B8003C0185}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\fortifws.exe (Fortinet Inc.) [File not signed]
FirewallRules: [{D84EE90D-1170-404F-BE48-A33DFF713D0E}] => (Allow) C:\Program Files (x86)\Microsoft Games\Rise of Nations\thrones.exe (Big Huge Games, Inc.) [File not signed]
FirewallRules: [{94DF1953-2C5D-4E9F-8E79-735582A4AD95}] => (Allow) C:\Program Files (x86)\Microsoft Games\Rise of Nations\thrones.exe (Big Huge Games, Inc.) [File not signed]
FirewallRules: [{AA429FCB-F2DE-4C4D-B278-29D9839A93E4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{61FE3BD0-CC98-4AE6-9D2B-DA7E50239E8F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{EC288BE1-A23B-4AE8-9047-909B0A709F1F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{817A5C39-085D-4904-8DBF-EB7D37B3F37A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{525CCC00-F7A1-40AE-A563-DA8B9887D8C7}C:\users\parek\downloads\age of mythology retold\aomrt_s.exe] => (Allow) C:\users\parek\downloads\age of mythology retold\aomrt_s.exe (Tantalus Media Pty Ltd -> Microsoft Corporation)
FirewallRules: [UDP Query User{B1646C64-12E6-4B1E-B9D1-1C56DE874437}C:\users\parek\downloads\age of mythology retold\aomrt_s.exe] => (Allow) C:\users\parek\downloads\age of mythology retold\aomrt_s.exe (Tantalus Media Pty Ltd -> Microsoft Corporation)
FirewallRules: [TCP Query User{BA882022-3AD7-4409-BE01-6EABF84C292B}C:\users\parek\downloads\age of mythology retold\battleserver.exe] => (Allow) C:\users\parek\downloads\age of mythology retold\battleserver.exe (Tantalus Media Pty Ltd -> )
FirewallRules: [UDP Query User{2FF10A1E-FF78-41BB-BAFE-B104E1D8AF6F}C:\users\parek\downloads\age of mythology retold\battleserver.exe] => (Allow) C:\users\parek\downloads\age of mythology retold\battleserver.exe (Tantalus Media Pty Ltd -> )
FirewallRules: [TCP Query User{267035D8-1E6C-40E0-9568-1AEF128DABBE}C:\users\parek\downloads\age of mythology retold\aomrt_s.exe] => (Allow) C:\users\parek\downloads\age of mythology retold\aomrt_s.exe (Tantalus Media Pty Ltd -> Microsoft Corporation)
FirewallRules: [UDP Query User{6A4118F8-9177-4F9D-95FD-2EA08149BEF1}C:\users\parek\downloads\age of mythology retold\aomrt_s.exe] => (Allow) C:\users\parek\downloads\age of mythology retold\aomrt_s.exe (Tantalus Media Pty Ltd -> Microsoft Corporation)
FirewallRules: [TCP Query User{070347D7-6B2A-4EEE-8F81-9213C3BB149E}C:\users\parek\downloads\age of mythology retold\battleserver.exe] => (Allow) C:\users\parek\downloads\age of mythology retold\battleserver.exe (Tantalus Media Pty Ltd -> )
FirewallRules: [UDP Query User{93674AC2-0603-4D1A-B42D-A26F2D7C2AC0}C:\users\parek\downloads\age of mythology retold\battleserver.exe] => (Allow) C:\users\parek\downloads\age of mythology retold\battleserver.exe (Tantalus Media Pty Ltd -> )
FirewallRules: [{9B8B03A9-E587-4334-8DB8-3F7939DD9373}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{601241F7-DFD0-4897-88F1-31B659D95982}C:\users\parek\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\parek\appdata\local\google\chrome\application\chrome.exe => No File
FirewallRules: [UDP Query User{EEB4A53F-1E83-4326-A5AD-AA8D67782882}C:\users\parek\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\parek\appdata\local\google\chrome\application\chrome.exe => No File
FirewallRules: [{E68DA63B-55DD-4BC1-831A-0C3A7C66C66D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.112\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{34917D7B-78AB-4E05-9754-E5C791C5B7FD}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{03ECE3F8-8C0E-4F9A-9384-A83BEB323DCE}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{2BEBBB9B-FF0A-49C6-B7A1-A38E515331D5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{09A25797-8C46-4DC1-9FFA-609ADFFCFAC1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{533199E0-ECCE-4AF1-A37F-1C5F0E346838}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{257C9E53-0817-460B-8F96-A3FB08031119}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{78C4BA2D-3FFD-4F66-97AD-3E446D4F6F58}C:\program files\epic games\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe] => (Allow) C:\program files\epic games\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [UDP Query User{3E0F1D1E-41FB-4213-88E7-1435BE3ECE71}C:\program files\epic games\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe] => (Allow) C:\program files\epic games\kingdomcomedeliverance\bin\win64mastermasterepicpgo\kingdomcome.exe (Warhorse Studios sro) [File not signed]
FirewallRules: [{995F1DB9-E948-4751-AEBC-25456E172E61}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\FortiProxy.exe => No File
FirewallRules: [{587B427A-1A0E-4036-807D-6BC0A8CE4DBD}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\FortiWad.exe => No File
FirewallRules: [{5FB67BE5-8DD9-4305-9B58-A9A2D3211AB9}] => (Allow) C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{47AFE74B-4363-481A-A409-5DDCCE445239}] => (Allow) C:\Program Files\Norton\Suite\NortonUI.exe (NortonLifeLock Inc. -> Gen Digital Inc.)
FirewallRules: [{C4DF92AB-38FF-4D36-99AF-70CCCF9D5111}] => (Allow) C:\Program Files\Norton\Suite\NortonUI.exe (NortonLifeLock Inc. -> Gen Digital Inc.)
FirewallRules: [{653F4031-6DA7-41EF-9F3D-6D5A3751980C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{A3A8616D-B562-43F0-B47D-15E91EE3A9F4}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
==================== Restore Points =========================
06-01-2025 10:16:28 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/06/2025 12:20:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Parek-x360.local already in use; will try Parek-x360-2.local instead
Error: (01/06/2025 12:20:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 Parek-x360.local. Addr 172.20.10.2
Error: (01/06/2025 12:20:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 172.20.10.2:5353 16 Parek-x360.local. AAAA 2A00:11B1:10E0:470C:533F:894A:18D7:DFC9
Error: (01/06/2025 12:20:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 Parek-x360.local. AAAA FE80:0000:0000:0000:D146:099F:C7D2:960E
Error: (01/06/2025 12:20:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 172.20.10.2:5353 16 Parek-x360.local. AAAA 2A00:11B1:10E0:470C:533F:894A:18D7:DFC9
Error: (01/06/2025 12:20:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 4 Parek-x360.local. Addr 172.20.10.2
Error: (01/06/2025 12:20:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 172.20.10.2:5353 16 Parek-x360.local. AAAA 2A00:11B1:10E0:470C:533F:894A:18D7:DFC9
Error: (01/06/2025 10:16:29 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddWin32ServiceFiles: Unable to back up image of service Avast SecureLine VPN since QueryServiceConfig API failed
System Error:
The system cannot find the file specified..
System errors:
=============
Error: (01/08/2025 05:46:46 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Miniport Microsoft Wi-Fi Direct Virtual Adapter #4, {56a4f8e4-1b78-48df-9515-e310e95634d6}, had event 74
Error: (01/07/2025 04:21:40 PM) (Source: DCOM) (EventID: 10010) (User: PAREK-X360)
Description: The server Windows.Media.Capture.Internal.AppCaptureShell did not register with DCOM within the required timeout.
Error: (01/07/2025 04:19:38 PM) (Source: DCOM) (EventID: 10029) (User: PAREK-X360)
Description: The activation of the CLSID Windows.Media.Capture.AppCaptureManager timed out waiting for the service BcastDVRUserService_b0130 to stop.
Error: (01/07/2025 04:16:18 PM) (Source: DCOM) (EventID: 10010) (User: PAREK-X360)
Description: The server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter did not register with DCOM within the required timeout.
Error: (01/07/2025 04:15:37 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Miniport Microsoft Wi-Fi Direct Virtual Adapter #4, {56a4f8e4-1b78-48df-9515-e310e95634d6}, had event 74
Error: (01/06/2025 04:04:25 PM) (Source: DCOM) (EventID: 10010) (User: PAREK-X360)
Description: The server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter did not register with DCOM within the required timeout.
Error: (01/06/2025 11:21:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SecDrv service failed to start due to the following error:
This driver has been blocked from loading
Error: (01/06/2025 11:21:58 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Windows\SysWow64\drivers\SECDRV.SYS
Windows Defender:
================
Date: 2025-01-04 13:34:47
Description:
Prohledávání Microsoft Defender Antivirus bylo zastaveno před dokončením.
ID prohledávání: {47FE5F70-936A-4FBB-B4CD-DBCE6F10249B}
Typ prohledávání: Antimalware
Parametry prohledávání: Quick Scan
Uživatel: NT AUTHORITY\SYSTEM
Date: 2025-01-04 00:17:01
Description:
Prohledávání Microsoft Defender Antivirus bylo zastaveno před dokončením.
ID prohledávání: {9FD109FC-AAD0-403F-94CC-35C23A9C6CE9}
Typ prohledávání: Antimalware
Parametry prohledávání: Quick Scan
Uživatel: NT AUTHORITY\SYSTEM
Date: 2025-01-02 18:11:43
Description:
Prohledávání Microsoft Defender Antivirus bylo zastaveno před dokončením.
ID prohledávání: {BEBA0D7A-EF75-42EB-A344-F6DB0A603CCE}
Typ prohledávání: Antimalware
Parametry prohledávání: Quick Scan
Uživatel: NT AUTHORITY\SYSTEM
Date: 2025-01-01 01:45:29
Description:
Prohledávání Microsoft Defender Antivirus bylo zastaveno před dokončením.
ID prohledávání: {41A867D5-8F54-4908-AF99-ADC52EE25692}
Typ prohledávání: Antimalware
Parametry prohledávání: Quick Scan
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-12-30 08:25:50
Description:
Prohledávání Microsoft Defender Antivirus bylo zastaveno před dokončením.
ID prohledávání: {8D4740D1-60F7-4DEB-882D-F790AEBE7A03}
Typ prohledávání: Antimalware
Parametry prohledávání: Quick Scan
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:
Date: 2024-10-07 21:06:53
Description:
Microsoft Defender Antivirus narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Backup
Kód chyby: 0x80004004
Popis chyby: Operation aborted
Verze bezpečnostních informací: 1.419.377.0;1.419.377.0
Verze modulu: 1.1.24080.9
Date: 2024-10-07 21:06:53
Description:
Microsoft Defender Antivirus narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Current
Kód chyby: 0x80501102
Popis chyby: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.
Verze bezpečnostních informací: 1.419.387.0;1.419.387.0
Verze modulu: 1.1.24080.9
Date: 2024-10-06 23:01:30
Description:
Microsoft Defender Antivirus narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.419.375.0
Předchozí verze bezpečnostních informací: 1.419.373.0
Zdroj aktualizace: User
Typ bezpečnostních informací: AntiSpyware
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.24080.9
Předchozí verze modulu: 1.1.24080.9
Kód chyby: 0x80509004
Popis chyby: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.
Date: 2024-10-06 23:01:30
Description:
Microsoft Defender Antivirus narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.419.375.0
Předchozí verze bezpečnostních informací: 1.419.373.0
Zdroj aktualizace: User
Typ bezpečnostních informací: AntiVirus
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.24080.9
Předchozí verze modulu: 1.1.24080.9
Kód chyby: 0x80509004
Popis chyby: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.
Date: 2024-10-06 23:01:30
Description:
Microsoft Defender Antivirus narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.419.373.0
Zdroj aktualizace: Microsoft Update Server
Typ bezpečnostních informací: AntiVirus
Typ aktualizace: Full
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.24080.9
Kód chyby: 0x80240022
Popis chyby: The program can't check for definition updates.
CodeIntegrity:
===============
Date: 2025-01-08 18:04:12
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Norton\Suite\NortonSvc.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2025-01-08 18:02:24
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: AMI F.20 04/22/2024
Motherboard: HP 86E7
Processor: Intel(R) Core(TM) i7-10750H CPU @ 2.60GHz
Percentage of memory in use: 55%
Total physical RAM: 16081.58 MB
Available physical RAM: 7087.25 MB
Total Virtual: 18513.58 MB
Available Virtual: 8495.11 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:607.6 GB) (Free:87.38 GB) (Model: Seagate IronWolf510 ZP1920NM30001-2S9303) (Protected) NTFS
Drive d: () (Fixed) (Total: ? GB) (Free: ? GB) (Model: Seagate IronWolf510 ZP1920NM30001-2S9303) (Protected) (Locked)
Drive e: () (Fixed) (Total: ? GB) (Free: ? GB) (Model: Seagate IronWolf510 ZP1920NM30001-2S9303) (Protected) (Locked)
\\?\Volume{9025fdea-f346-417e-ab2c-5c0e7875a15c}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{a84bcc09-f93f-421e-aed0-9893fe441ab6}\ () (Fixed) (Total:0.53 GB) (Free:0.08 GB) NTFS
\\?\Volume{f5916b01-d3c0-46d7-ab8a-bd0b50faedd8}\ () (Fixed) (Total:0.54 GB) (Free:0.09 GB) NTFS
\\?\Volume{d2562ee7-52f9-49c2-8814-aab90d85c24d}\ () (Fixed) (Total:0.09 GB) (Free:0.03 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 1788.5 GB) (Disk ID: 0DBB4B75)
Partition: GPT.
==================== End of Addition.txt =======================
Přispějete na provoz fóra?