Prosím o kontrolu logu, děkuji Vyřešeno

[Marťan]

Jak se ptáš, jestli tohle znám, nevím co to je, jedině mě napadá, že jsem v poslední době chodil na stránky Romsfun.com, kde jsou emulátory starých konzolí a image her, zkoušel jsem emulátor Playstation 2, a zkoušel stáhnout Roms nějaké hry, a než jsem to stáhl tak mi vyskočilo několik stránek s reklamama než sěl roms stáhnout, že by to bylo ono?
jinak log zde


Fix result of Farbar Recovery Scan Tool (x64) Version: 18-03-2025
Ran by Martys (20-03-2025 18:11:22) Run:1
Running from C:\Users\Martys\Desktop
Loaded Profiles: Martys
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {5C920335-0E62-4A44-9514-F93B59EF6A08} - System32\Tasks\{02E7D422-0A7D-46A9-900C-BE172CFE1ADD} => H:\TRIPEAKS.EXE (No File)
Task: {378E8122-46B7-4FF3-B10C-1A9244A80021} - System32\Tasks\{1D4B9533-9B47-4633-ABF8-5913524D40A7} => H:\TRIPEAKS.EXE (No File)
Task: {C6C61DDB-75E5-4582-827B-48EC27633CDE} - System32\Tasks\{3BB29E29-89E2-4D7E-87D1-20C4E5C58DBA} => D:\Hry\Stronghold\Stronghold.exe (No File)
Task: {7F7A154A-A664-4687-B613-CE242777D14C} - System32\Tasks\{7021D46B-A7A0-4450-9A63-04629FDB7890} => D:\Hry\Stronghold Crusader.exe (No File)
Task: {7F6A7438-8F2D-482F-BB36-AEC4DB23F04D} - System32\Tasks\{741FC4DC-37F7-4AB2-B68F-6A84FF976976} => D:\Hry\Grand Theft Auto IV\GTAIV.exe (No File)
Task: {73AE571F-BC46-409B-B6F6-A6684B15A651} - System32\Tasks\{79E5A4C2-617A-47E6-9E1D-40A01B2E34E6} => D:\Hry\Stronghold\Stronghold.exe (No File)
Task: {EE5264F2-B73B-4624-AEA3-07744B6A318D} - System32\Tasks\{91873097-9570-4935-A5BD-A587293D815C} => D:\Hry\Stronghold Crusader.exe (No File)
Task: {D8CEF72E-9249-4C5A-8E83-D4273B097038} - System32\Tasks\{A2222AAB-28A5-4926-A207-781DB4573E71} => H:\TRIPEAKS.EXE (No File)
Task: {7702DA08-3D66-4576-8A93-B3C28B20C69C} - System32\Tasks\{BEE85EDE-72F1-479E-9520-9B460B819221} => H:\TRIPEAKS.EXE (No File)
Task: {10FEBC30-8818-4A65-8C07-F426B6B9AF86} - System32\Tasks\{CC1E3A4C-4674-4791-82ED-E0CC37CAE6F2} => D:\Hry\Grand Theft Auto IV\GTAIV.exe (No File)
Task: {F1E94BB2-E773-4275-853F-EE11B268F220} - System32\Tasks\{CC39261F-A5FF-4DAF-A529-5FA5B3A9D27E} => H:\TRIPEAKS.EXE (No File)
Task: {EA10E55E-68D6-4C48-AEBD-89C6EE90C742} - System32\Tasks\{CF7222DB-83A4-4D01-A7CF-CA483951D7D5} => D:\Hry\Grand Theft Auto IV\GTAIV.exe (No File)
Task: {E3A7D4C3-0038-4E3C-961D-93EAF04F2BE5} - System32\Tasks\{D6D98709-5979-4818-B7DF-7C5A0297ABCC} => D:\Hry\Stronghold\Stronghold.exe (No File)
Task: {250AECC2-1410-4D61-B8DF-4C3A998CFFB5} - System32\Tasks\{FF292F72-3998-413C-84E2-CFD64D2E1FED} => H:\TRIPEAKS.EXE (No File)
Task: {F9C04323-6504-45FB-A0BA-C7FBF1EA1818} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-02] (Google Inc -> Google Inc.)
Task: {33F92772-5A9F-4195-9F89-583C17EC9E23} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-02] (Google Inc -> Google Inc.)
CHR HKLM-x32\...\Chrome\Extension: [ccjleegmemocfpghkhpjmiccjcacackp]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
C:\Users\Martys\AppData\Local\AVG
C:\Program Files (x86)\AVAST Software
C:\Users\Martys\AppData\Roaming\AVG
CPUID CPU-Z 1.68 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) <==== ATTENTION
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => -> No File
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
Toolbar: HKU\S-1-5-21-2131128835-2277457285-3308782453-1000 -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
Toolbar: HKU\S-1-5-21-2131128835-2277457285-3308782453-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
IE restricted site: HKU\.DEFAULT\...\123topsearch.com -> http://www.123topsearch.com
IE restricted site: HKU\.DEFAULT\...\125sms.co.uk -> http://www.125sms.co.uk
IE restricted site: HKU\.DEFAULT\...\125sms.com -> http://www.125sms.com
IE restricted site: HKU\.DEFAULT\...\12w.net -> download-video.12w.net
IE restricted site: HKU\.DEFAULT\...\132.com -> http://www.132.com
IE restricted site: HKU\.DEFAULT\...\1337-crew.to -> http://www.1337-crew.to
IE restricted site: HKU\.DEFAULT\...\1337crew.info -> http://www.1337crew.info
IE restricted site: HKU\.DEFAULT\...\136136.net -> down.136136.net
IE restricted site: HKU\.DEFAULT\...\150freesms.de -> http://www.150freesms.de
IE restricted site: HKU\.DEFAULT\...\163ns.com -> ert0003.e76.163ns.com
IE restricted site: HKU\.DEFAULT\...\17-plus.com -> 17-plus.com
IE restricted site: HKU\.DEFAULT\...\171203.com -> 171203.com
IE restricted site: HKU\.DEFAULT\...\17concepts.info -> http://www.17concepts.info
IE restricted site: HKU\.DEFAULT\...\1800searchonline.com -> http://www.1800searchonline.com
IE restricted site: HKU\.DEFAULT\...\180searchassistant.com -> http://www.180searchassistant.com
IE restricted site: HKU\.DEFAULT\...\180solutions.com -> bis.180solutions.com
IE restricted site: HKU\.DEFAULT\...\1987324.com -> http://www.1987324.com
IE restricted site: HKU\.DEFAULT\...\1gb.ru -> people.1gb.ru
IE restricted site: HKU\.DEFAULT\...\1ghporn.info -> http://www.1ghporn.info
IE restricted site: HKU\.DEFAULT\...\1importantiamreal.com -> http://www.1importantiamreal.com
Virustotal: C:\Windows\system32\icarus_rvrt.exe
There are 7844 more sites.

IE restricted site: HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\...\123topsearch.com -> http://www.123topsearch.com
IE restricted site: HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\...\125sms.co.uk -> http://www.125sms.co.uk
IE restricted site: HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\...\125sms.com -> http://www.125sms.com
IE restricted site: HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\...\12w.net -> download-video.12w.net
IE restricted site: HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\...\132.com -> http://www.132.com
IE restricted site: HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\...\1337-crew.to -> http://www.1337-crew.to
IE restricted site: HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\...\1337crew.info -> http://www.1337crew.info
IE restricted site: HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\...\136136.net -> down.136136.net
IE restricted site: HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\...\150freesms.de -> http://www.150freesms.de
IE restricted site: HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\...\163ns.com -> ert0003.e76.163ns.com
IE restricted site: HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\...\17-plus.com -> 17-plus.com
IE restricted site: HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\...\171203.com -> 171203.com
IE restricted site: HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\...\17concepts.info -> http://www.17concepts.info
IE restricted site: HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\...\1800searchonline.com -> http://www.1800searchonline.com
IE restricted site: HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\...\180searchassistant.com -> http://www.180searchassistant.com
IE restricted site: HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\...\180solutions.com -> bis.180solutions.com
IE restricted site: HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\...\1987324.com -> http://www.1987324.com
IE restricted site: HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\...\1gb.ru -> people.1gb.ru
IE restricted site: HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\...\1ghporn.info -> http://www.1ghporn.info
IE restricted site: HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\...\1importantiamreal.com -> http://www.1importantiamreal.com
There are 7842 more sites.

EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => removed successfully

"C:\Windows\system32\GroupPolicy\Machine" Folder move:

C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5C920335-0E62-4A44-9514-F93B59EF6A08}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C920335-0E62-4A44-9514-F93B59EF6A08}" => removed successfully
C:\Windows\System32\Tasks\{02E7D422-0A7D-46A9-900C-BE172CFE1ADD} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{02E7D422-0A7D-46A9-900C-BE172CFE1ADD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{378E8122-46B7-4FF3-B10C-1A9244A80021}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{378E8122-46B7-4FF3-B10C-1A9244A80021}" => removed successfully
C:\Windows\System32\Tasks\{1D4B9533-9B47-4633-ABF8-5913524D40A7} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1D4B9533-9B47-4633-ABF8-5913524D40A7}" => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C6C61DDB-75E5-4582-827B-48EC27633CDE} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C6C61DDB-75E5-4582-827B-48EC27633CDE} => removed successfully
C:\Windows\System32\Tasks\{3BB29E29-89E2-4D7E-87D1-20C4E5C58DBA} => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3BB29E29-89E2-4D7E-87D1-20C4E5C58DBA} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7F7A154A-A664-4687-B613-CE242777D14C} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7F7A154A-A664-4687-B613-CE242777D14C} => removed successfully
C:\Windows\System32\Tasks\{7021D46B-A7A0-4450-9A63-04629FDB7890} => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7021D46B-A7A0-4450-9A63-04629FDB7890} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7F6A7438-8F2D-482F-BB36-AEC4DB23F04D} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7F6A7438-8F2D-482F-BB36-AEC4DB23F04D} => removed successfully
C:\Windows\System32\Tasks\{741FC4DC-37F7-4AB2-B68F-6A84FF976976} => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{741FC4DC-37F7-4AB2-B68F-6A84FF976976} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{73AE571F-BC46-409B-B6F6-A6684B15A651} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73AE571F-BC46-409B-B6F6-A6684B15A651} => removed successfully
C:\Windows\System32\Tasks\{79E5A4C2-617A-47E6-9E1D-40A01B2E34E6} => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{79E5A4C2-617A-47E6-9E1D-40A01B2E34E6} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EE5264F2-B73B-4624-AEA3-07744B6A318D} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EE5264F2-B73B-4624-AEA3-07744B6A318D} => removed successfully
C:\Windows\System32\Tasks\{91873097-9570-4935-A5BD-A587293D815C} => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{91873097-9570-4935-A5BD-A587293D815C} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D8CEF72E-9249-4C5A-8E83-D4273B097038}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D8CEF72E-9249-4C5A-8E83-D4273B097038}" => removed successfully
C:\Windows\System32\Tasks\{A2222AAB-28A5-4926-A207-781DB4573E71} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A2222AAB-28A5-4926-A207-781DB4573E71}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7702DA08-3D66-4576-8A93-B3C28B20C69C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7702DA08-3D66-4576-8A93-B3C28B20C69C}" => removed successfully
C:\Windows\System32\Tasks\{BEE85EDE-72F1-479E-9520-9B460B819221} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BEE85EDE-72F1-479E-9520-9B460B819221}" => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{10FEBC30-8818-4A65-8C07-F426B6B9AF86} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10FEBC30-8818-4A65-8C07-F426B6B9AF86} => removed successfully
C:\Windows\System32\Tasks\{CC1E3A4C-4674-4791-82ED-E0CC37CAE6F2} => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CC1E3A4C-4674-4791-82ED-E0CC37CAE6F2} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F1E94BB2-E773-4275-853F-EE11B268F220}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F1E94BB2-E773-4275-853F-EE11B268F220}" => removed successfully
C:\Windows\System32\Tasks\{CC39261F-A5FF-4DAF-A529-5FA5B3A9D27E} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CC39261F-A5FF-4DAF-A529-5FA5B3A9D27E}" => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EA10E55E-68D6-4C48-AEBD-89C6EE90C742} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EA10E55E-68D6-4C48-AEBD-89C6EE90C742} => removed successfully
C:\Windows\System32\Tasks\{CF7222DB-83A4-4D01-A7CF-CA483951D7D5} => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CF7222DB-83A4-4D01-A7CF-CA483951D7D5} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E3A7D4C3-0038-4E3C-961D-93EAF04F2BE5} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3A7D4C3-0038-4E3C-961D-93EAF04F2BE5} => removed successfully
C:\Windows\System32\Tasks\{D6D98709-5979-4818-B7DF-7C5A0297ABCC} => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D6D98709-5979-4818-B7DF-7C5A0297ABCC} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{250AECC2-1410-4D61-B8DF-4C3A998CFFB5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{250AECC2-1410-4D61-B8DF-4C3A998CFFB5}" => removed successfully
C:\Windows\System32\Tasks\{FF292F72-3998-413C-84E2-CFD64D2E1FED} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FF292F72-3998-413C-84E2-CFD64D2E1FED}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F9C04323-6504-45FB-A0BA-C7FBF1EA1818}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9C04323-6504-45FB-A0BA-C7FBF1EA1818}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{33F92772-5A9F-4195-9F89-583C17EC9E23}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{33F92772-5A9F-4195-9F89-583C17EC9E23}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ccjleegmemocfpghkhpjmiccjcacackp => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ihcjicgdanjaechkgeegckofjjedodee => removed successfully

"C:\Users\Martys\AppData\Local\AVG" Folder move:

C:\Users\Martys\AppData\Local\AVG => moved successfully

"C:\Program Files (x86)\AVAST Software" Folder move:

C:\Program Files (x86)\AVAST Software => moved successfully

"C:\Users\Martys\AppData\Roaming\AVG" Folder move:

C:\Users\Martys\AppData\Roaming\AVG => moved successfully
CPUID CPU-Z 1.68 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) <==== ATTENTION => Error: No automatic fix found for this entry.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt1" => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt2" => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt3" => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt4" => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt5" => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt6" => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt7" => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\"DropboxExt8" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => removed successfully
"HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{759D9886-0C6F-4498-BAB6-4A5F47C6C72F}" => removed successfully
"HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => removed successfully
HKLM\Software\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\123topsearch.com => removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\125sms.co.uk => removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\125sms.com => removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\12w.net => removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\132.com => removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1337-crew.to => removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1337crew.info => removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\136136.net => removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\150freesms.de => removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\163ns.com => removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\17-plus.com => removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\171203.com => removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\17concepts.info => removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1800searchonline.com => removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\180searchassistant.com => removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\180solutions.com => removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1987324.com => removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1gb.ru => removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1ghporn.info => removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1importantiamreal.com => removed successfully
Virusscan: C:\Windows\system32\icarus_rvrt.exe => https://virusscan.jotti.org/filescanjob/zenrx0fyje
There are 7844 more sites. => Error: No automatic fix found for this entry.
HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\123topsearch.com => removed successfully
HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\125sms.co.uk => removed successfully
HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\125sms.com => removed successfully
HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\12w.net => removed successfully
HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\132.com => removed successfully
HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1337-crew.to => removed successfully
HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1337crew.info => removed successfully
HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\136136.net => removed successfully
HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\150freesms.de => removed successfully
HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\163ns.com => removed successfully
HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\17-plus.com => removed successfully
HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\171203.com => removed successfully
HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\17concepts.info => removed successfully
HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1800searchonline.com => removed successfully
HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\180searchassistant.com => removed successfully
HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\180solutions.com => removed successfully
HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1987324.com => removed successfully
HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1gb.ru => removed successfully
HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1ghporn.info => removed successfully
HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1importantiamreal.com => removed successfully
There are 7842 more sites. => Error: No automatic fix found for this entry.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 81139887 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 607977901 B
Windows/system/drivers => 756711 B
Edge => 0 B
Chrome => 465145013 B
Firefox => 53592263 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 33058 B
systemprofile32 => 66548 B
LocalService => 66548 B
NetworkService => 66548 B
Martys => 28432902 B
UpdatusUser => 28432902 B

RecycleBin => 272846163 B
EmptyTemp: => 1.4 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:11:58 ====

[Reklama]

[jaro3]

To bude ono. Jak to vypadá s PC nyní?

[Marťan]

Takhle. Ikdyž PC je už stařík, vše mi šlape svižně, já ho používám většinou jen na internet a na Strongholdy . Problémy jsem měl spíš jen když jsem byl na netu. Klikl jsem třeba na seznamu na novinky, nějakou stránku jsem chtěl otevřít a vyskočil mi norton a zablokoval stránku a podobně. Takže radši ty roms her radši nestahovat?
Jěště se zeptám, už delší dobu nemůžu v příslušenství, jak jsou programy co obsahují Winy, jak je tam třeba ten poznámkový blok atd., prostě mi tam zmizel program Malování, jako zas ho tak nutně nepotřebuji ale netuším proč tam zmizel.
Napiš další postup, jestli už je to vše nebo co a jak. Díky moc.

[Marťan]

Akorát mi u některých stránek když otevřu, třeba české stránky s eshopem vyskočí tohle

https://webshare.cz/#/file/jvHfb6dwod/2 ... 161857-jpg
https://webshare.cz/#/file/ypgkus4m1r/2 ... 161932-jpg
https://webshare.cz/#/file/MmAOUotscf/2 ... 162016-jpg

[jaro3]

Stáhni si OTL by OldTimer
https://www.bleepingcomputer.com/download/otl/

na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
http://www.geekstogo.com/forum/topic/27 ... er-listit/

[Marťan]

OTL Extras logfile created on: 25.3.2025 18:05:20 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Martys\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.19399)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

11,95 Gb Total Physical Memory | 8,01 Gb Available Physical Memory | 67,03% Memory free
23,89 Gb Paging File | 19,13 Gb Available in Paging File | 80,10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 195,21 Gb Total Space | 23,22 Gb Free Space | 11,90% Space Free | Partition Type: NTFS
Drive D: | 698,94 Gb Total Space | 78,02 Gb Free Space | 11,16% Space Free | Partition Type: NTFS
Drive E: | 100,00 Mb Total Space | 61,63 Mb Free Space | 61,63% Space Free | Partition Type: NTFS
Drive G: | 100,00 Mb Total Space | 61,63 Mb Free Space | 61,63% Space Free | Partition Type: NTFS
Drive H: | 195,21 Gb Total Space | 195,12 Gb Free Space | 99,95% Space Free | Partition Type: NTFS
Drive I: | 736,20 Gb Total Space | 20,90 Gb Free Space | 2,84% Space Free | Partition Type: NTFS

Computer Name: MARTYS-PC | User Name: Martys | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Winamp SA)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Winamp SA)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Winamp SA)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Winamp SA)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Winamp SA)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Winamp SA)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{069D3064-66FE-49C4-96F0-46084D93DE00}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{07B6D24D-DDFF-4975-965E-609B697363B0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0A8FA521-B2AB-44FA-ADDC-9D06FB2E3361}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0E0351FE-8E7C-42D4-AA70-6603FC1E163D}" = rport=445 | protocol=6 | dir=out | app=system |
"{194E8FC5-B049-4A9A-B725-1C68B7C3409D}" = lport=137 | protocol=17 | dir=in | app=system |
"{1BCBF5B6-5B7F-404A-8466-AF684F4438AD}" = lport=10243 | protocol=6 | dir=in | app=system |
"{23B8015C-85F8-411E-986B-19905D02509B}" = rport=138 | protocol=17 | dir=out | app=system |
"{321CFF63-F914-4DAB-BEDA-95098A89DE70}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{453C716F-E6CC-4BF9-8BCD-DD554334A64F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{45A87B17-2F60-404F-93C0-DBC8FF7747A3}" = lport=445 | protocol=6 | dir=in | app=system |
"{4785E42B-20EC-4A43-96D2-D107F44A7CFC}" = rport=10243 | protocol=6 | dir=out | app=system |
"{519A56FC-10E8-4528-8D29-F50AE74E2942}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5350A2CF-2263-454F-90E8-762C48E8A95A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{55FDF157-6BD8-4B6F-8C3C-B33DA8CFDC95}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{5EECABF7-6C57-4FA1-BC86-7FD31B985B81}" = lport=138 | protocol=17 | dir=in | app=system |
"{663B1725-6D24-4E45-A63D-3333C58E0811}" = lport=8743 | protocol=6 | dir=in | name=allshareframeworkdms action tcp port |
"{73B780C4-93E4-4AEA-A4CE-7B6A75F77DB9}" = lport=7900 | protocol=6 | dir=in | name=allshareframework dms service udp port2 |
"{793E2A45-4B9C-49CB-8F84-AE0509D44A28}" = lport=24234 | protocol=6 | dir=in | name=allshareframework dms service udp port1 |
"{798856CF-8B6A-4030-BA42-167DE47233A6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{81B59487-3BED-424C-B8B3-6ED80CB398B7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{820D2491-11C6-4855-AA79-D35D0245C17A}" = lport=8643 | protocol=6 | dir=in | name=allshareframeworkdms event tcp port |
"{932694FC-97FC-4366-ADCC-E79C0CB5E6E7}" = lport=1900 | protocol=6 | dir=in | name=upnp multicast port |
"{9F6700C7-CA18-4EA9-8FE3-AE64155C6CB2}" = rport=139 | protocol=6 | dir=out | app=system |
"{A668C0AA-A76F-4D12-BE7F-5346CAC278E2}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{A860DF7B-6EFD-4456-9579-A0CE286C323D}" = lport=7679 | protocol=6 | dir=in | name=allshareframeworkdms service tcp port2 |
"{B9ADDDDC-6426-4EC7-9CDB-39D1C42B172D}" = lport=7676 | protocol=6 | dir=in | name=allshareframeworkdms service tcp port1 |
"{CD8D58E7-37A7-478D-8B43-FEE8A3BB1D73}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D01D8F9D-B44C-4086-96AE-7BF55541C4B9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D23EE272-48BC-4931-916F-89C460527717}" = lport=139 | protocol=6 | dir=in | app=system |
"{D67AEFE0-766F-45EE-9FDB-990F0FD2707A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E77B4D99-3ED6-4540-A6DF-F42CA293D709}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F354266C-C254-4DB4-A46A-4C8DFCA8E71D}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{FD49FA4F-7DED-459E-A136-35F169C32566}" = rport=137 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0012D02F-37A3-4C36-83C0-5128BFA0DAE3}" = protocol=6 | dir=in | app=c:\program files\softdeluxe\free download manager\fdm.exe |
"{016D3B7C-075F-46F6-9703-1CC62D11B015}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 17\programs\ngstudio.exe |
"{0342459C-0259-408A-BAC4-9FDFA27B2333}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer_service.exe |
"{053E050C-BA63-4872-90C0-CCEF4A97250E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam1\steamapps\common\stronghold\stronghold.exe |
"{0617F6AE-BA01-4C6A-A1C2-474918F24978}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\ai suite ii\ai suite ii.exe |
"{0623A31F-EB83-48D1-8099-DB9C36765BFC}" = protocol=1 | dir=in | name=pingplotter 5 allow icmp for udp ping |
"{0D3F1314-F455-4AF6-8EC6-A2AFAC70F8C7}" = dir=in | app=c:\program files\samsung\samsung link\samsung link tray agent.exe |
"{0DD62779-1312-45EE-BF65-BED134A054C9}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{0FC75816-F412-4FC2-AC45-2BFD3730F89A}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero blu-ray player\blu-rayplayer.exe |
"{113BFDB8-C236-4CA3-8E8B-886394F4839D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{132F5965-E0C0-431D-8C8C-82315DBACC7A}" = dir=in | app=c:\program files\samsung\samsung link\samsung link tray agent.exe |
"{133072F4-BCD5-48D4-8406-4E73C628D8C1}" = protocol=17 | dir=in | app=c:\program files (x86)\asus\ai suite ii\ai suite ii.exe |
"{16F431F0-E927-4250-9E61-6EA6F710D265}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{1808DD23-8C30-499C-8A56-2DB2214F824D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{19D52879-0A28-4927-9E4E-C38799D249C7}" = protocol=6 | dir=in | app=c:\program files\samsung\allshare framework dms\1.3.23\allshareframeworkdms.exe |
"{1CDBE6C9-80CD-44C5-ACB2-5EE7F490BD1F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1FA44204-01B0-4EBE-9503-56C9D1883DBC}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{1FA64ADD-23AC-432F-BA0B-AFC111667F5D}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer_service.exe |
"{21507C46-0B33-4307-879A-5291D49629AF}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\km\nmdllhost.exe |
"{21DB1409-B950-4EA4-816C-28D204D2C920}" = protocol=17 | dir=in | app=c:\program files (x86)\steam1\steamapps\common\stronghold crusader extreme\stronghold crusader.exe |
"{24B14A3A-E508-4430-83DD-48E7DD11F097}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{25872C52-A6D7-4BA9-9246-A643B3488245}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer.exe |
"{261D535B-369E-47FE-917B-A1D024CA38FA}" = dir=out | app=c:\program files\samsung\samsung link\samsung link tray agent.exe |
"{2AAC05D0-1B27-41B4-BDD5-7A90F536F321}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{2E1DDE0F-F31B-4BB2-9215-CC0C6A8E273B}" = protocol=6 | dir=out | app=system |
"{32CC3A95-8F79-4162-8E70-C35DF16E81BD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam1\steamapps\common\kholat\kholat.exe |
"{34E8F699-DDF0-4CC5-9DCE-5CD9A6051990}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{35461BBE-D827-4D61-827D-119908F4205D}" = protocol=17 | dir=in | app=d:\hry\assassin's creed\assassinscreed_dx9.exe |
"{3C6C1DA9-13E5-4F25-ABCB-AEDA2FADBD2F}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{40020B8A-C87D-4074-871C-8FB7CD5D5ACD}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{4699E165-CC19-4305-81F2-1770B574B732}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4A595E10-BB9D-4E0D-B56E-0EC1A8396834}" = dir=in | app=c:\program files\samsung\samsung link\samsung link tray agent.exe |
"{4E8B28A2-78C9-4988-B222-A6748CEF90C5}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 17\programs\ngstudio.exe |
"{4EBE6DE0-62CC-4223-A741-41E109801CC9}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{50A4B1DB-FC9C-4137-8082-1D31668BC9F2}" = protocol=6 | dir=in | app=c:\program files\softdeluxe\free download manager\fdm.exe |
"{50D4BBA3-53C5-472F-9D90-2DB06B841880}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{520CE306-AAF9-46CE-9A4F-E8896AB3DA40}" = dir=out | app=c:\program files\samsung\samsung link\samsung link tray agent.exe |
"{561C55AD-869E-493D-B037-9332EEE49AEC}" = dir=in | app=c:\program files\samsung\samsung link\samsung link.exe |
"{59B88E00-92B9-446F-B63C-0FF7B00EAB3D}" = protocol=17 | dir=in | app=c:\program files\softdeluxe\free download manager\fdm.exe |
"{5E7F8366-02C5-43F9-85B6-8D63FA890FED}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{5EBD5FF2-D64B-480E-8785-9BADF6346D4B}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 17\programs\rm.exe |
"{6785CE28-2FA6-48E2-B35D-B23DB4E75FA5}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{68658347-E667-433C-B6EB-CAAAF5D2118B}" = dir=out | app=c:\program files\samsung\samsung link\samsung link tray agent.exe |
"{69A02064-AE4B-41AB-BE6F-106459C7D8F5}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer.exe |
"{6D1DC928-D861-46D5-AE34-A57C909E22DC}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{72108FCE-141B-4BD6-B631-0A3045E5713A}" = protocol=17 | dir=in | app=d:\hry\steamlibrary\steamapps\common\war thunder\launcher.exe |
"{72A1DF7C-E4F4-40AF-A2B6-98F2F2120AB9}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{734FD1DE-1BCC-4DA8-8373-A151FDC14792}" = dir=in | app=c:\program files\samsung\samsung link\samsung link.exe |
"{73879E5C-4716-4C23-AA79-054D193C4C51}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{75F0E797-7D4D-4F2B-B140-9342D7540EB5}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\ai suite ii\ai suite ii.exe |
"{7676BB09-919E-4B24-A213-88E765B7B9EA}" = dir=out | app=c:\program files\samsung\samsung link\samsung link.exe |
"{785629F1-A796-48B4-9C59-FA7EC401A9FF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam1\steamapps\common\kholat\kholat.exe |
"{7963FFF4-F688-419E-B595-3BCA25ADBAA4}" = dir=in | app=c:\program files\samsung\samsung link\samsung link.exe |
"{7C4328A3-8E0C-4733-A3A7-30746886CFB0}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7F7E21B8-81AC-45AA-A7E9-954449BA5B1A}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 17\programs\umi.exe |
"{813F8A08-B65C-4144-BFA4-67895DB95BD2}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{82340C4B-8569-4D7B-A101-D407BE1D55B2}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{85F380F9-0059-4B61-9D33-6497EE7B5783}" = dir=in | app=c:\program files\samsung\samsung link\samsung link tray agent.exe |
"{86E0293E-ED0C-4DF8-B0FC-83500B54D523}" = protocol=6 | dir=in | app=d:\hry\assassin's creed\assassinscreed_dx10.exe |
"{890D6F0B-5A23-4029-9FF4-2B20ABDA9F6B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam1\steam.exe |
"{8A46BFA2-6884-458F-8394-364CCAD887F8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam1\steam.exe |
"{8EE695AC-CF18-449F-ADB5-C1B22B11B22A}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{9019CF02-5988-4C2B-B208-6A51B1B4CEB7}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero blu-ray player\blu-rayplayer.exe |
"{91E5D3B6-3ACB-4A14-B256-F5ABF6A973D0}" = protocol=17 | dir=in | app=d:\hry\assassin's creed\assassinscreed_dx10.exe |
"{96BA9243-EE8E-44E9-9974-AB3C5FBA2AA8}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\km\nmdllhost.exe |
"{990701EF-2847-4A93-8801-1B83E38EF8B2}" = dir=in | app=c:\program files\samsung\samsung link\samsung link.exe |
"{9C744B39-4377-40ED-928A-2BC594C32A2B}" = protocol=6 | dir=in | app=d:\hry\stronghold crusader extreme hd\stronghold crusader.exe |
"{A4D07018-7121-42FD-9CE6-0E66B7463D10}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{ABA0D462-E33B-4644-A005-EEEEC69215CB}" = dir=in | app=c:\windows\syswow64\tcpsvcs.exe |
"{AD4ECF65-22A1-404D-AA9C-0F96A17EDF2E}" = protocol=17 | dir=in | app=c:\program files\softdeluxe\free download manager\fdm.exe |
"{AF0DE91E-74AD-45F6-84E1-3057FD3DE07D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam1\bin\cef\cef.win7x64\steamwebhelper.exe |
"{B059A4DD-A731-4B83-96D5-F487FCC2AAEC}" = protocol=6 | dir=in | app=d:\hry\assassin's creed\assassinscreed_launcher.exe |
"{B251686A-2332-44A9-B56B-EC3A139DF4B7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{B2978825-7FFF-4F70-A464-1FD0D14506D5}" = protocol=6 | dir=in | app=c:\program files\norton\suite\nortonui.exe |
"{B5F83384-50FA-43B5-A4B5-3B2EFE4CD196}" = dir=out | app=c:\program files\samsung\samsung link\samsung link.exe |
"{B8DCFDC7-36B6-4046-8C70-5753EBF66E99}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BC3EB520-C433-4F3A-9ACE-63E69CDD7DBB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam1\bin\cef\cef.win7x64\steamwebhelper.exe |
"{C2432971-7612-4769-855A-F891A1D79C0A}" = protocol=17 | dir=in | app=d:\hry\assassin's creed\assassinscreed_launcher.exe |
"{C246E5F5-03C1-41E7-B972-A108C046AE95}" = dir=out | app=c:\program files\samsung\samsung link\samsung link tray agent.exe |
"{C2966E56-2B80-4A7F-B479-F9CC8C5A0EF5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam1\steamapps\common\stronghold crusader extreme\stronghold crusader.exe |
"{C331D153-88E2-4DF0-95AE-BCE8A2BF1132}" = protocol=6 | dir=in | app=d:\hry\assassin's creed\assassinscreed_dx9.exe |
"{C4CD9D8E-7C29-4D51-A735-3FB7CE6078FA}" = protocol=17 | dir=in | app=d:\hry\stronghold crusader extreme hd\stronghold crusader.exe |
"{C5452E04-8EA1-4900-B181-7CC666A885F6}" = protocol=17 | dir=in | app=d:\hry\steamlibrary\steamapps\common\half-life 2\hl2.exe |
"{C72CBE97-BBD0-497D-997A-A9DBD2690A0F}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 17\programs\rm.exe |
"{CCBB63C5-25DC-436D-9F2A-824EB2B941CF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{CEB23868-26E2-4A12-8349-EB587DABD224}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D07C9FAF-E856-4559-974A-7A9845E2932E}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{D10C6282-C4D0-409C-9FF2-2DD96529C5AF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D2CC72FA-2AA8-41D8-9A7C-8F67CE1E178A}" = protocol=6 | dir=in | app=d:\hry\steamlibrary\steamapps\common\half-life 2\hl2.exe |
"{D4C2511C-8689-49E2-A09D-4393DF37DBDD}" = dir=out | app=c:\program files\samsung\samsung link\samsung link.exe |
"{D67938F0-F4F6-4CA1-8C38-63D7065C19B0}" = protocol=58 | dir=in | name=pingplotter 5 allow icmpv6 for udp ping |
"{D6C8A7E1-8312-4645-AE6D-5A81B67B2B89}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{DE277855-F591-4729-B961-7FA9C6C76B93}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{E2D27AF1-DBFD-4C5B-947A-2737F90AAB2D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam1\steamapps\common\stronghold\stronghold.exe |
"{E4430B9C-4697-43EA-8D1B-D365C7242816}" = protocol=6 | dir=in | app=d:\hry\steamlibrary\steamapps\common\war thunder\launcher.exe |
"{E789E886-BED5-40EF-8143-7BC8E28E7C1E}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 17\programs\umi.exe |
"{E815334A-0B8C-4830-9581-C4E0E345B751}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{ECA80055-0F99-406B-8A51-355AF15A5028}" = dir=out | app=c:\program files\samsung\samsung link\samsung link.exe |
"{EEC8AA9C-0CA6-488A-B6A1-AD9C94B3822A}" = dir=in | app=c:\program files\urbanvpn\bin\urbanvpn.exe |
"{F2F40EF7-5692-4121-A48F-9B895FD12FB6}" = protocol=17 | dir=in | app=c:\program files\norton\suite\nortonui.exe |
"{F41DC4BC-0BC7-4680-A3D9-A5AA13D7DD95}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F50DCDBA-6EB4-40A1-BFAB-A429F2AA1837}" = protocol=17 | dir=in | app=c:\program files\samsung\allshare framework dms\1.3.23\allshareframeworkdms.exe |
"{F7D99858-E7F7-43C7-AB54-5551CBA1A4F4}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{223A7289-7FFA-40EF-B214-6590F6CF4A9C}D:\hry\steamlibrary\steamapps\common\war thunder\win64\aces.exe" = protocol=6 | dir=in | app=d:\hry\steamlibrary\steamapps\common\war thunder\win64\aces.exe |
"TCP Query User{95C4A88A-CC0F-4B6B-BE82-53713F941307}C:\program files (x86)\steam1\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam1\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe |
"TCP Query User{9F879E47-0820-48E8-925E-5205C4E8AAA8}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{B19F7574-8E79-4485-BB04-6636555481C2}C:\program files\kodi\kodi.exe" = protocol=6 | dir=in | app=c:\program files\kodi\kodi.exe |
"TCP Query User{B96B24F0-5F00-47D1-87BB-045EFC8DB741}C:\program files\perfectplayer\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\perfectplayer\jre\bin\javaw.exe |
"UDP Query User{17F249AC-A947-45D9-BE84-6D94E16712FA}C:\program files (x86)\steam1\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam1\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe |
"UDP Query User{780A5C48-9650-48B3-A01C-26DFE2E648B2}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"UDP Query User{B4903B3E-C299-4A5B-90B1-2C39FB1275AB}C:\program files\kodi\kodi.exe" = protocol=17 | dir=in | app=c:\program files\kodi\kodi.exe |
"UDP Query User{B8BE316A-E748-4B18-AC84-96F7F9D680BF}D:\hry\steamlibrary\steamapps\common\war thunder\win64\aces.exe" = protocol=17 | dir=in | app=d:\hry\steamlibrary\steamapps\common\war thunder\win64\aces.exe |
"UDP Query User{E18DCCBF-8C68-4169-A459-B98121D9578C}C:\program files\perfectplayer\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\perfectplayer\jre\bin\javaw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0A8A841B-29C4-4947-BF59-241216B4D904}" = Microsoft SQL Server Compact 4.0 x64 CSY
"{0C1D4CF2-5575-4786-834C-B0FC977E9714}}_is1" = Free Download Manager
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP270_series" = Canon MP270 series MP Drivers
"{1444D2EE-C7AD-44A8-844F-2634B49353D1}" = Logitech Gaming Software 5.10
"{16735AF7-1D8D-3681-94A5-C578A61EC832}" = Microsoft .NET Framework 4.8
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{2E15F519-4FDA-4834-B4EE-7EFCE7D8D4EE}" = Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.42.34438
"{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1" = Malwarebytes version 5.2.8.173
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{39DC4515-B8C1-3AD9-AA88-D7C8A333612F}" = Microsoft .NET Framework 4.8 (CSY)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{59490235-997B-40C5-A1C3-75753D52B3E8}" = Windows 7 Manager
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{73DC7680-5D9C-4761-A348-EB2227D2D9D9}_is1" = Perfect Player version 1.1.0
"{77724AE4-039E-4CA4-87B4-2F64180441F0}" = Java 8 Update 441 (64-bit)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{83232C27-8C3F-44A5-9EB2-BB7161228ADD}" = AllShare Framework DMS
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A837C47-2B21-4FDF-8370-41A1EB6A26E8}" = Microsoft Xbox 360 Accessories 1.1
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2010
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.8 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.8
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{AD2B0230-7DFC-E8C6-D1F9-0C946101DF27}" = AMD Catalyst Install Manager
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel" = NVIDIA Ansel
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 431.36
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 431.36
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.14.0702
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.38.16
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer" = NVIDIA Display Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS" = NVIDIA Display Container LS
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayPluginWatchdog" = NVIDIA Display Watchdog Plugin
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplaySessionContainer" = NVIDIA Display Session Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry" = NVIDIA Telemetry Client
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetryContainer" = NVIDIA Telemetry Container
"{C17A08BC-380B-4EF5-BF19-0DBCBA28FC47}" = UrbanVPN
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{CFF1450F-71E9-4286-82AE-99E6D797CAD3}" = Speedtest by Ookla
"{E528AD94-12D7-42C4-91A3-908BE28E9BD2}" = Microsoft Visual C++ 2022 X64 Additional Runtime - 14.42.34438
"{EECB2736-D013-5AC5-9917-7656712F6931}" = Java 10.0.2 (64-bit)
"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
"8474-7877-9059-0204" = Samsung Link 2.0.0.1603031617
"8B3D7924-ED89-486B-8322-E8594065D5CB_is1" = Adlice Protect version 16.1.1.0
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.68
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.24
"CrystalDiskInfo_is1" = CrystalDiskInfo 9.6.2
"CrystalDiskMark_is1" = CrystalDiskMark 3.0.2f
"Defraggler" = Defraggler
"HWiNFO64_is1" = HWiNFO64 Version 4.36
"Logitech Gaming Software" = Logitech Gaming Software 9.02
"Mozilla Firefox 115.21.0 ESR (x64 cs)" = Mozilla Firefox ESR (x64 cs)
"Mozilla Firefox 115.21.0 ESR (x64 en-US)" = Mozilla Firefox ESR (x64 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Norton 360" = Norton 360
"PotPlayer64" = PotPlayer-64 bit
"PPSSPP_is1" = PPSSPP
"Puran File Recovery_is1" = Puran File Recovery 1.2
"Steam App 343710" = KHOLAT
"Steam App 40950" = Stronghold HD
"Steam App 40970" = Stronghold Crusader HD
"TAP-Windows" = TAP-Windows 9.24.2
"Total Uninstall 6_is1" = Total Uninstall 6.1.0
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
"UrbanVPN 2.3.0.3" = UrbanVPN
"WinRAR archiver" = WinRAR 5.01 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0CF7D22B-977C-43B2-9219-E03017FBAC6D}" = Nero Recode Help (CHM)
"{1045AB6F-6151-3634-8C2C-EE308AA1A6A7}" = Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23506
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1B6F5E51-575E-4693-BCA2-7543570D076D}" = Nero Kwik Themes Basic
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{23daf363-3020-4059-b3ae-dc4ad39fed19}" = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506
"{2432E589-6256-4513-B0BF-EFA8E325D5F0}" = Nero SharedVideoCodecs
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 6.22
"{28B758EA-5C83-48B1-B352-C70F12C73F5A}" = FFB Racing Wheel drivers
"{29F67D84-3A70-456E-806A-52301B02070B}" = Nero Effects Basic
"{2C46D3D4-44A5-42B8-948F-F970EE7362F3}" = PingPlotter 5
"{2FA75B40-17C9-4D22-88CA-80A5D52FAB13}" = LightScribe System Software
"{323dad84-0974-4d90-a1c1-e006c7fdbb7d}" = Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{36DA8969-4DCD-48FF-894A-6BD3936050C3}" = Nero Blu-ray Player Help (CHM)
"{3DA8F808-72E2-4361-82EC-433081D23005}" = Pinnacle Studio 17
"{40E51513-D917-4563-84F6-4EF6ADD46E2F}" = Nero Recode
"{49BE9B8A-E858-4533-A74A-64306C13DB59}" = ASUS Product Register Program
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CA46F9F-174C-4766-9EA2-2325DF414B9E}" = Nero Express Help (CHM)
"{4DB136AF-389B-4A34-AE34-50123559D08E}" = Nero MediaHome
"{511B5F54-CB1D-4F5B-BE0E-09B1D86BE586}" = Nero Video
"{5446D3AF-B060-49B6-9535-F300E1532022}" = Nero Video Help (CHM)
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{581DCE84-1948-4891-A4A7-A1222CC137C5}" = Nero RescueAgent
"{5909A89E-C97F-407C-AE2B-47BDED86BF5D}" = Prerequisite installer
"{616CD10B-1EC7-41D2-8C14-3ECE93E7AEE9}_is1" = Pinnale Systems Software Keys
"{65AD78AD-D23D-3A1E-9305-3AE65CD522C2}" = Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23506
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{6b384f34-10c8-4c10-ba08-345168bda7e8}" = Horizon
"{6BCA2AC7-7BC2-4011-BE10-143BDFD43D6C}" = Horizon
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72CE541B-52BD-4FA1-8CD6-19341939AB21}" = Richard Burns Rally
"{74CECDD9-4B8E-4AE3-9571-8070A17F3C34}" = EZCast
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{75CA8AAE-5346-4312-A9A8-5CF89955930F}" = Nero MediaHome Help (CHM)
"{7f51bdb9-ee21-49ee-94d6-90afc321780e}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
"{851CBB1E-B981-4944-B251-4869070D8E9C}_is1" = ESmokerStudio version 1.3.0.4
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8A03241E-7A3C-401D-B0CE-B3096F50AE6F}" = LightScribe Template Labeler
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup
"{8F8D9297-FDD2-405A-97E7-E52C7B2F97B3}" = Ulead VideoStudio SE DVD
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9642EA87-3714-49A6-9E70-325CB18E6DE5}" = Nero 2014
"{979B748C-6095-4A5A-BC7B-C15E720529D6}" = PCMSCAN
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9CCC78EF-027E-40E0-9B61-39932C65E3FE}" = Acronis Disk Director Home
"{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}" = Nero Blu-ray Player
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A61131DC-B92D-4AD8-A925-E2D6D5FE217C}" = SD Card Formatter
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{ABC88553-8770-4B97-B43E-5A90647A5B63}" = Nero ControlCenter
"{AC76BA86-0804-1033-1959-018244601108}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1029-7B44-AC0F074E4100}" = Adobe Acrobat Reader - Czech
"{ACE49D50-19CD-44A6-B192-46F985283B26}" = Nero PiP Effects Basic
"{B03B98E3-2795-48F6-BA33-793BBF5DF685}" = SMI Grabber Device
"{B166374C-105E-445E-8E5D-A86CA5742645}" = Nero Burning Core
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B455E95A-B804-439F-B533-336B1635AE97}" = NVIDIA PhysX
"{B48BFBB8-01E5-4011-B204-A4A86949EC92}" = LightScribe Diagnostic Utility
"{b49c10dd-4d54-45f8-ad13-fa25704456a4}" = Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.42.34438
"{B791E0AB-87A9-41A4-8D98-D13C2E37D928}" = Nero Info
"{BB285C9F-C821-4770-8970-56C4AB52C87E}" = Skype Click to Call
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{BFF23267-1D19-444E-93E2-E5059BE805EA}" = Dazzle Video Capture DVC100 X64 Driver 1.06
"{C03E2FB3-250B-44A1-8B9E-61DFCD544133}" = Nero Disc to Device
"{C1EA3034-6A86-4C18-A91F-SPSOTCZ7E0FE}_is1" = Čeština do hry South Park: Klacek Pravdy verze 1.0
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{CDFE8F95-F80F-4115-9C3F-0E1FD8F9F58C}" = Nero ControlCenter Help (CHM)
"{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{CE17A4F4-F6C1-4876-AE7A-53210A0CCBB2}_is1" = Image ReSizer 1.6
"{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1" = VSO ConvertXToDVD
"{D5115C78-2D22-4668-A5E2-6C87DED3ED1B}" = Nero Launcher
"{D5C69738-B486-402E-85AC-2456D98A64E4}" = Pomocník s aktualizací Windows 10
"{DADC7AB0-E554-4705-9F6A-83EA82ED708E}" = Realtek Ethernet Diagnostic Utility
"{E17BCB76-9924-4BD5-B6D6-50D3407B4E74}" = Nero Disc Menus Basic
"{E1AA8B0F-1176-36F1-8A91-AA19CF39C2F6}" = Google Chrome
"{E36E864B-BFB6-440A-9A23-2B0BEDE59A92}" = MultiScreen
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{ED7943A4-2FF0-4096-BBEA-DE3CC206E3D4}" = Nero Express
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F2B9C8D6-C69C-4BA7-95D2-66F1C68D15DA}" = Nero Burning ROM
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F69D4104-5394-4F7C-801C-D96DC92E7F69}" = Nero RescueAgent Help (CHM)
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FA78CC15-9F90-443B-BA61-A66595F06432}" = Nero Burning ROM Help (CHM)
"{P893DDDC1-FEB1-41A9-AF3F-FB9AEBB3B2D4}_is1" = RBRPro 2021 Update 2
"4K Video Downloader_is1" = 4K Video Downloader 4.2
"abgx360" = abgx360 v1.0.6
"AMCap" = AMCap
"Any Audio Converter_is1" = Any Audio Converter 5.9.3
"Any Video Converter Professional_is1" = Any Video Converter Professional 6.2.1
"AORUS ENGINE_is1" = AORUS ENGINE
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CDex" = CDex - Open Source Digital Audio CD Extractor
"coverXP" = coverXP (remove only)
"DAEMON Tools Lite" = DAEMON Tools Lite
"DupDetector_is1" = DupDetector 3.302
"DVD Decrypter" = DVD Decrypter (Remove Only)
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Easy-WebPrint EX" = Canon Easy-WebPrint EX
"EAX Unified" = EAX Unified
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50
"GOGPACKALANWAKE_is1" = Alan Wake
"GOGPACKCAESAR3_is1" = Caesar 3
"GOGPACKSTRONGHOLDCRUSADERHD_is1" = Stronghold Crusader Extreme HD
"HD Tune_is1" = HD Tune 2.55
"Hi Suite" = HiSuite
"ImgBurn" = ImgBurn
"InstallShield_{72CE541B-52BD-4FA1-8CD6-19341939AB21}" = Richard Burns Rally
"KLiteCodecPack_is1" = K-Lite Codec Pack 18.8.0 Basic
"Mafia Game" = Mafia Game
"MegaTrainer eXperience_is1" = MegaTrainer eXperience V1.3.2.8
"Microsoft DirectX SDK (June 2010)" = Microsoft DirectX SDK (June 2010)
"MozBackup" = MozBackup 1.5.1
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"Mp3tag" = Mp3tag v2.99
"My Pictures 3D_is1" = My Pictures 3D 1.1
"My Pictures Editor_is1" = Photo! 3D Album and Photo! 3D ScreenSaver 1.2
"OCCT" = OCCT 4.4.0
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"OpenAL" = OpenAL
"Origin" = Origin
"PandoraRecovery" = PandoraRecovery (Remove Only)
"PC HelpSoft Driver Updater_is1" = PC HelpSoft Driver Updater v5.5.590
"pcsx2" = PCSX2 - Playstation 2 Emulator
"PingPlotter 5 5.5.4.3687" = PingPlotter 5
"Registrace uživatele zařízení Canon MP270 series" = Registrace uživatele zařízení Canon MP270 series
"SpeedFan" = SpeedFan (remove only)
"Steam" = Steam
"TeamViewer" = TeamViewer
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"VLC media player" = VLC media player
"Webshare klient" = Webshare klient
"Winamp" = Winamp
"winscp3_is1" = WinSCP 6.3.7
"WinX DVD Ripper Platinum_is1" = WinX DVD Ripper Platinum 8.22.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"5eb047b50256dffc70bd2c5eafff4b21" = Archiv – TV ŠALINGRAD
"Discord" = Discord
"GameRanger" = GameRanger
"Kodi" = Kodi

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 25.3.2025 12:47:56 | Computer Name = Martys-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: AllShareFrameworkDMS.exe, verze: 1.3.0.23,
časové razítko: 0x52b52bb2 Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.24499,
časové razítko: 0x5d011861 Kód výjimky: 0xc0000005 Posun chyby: 0x0002e466 ID chybujícího
procesu: 0x4f0 Čas spuštění chybující aplikace: 0x01db9da5a7994d85 Cesta k chybující
aplikaci: C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
Cesta
k chybujícímu modulu: C:\Windows\SysWOW64\ntdll.dll ID zprávy: e695ec9a-0998-11f0-b11c-08606e84c30d

Error - 25.3.2025 12:48:01 | Computer Name = Martys-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: AllShareFrameworkDMS.exe, verze: 1.3.0.23,
časové razítko: 0x52b52bb2 Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.24499,
časové razítko: 0x5d011861 Kód výjimky: 0xc0000005 Posun chyby: 0x0002e466 ID chybujícího
procesu: 0x1404 Čas spuštění chybující aplikace: 0x01db9da5ab30b28b Cesta k chybující
aplikaci: C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
Cesta
k chybujícímu modulu: C:\Windows\SysWOW64\ntdll.dll ID zprávy: e9a0c701-0998-11f0-b11c-08606e84c30d

Error - 25.3.2025 12:48:08 | Computer Name = Martys-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: AllShareFrameworkDMS.exe, verze: 1.3.0.23,
časové razítko: 0x52b52bb2 Název chybujícího modulu: DMSManager.dll, verze: 0.0.0.0,
časové razítko: 0x52a81842 Kód výjimky: 0xc0000005 Posun chyby: 0x0001d30e ID chybujícího
procesu: 0x2298 Čas spuštění chybující aplikace: 0x01db9da5ad986cbf Cesta k chybující
aplikaci: C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
Cesta
k chybujícímu modulu: C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DMSManager.dll
ID
zprávy: ed6026fd-0998-11f0-b11c-08606e84c30d

Error - 25.3.2025 12:48:12 | Computer Name = Martys-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: AllShareFrameworkDMS.exe, verze: 1.3.0.23,
časové razítko: 0x52b52bb2 Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.24499,
časové razítko: 0x5d011861 Kód výjimky: 0xc0000005 Posun chyby: 0x0002e466 ID chybujícího
procesu: 0x2344 Čas spuštění chybující aplikace: 0x01db9da5b1317f7c Cesta k chybující
aplikaci: C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
Cesta
k chybujícímu modulu: C:\Windows\SysWOW64\ntdll.dll ID zprávy: eff92b1a-0998-11f0-b11c-08606e84c30d

Error - 25.3.2025 12:48:40 | Computer Name = Martys-PC | Source = .NET Runtime | ID = 1026
Description =

Error - 25.3.2025 12:48:41 | Computer Name = Martys-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Malwarebytes.exe, verze: 5.0.0.1111, časové
razítko: 0x65d50000 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.24499,
časové razítko: 0x5d0115f1 Kód výjimky: 0xe0434352 Posun chyby: 0x000000000000b87d
ID
chybujícího procesu: 0x193c Čas spuštění chybující aplikace: 0x01db9da5bc78a042 Cesta
k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
Cesta
k chybujícímu modulu: C:\Windows\system32\KERNELBASE.dll ID zprávy: 01071c38-0999-11f0-b11c-08606e84c30d

Error - 25.3.2025 12:49:01 | Computer Name = Martys-PC | Source = .NET Runtime | ID = 1026
Description =

Error - 25.3.2025 12:49:01 | Computer Name = Martys-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Malwarebytes.exe, verze: 5.0.0.1111, časové
razítko: 0x65d50000 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.24499,
časové razítko: 0x5d0115f1 Kód výjimky: 0xe0434352 Posun chyby: 0x000000000000b87d
ID
chybujícího procesu: 0x275c Čas spuštění chybující aplikace: 0x01db9da5c8697105 Cesta
k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
Cesta
k chybujícímu modulu: C:\Windows\system32\KERNELBASE.dll ID zprávy: 0d34cfce-0999-11f0-b11c-08606e84c30d

Error - 25.3.2025 12:57:41 | Computer Name = Martys-PC | Source = Firefox Default Browser Agent | ID = 458839
Description =

Error - 25.3.2025 13:01:21 | Computer Name = Martys-PC | Source = Firefox Default Browser Agent | ID = 458839
Description =

[ Media Center Events ]
Error - 29.3.2014 13:37:46 | Computer Name = Martys-PC | Source = MCUpdate | ID = 0
Description = 18:37:46 - Chyba při připojování k Internetu 18:37:46 - Nelze kontaktovat
server..

Error - 29.3.2014 13:37:57 | Computer Name = Martys-PC | Source = MCUpdate | ID = 0
Description = 18:37:51 - Chyba při připojování k Internetu 18:37:51 - Nelze kontaktovat
server..

Error - 8.4.2014 13:47:50 | Computer Name = Martys-PC | Source = MCUpdate | ID = 0
Description = 19:47:50 - Chyba při připojování k Internetu 19:47:50 - Nelze kontaktovat
server..

Error - 8.4.2014 14:51:11 | Computer Name = Martys-PC | Source = MCUpdate | ID = 0
Description = 19:48:19 - Chyba při připojování k Internetu 19:48:19 - Nelze kontaktovat
server..

Error - 19.4.2020 12:15:11 | Computer Name = Martys-PC | Source = MCUpdate | ID = 0
Description = 18:15:11 - Načtení položky Directory se nezdařilo. (Chyba: Nadřízené
připojení bylo uzavřeno: Došlo k neočekávané chybě při odeslání.)

Error - 19.4.2020 12:15:13 | Computer Name = Martys-PC | Source = MCUpdate | ID = 0
Description = 18:15:13 - Načtení položky ClientUpdate se nezdařilo. (Chyba: Nadřízené
připojení bylo uzavřeno: Došlo k neočekávané chybě při odeslání.)

Error - 19.4.2020 12:15:15 | Computer Name = Martys-PC | Source = MCUpdate | ID = 0
Description = 18:15:14 - Načtení položky MCESpotlight se nezdařilo. (Chyba: Nadřízené
připojení bylo uzavřeno: Došlo k neočekávané chybě při odeslání.)

Error - 19.4.2020 12:15:16 | Computer Name = Martys-PC | Source = MCUpdate | ID = 0
Description = 18:15:16 - Načtení položky MCEClientUX se nezdařilo. (Chyba: Nadřízené
připojení bylo uzavřeno: Došlo k neočekávané chybě při odeslání.)

Error - 19.4.2020 12:15:20 | Computer Name = Martys-PC | Source = MCUpdate | ID = 0
Description = 18:15:17 - Načtení položky Broadband se nezdařilo. (Chyba: Nadřízené
připojení bylo uzavřeno: Došlo k neočekávané chybě při odeslání.)

[ System Events ]
Error - 22.3.2025 4:50:10 | Computer Name = Martys-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Origin Web Helper Service bylo dosaženo
časového limitu (60000 ms).

Error - 22.3.2025 4:50:10 | Computer Name = Martys-PC | Source = Service Control Manager | ID = 7000
Description = Služba Origin Web Helper Service neuspěla při spuštění v důsledku
následující chyby: %%1053

Error - 23.3.2025 12:36:27 | Computer Name = Martys-PC | Source = Schannel | ID = 36887
Description = Byla přijata následující výstraha o závažné chybě: 40.

Error - 23.3.2025 12:36:27 | Computer Name = Martys-PC | Source = Schannel | ID = 36887
Description = Byla přijata následující výstraha o závažné chybě: 40.

Error - 23.3.2025 12:37:32 | Computer Name = Martys-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Origin Web Helper Service bylo dosaženo
časového limitu (60000 ms).

Error - 23.3.2025 12:37:32 | Computer Name = Martys-PC | Source = Service Control Manager | ID = 7000
Description = Služba Origin Web Helper Service neuspěla při spuštění v důsledku
následující chyby: %%1053

Error - 25.3.2025 12:46:09 | Computer Name = Martys-PC | Source = Schannel | ID = 36887
Description = Byla přijata následující výstraha o závažné chybě: 40.

Error - 25.3.2025 12:46:10 | Computer Name = Martys-PC | Source = Schannel | ID = 36887
Description = Byla přijata následující výstraha o závažné chybě: 40.

Error - 25.3.2025 12:47:15 | Computer Name = Martys-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Origin Web Helper Service bylo dosaženo
časového limitu (60000 ms).

Error - 25.3.2025 12:47:15 | Computer Name = Martys-PC | Source = Service Control Manager | ID = 7000
Description = Služba Origin Web Helper Service neuspěla při spuštění v důsledku
následující chyby: %%1053


< End of report >

[Marťan]

OTL log je zas dlouhý zde jsem ho uložil
https://webshare.cz/#/file/6ORdPifHXm/otl-txt

[jaro3]

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9:[b]64bit:[/b] - Extra Button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - Reg Error: Value error. File not found
O9:[b]64bit:[/b] - Extra 'Tools' menuitem : McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - Reg Error: Value error. File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
@Alternate Data Stream - 205 bytes -> C:\ProgramData\TEMP:8927A071

:Files

:Reg
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]


Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

Drive C: | 195,21 Gb Total Space | 23,22 Gb Free Space | 11,90% Space Free | Partition Type: NTFS
Drive D: | 698,94 Gb Total Space | 78,02 Gb Free Space | 11,16% Space Free | Partition Type: NTFS
Drive E: | 100,00 Mb Total Space | 61,63 Mb Free Space | 61,63% Space Free | Partition Type: NTFS
Drive G: | 100,00 Mb Total Space | 61,63 Mb Free Space | 61,63% Space Free | Partition Type: NTFS
Drive H: | 195,21 Gb Total Space | 195,12 Gb Free Space | 99,95% Space Free | Partition Type: NTFS
Drive I: | 736,20 Gb Total Space | 20,90 Gb Free Space | 2,84% Space Free | Partition Type: NTFS

Máš mít na každém disku alespoň 15-20% volného místa, hlavně pro systémový disk!

Udělej ještě jednou FRST.

[Marťan]

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
ADS C:\ProgramData\TEMP:8927A071 deleted successfully.
========== FILES ==========
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Martys
->Temp folder emptied: 9334175569 bytes
->Temporary Internet Files folder emptied: 85101944 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 291 bytes

User: Public

User: UpdatusUser

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 748559 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 37198270078 bytes

Total Files Cleaned = 44 459,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 03272025_172059

Files\Folders moved on Reboot...
C:\Users\Martys\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Users\Martys\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.
File move failed. C:\Windows\temp\_norton_\unp_low\AvLock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\_norton_\AvLock.txt scheduled to be moved on reboot.
File\Folder C:\Windows\temp\_norton_\nsfsp00000001.tmp not found!
File\Folder C:\Windows\temp\_norton_\nsfsp00000002.tmp not found!
File\Folder C:\Windows\temp\_norton_\nsfsp00000003.tmp not found!
File move failed. C:\Windows\temp\Low\SkypeClickToCall\Logs\AutoUpdateSvc.log scheduled to be moved on reboot.
File\Folder C:\Windows\temp\hsperfdata_MARTYS-PC$\3956 not found!
C:\Windows\temp\sqlite-3.7.151-amd64-sqlitejdbc.dll moved successfully.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[Marťan]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-03-2025
Ran by Martys (administrator) on MARTYS-PC (27-03-2025 17:32:45)
Running from C:\Users\Martys\Desktop\FRST64.exe
Loaded Profiles: Martys
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser not detected!
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(C:\Program Files (x86)\Steam1\bin\cef\cef.win7x64\steamwebhelper.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\CCleaner\CCleaner64.exe
(C:\Program Files (x86)\Steam1\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam1\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\Logitech\SetPoint\SetPoint.exe ->) () [File not signed] C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
(C:\Program Files\Logitech\SetPoint\SetPoint.exe ->) (Logitech -> Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
(C:\Program Files\Norton\Suite\NortonSvc.exe ->) (NortonLifeLock Inc. -> Gen Digital Inc.) C:\Program Files\Norton\Suite\aswEngSrv.exe
(C:\Program Files\RogueKiller\RogueKillerSvc.exe ->) (ADLICE -> ) C:\Program Files\RogueKiller\RogueKiller64.exe
(C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe ->) (Samsung Electronics CO., LTD. -> Samsung) [File not signed] C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
(explorer.exe ->) () [File not signed] C:\Program Files (x86)\MultiScreen\MultiScreen.exe
(explorer.exe ->) (Canon Inc. -> CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(explorer.exe ->) (Logitech -> Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam1\steam.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(NortonLifeLock Inc. -> Gen Digital Inc.) C:\Program Files\Norton\Suite\NortonUI.exe <4>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Acronis, Inc -> ) C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
(services.exe ->) (ADLICE -> ) C:\Program Files\RogueKiller\RogueKillerSvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(services.exe ->) (Guillemot Recherche et Développement, Inc -> Thrustmaster®) C:\Program Files\Thrustmaster\FFB Racing wheel\drivers\amd64\tmInstall.exe
(services.exe ->) (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(services.exe ->) (Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(services.exe ->) (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(services.exe ->) (NortonLifeLock Inc. -> Gen Digital Inc.) C:\Program Files\Norton\Suite\afwServ.exe
(services.exe ->) (NortonLifeLock Inc. -> Gen Digital Inc.) C:\Program Files\Norton\Suite\AvDump.exe
(services.exe ->) (NortonLifeLock Inc. -> Gen Digital Inc.) C:\Program Files\Norton\Suite\nllToolsSvc.exe
(services.exe ->) (NortonLifeLock Inc. -> Gen Digital Inc.) C:\Program Files\Norton\Suite\NortonSvc.exe
(services.exe ->) (NortonLifeLock Inc. -> Gen Digital Inc.) C:\Program Files\Norton\Suite\VpnSvc.exe
(services.exe ->) (NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton\Suite\aswidsagent.exe
(services.exe ->) (NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton\Suite\wsc_proxy.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics Co.,Ltd) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe <2>
(services.exe ->) (Samsung Electronics CO., LTD. -> Samsung) [File not signed] C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
(services.exe ->) (Skype Software Sarl -> Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (Ulead Systems, Inc.) [File not signed] C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(services.exe ->) (Urban Cyber Security Inc. -> ) C:\Program Files\UrbanVPN\bin\urbanvpnserv.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Softdeluxe) [File not signed] C:\Program Files\Softdeluxe\Free Download Manager\fdm.exe
(taskeng.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(taskeng.exe ->) (Softdeluxe) [File not signed] C:\Program Files\Softdeluxe\Free Download Manager\helperservice.exe
(Urban Cyber Security Inc. -> ) C:\Program Files\UrbanVPN\bin\urbanvpn-gui.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NortonUI.exe] => C:\Program Files\Norton\Suite\AvLaunch.exe [457320 2025-03-19] (NortonLifeLock Inc. -> Gen Digital Inc.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2184520 2009-03-24] (Canon Inc. -> CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-03-18] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653648 2018-06-27] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [UVS10 Preload] => C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe [36864 2006-08-09] (Ulead Systems, Inc.) [File not signed]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\...\Run: [MultiScreen] => C:\Program Files (x86)\MultiScreen\MultiScreen.exe [303104 2009-08-11] () [File not signed]
HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam1\steam.exe [4407392 2024-11-08] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45875504 2025-03-12] (Gen Digital Inc. -> Gen Digital Inc.)
HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\...\Run: [UrbanVPN] => C:\Program Files\UrbanVPN\bin\urbanvpn-gui.exe [24349272 2024-08-21] (Urban Cyber Security Inc. -> )
HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon MP270 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9X.DLL [28672 2010-04-24] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP270 series: C:\Windows\system32\CNMLM9X.DLL [336896 2010-04-24] (CANON INC.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\109.0.5414.120\Installer\chrmstp.exe [2023-01-27] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{10880D85-AAD9-4558-ABDC-2AB1552D831F}] -> C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe [2011-06-20] (Hewlett-Packard Company -> Hewlett-Packard Company)
Startup: C:\Users\Martys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE AORUS GRAPHICS ENGINE.lnk [2011-01-02]
ShortcutTarget: GIGABYTE AORUS GRAPHICS ENGINE.lnk -> C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\autorun.exe () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk [2014-03-08]
ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech -> Logitech, Inc.)
BootExecute: autocheck autochk * autopart.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {E4DFB5F3-AFFB-4577-824A-D4CCCC8635A4} - System32\Tasks\{03076CF8-A72B-4A99-BB35-10ADFB71B3E9} => C:\Windows\System32\pcalua.exe [9728 2019-06-12] (Microsoft Windows -> Microsoft Corporation) -> -a C:\Users\Martys\Desktop\XboxInstaller.exe -d C:\Users\Martys\Desktop
Task: {1C0D7379-486B-4699-9BCA-39E0194C260E} - System32\Tasks\{0D5AD854-6A76-4375-ADF2-3E85B88B73F3} => C:\Windows\System32\pcalua.exe [9728 2019-06-12] (Microsoft Windows -> Microsoft Corporation) -> -a H:\VAGCOM\KKL409.1.exe -d H:\VAGCOM
Task: {8AB15B42-CC78-4E33-A6C2-0A1285964BBB} - System32\Tasks\{18183E7D-7702-47B9-8544-5773EB6233BE} => C:\Windows\System32\pcalua.exe [9728 2019-06-12] (Microsoft Windows -> Microsoft Corporation) -> -a E:\monsetup.exe -d E:\
Task: {7EFB5A22-C172-4797-88E3-D0E2C10B94AE} - System32\Tasks\{1860A437-DC0A-4DF7-A62B-0E940CEF5768} => D:\Hry\South park\South Park The Stick of Truth\South Park - The Stick of Truth.exe [11033600 2014-03-04] (Obsidian Entertainment, Inc.) [File not signed]
Task: {A285EF4F-9AE9-433C-8D1C-2D29749577A5} - System32\Tasks\{3CC70417-BD38-4009-B990-9EFAA59B735F} => C:\Windows\System32\pcalua.exe [9728 2019-06-12] (Microsoft Windows -> Microsoft Corporation) -> -a C:\Users\Martys\Downloads\CyberLink_PowerDVD_Downloader.exe -d C:\Users\Martys\Downloads
Task: {5931D626-571D-4369-A0F9-E4E77C09F4A3} - System32\Tasks\{4A39CFFF-9A7A-4FF4-BA48-B5245FAE3B81} => C:\Windows\System32\pcalua.exe [9728 2019-06-12] (Microsoft Windows -> Microsoft Corporation) -> -a "D:\Xbox360\Xbox Backup Creator\missingfilesetup.exe" -d "D:\Xbox360\Xbox Backup Creator"
Task: {EB8DF3D8-C6A0-4444-B1BF-19F614F26B76} - System32\Tasks\{4CAFB5C0-B418-4450-92C7-D6B782105BBF} => C:\Windows\System32\pcalua.exe [9728 2019-06-12] (Microsoft Windows -> Microsoft Corporation) -> -a "D:\Dokumenty\Programy,instalačky\Video graber Ulead studio\Drivers\Setup.exe" -d "D:\Dokumenty\Programy,instalačky\Video graber Ulead studio\Drivers"
Task: {0EB99F56-CDFC-47F3-AD94-7C7A92612F7A} - System32\Tasks\{530CE87B-3538-4D62-B46B-91CAAB144F06} => C:\Windows\System32\pcalua.exe [9728 2019-06-12] (Microsoft Windows -> Microsoft Corporation) -> -a D:\Hry\Uninstaller.exe -d D:\Hry
Task: {283EA1A2-6DA1-45B2-81F8-9EDAEEC1EC6E} - System32\Tasks\{59E78EC6-2AD5-4DD5-BDAA-77EE738EF2FC} => C:\Windows\System32\pcalua.exe [9728 2019-06-12] (Microsoft Windows -> Microsoft Corporation) -> -a H:\NetFx20SP2_x86.exe -d H:\
Task: {F1EBD1ED-6BF3-447F-9FC6-1FBD665A8C7B} - System32\Tasks\{61AA5D65-951A-47A4-ACAC-43DFBA5AF182} => C:\Windows\System32\pcalua.exe [9728 2019-06-12] (Microsoft Windows -> Microsoft Corporation) -> -a C:\Users\Martys\Downloads\XboxInstaller.exe -d C:\Users\Martys\Downloads
Task: {13A3936E-F466-4A8F-8AC2-16CFB6991172} - System32\Tasks\{63387DFF-E73D-4311-A874-D477A9DF6FFF} => C:\Windows\System32\pcalua.exe [9728 2019-06-12] (Microsoft Windows -> Microsoft Corporation) -> -a H:\NetFx20SP2_x64.exe -d H:\
Task: {29F45839-678C-45FF-A871-222FDE7B8B26} - System32\Tasks\{671DE18D-752E-4492-A3A2-5C82B5EB7600} => D:\Hry\South park\South Park The Stick of Truth\South Park - The Stick of Truth.exe [11033600 2014-03-04] (Obsidian Entertainment, Inc.) [File not signed]
Task: {900E7F2B-A887-4454-941A-9E0547F308C9} - System32\Tasks\{79899FCE-DB4E-4F27-8F2E-C70FE053AA25} => C:\Program Files (x86)\Pinnacle\Studio 17\programs\PinnacleStudio.EXE [192296 2013-11-07] (Corel Corporation -> Pinnacle)
Task: {2099636C-E9CC-4EF1-9AE9-740D899967A1} - System32\Tasks\{8365A4F8-C88F-4669-A52D-A1E85DE9AF22} => C:\Windows\System32\pcalua.exe [9728 2019-06-12] (Microsoft Windows -> Microsoft Corporation) -> -a "F:\OBDII On PC software\scantool_net113win\scantool_net113win.exe" -d "F:\OBDII On PC software\scantool_net113win"
Task: {D62E688C-11DD-415C-B83C-54AB4BF7D0CE} - System32\Tasks\{DB89D46B-2FE5-4D7E-947A-AFD968C59458} => C:\Windows\System32\pcalua.exe [9728 2019-06-12] (Microsoft Windows -> Microsoft Corporation) -> -a "C:\Program Files (x86)\InstallShield Installation Information\{D80A6A73-E58A-4673-AFF5-F12D7110661F}\setup.exe" -c -runfromtemp -l0x0409
Task: {2F04F5DC-C437-4455-9338-8775EEC471C9} - System32\Tasks\{EE360FCE-4198-4791-AE4F-741B2626D9E7} => D:\Hry\Mafia\Game.exe [2486272 2002-08-27] (Illusion Softworks) [File not signed]
Task: {4685C9D6-2BF5-42FA-B7DC-81C1D210C938} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2024-12-18] (Adobe Inc. -> Adobe Inc.)
Task: {ADC875BF-01E0-4635-8D49-0F62834724C7} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2024-12-18] (Adobe Inc. -> Adobe Inc.)
Task: {183DF7BC-039F-4664-A1FD-31957C2E8C7D} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2935424 2012-03-13] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {BFF03A3B-6426-44B2-BFBE-A26EE14B881F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [3480504 2025-03-12] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {612DB5C0-0605-4109-AFD0-54A327DCA616} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [6139696 2025-03-12] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "57defbf6-70cd-4d12-a669-501b4e80a6a4" --version "6.34.0.11482" --silent
Task: {C72A5D8B-61A1-46C0-B3CA-C6373AE83855} - System32\Tasks\CCleanerSkipUAC - Martys => C:\Program Files\CCleaner\CCleaner.exe [39616304 2025-03-12] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {C95FE4DB-C48C-42BF-BDD3-E492195EDE2C} - System32\Tasks\elevator_146642f81f761f5155bd3862a8b79c2f => D:\Hry\RBRPro\RBRProManager.exe [1029120 2021-02-22] (TGD Simware) [File not signed]
Task: {89DD84E3-83CC-4C71-B99E-B1040505D7CB} - System32\Tasks\FreeDownloadManagerHelperService => C:\Program Files\Softdeluxe\Free Download Manager\helperservice.exe [132096 2024-07-08] (Softdeluxe) [File not signed]
Task: {BFA30143-2CDC-42E1-ACFF-2C04F9D9D34D} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653648 2018-06-27] (Oracle America, Inc. -> Oracle Corporation)
Task: {9057003C-7E97-4E53-A987-7EE575077315} - System32\Tasks\JavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653648 2018-06-27] (Oracle America, Inc. -> Oracle Corporation)
Task: {7E4E05A7-ABC0-49C9-A04B-D02D283F0353} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2118144 2025-02-08] () [File not signed]
Task: {579256A2-B30F-436D-98B1-90CF3078BF25} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [684096 2025-03-07] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {78DD6804-7004-4363-9F96-5B12184EC326} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [725568 2025-02-24] (Mozilla Corporation -> Mozilla Foundation)
Task: {93565479-7297-47CE-AC02-E93034BF76CB} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [725568 2025-03-07] (Mozilla Corporation -> Mozilla Foundation)
Task: {E8A6BC36-040D-42D7-BEB7-F58B75595487} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [3227472 2013-08-20] (Nero AG -> Nero AG)
Task: {282DC89C-1417-4BE6-93EC-9610E7340876} - System32\Tasks\Norton\Norton 360 Patcher => C:\Program Files\Common Files\Norton\Icarus\norton-suite\icarus.exe [8803432 2025-02-26] (NortonLifeLock Inc. -> Gen Digital Inc.)
Task: {96BBBA5A-B59F-40B3-B1A1-0646B6A3D4F0} - System32\Tasks\Norton\Norton VPN Bug Report => C:\Program Files\Norton\Suite\AvBugReport.exe [6086248 2025-03-19] (NortonLifeLock Inc. -> Gen Digital Inc.) -> --send "dumps|report" --silent --product 187 --programpath "C:\Program Files\Norton\Suite" --configpath "C:\ProgramData\Norton\VPN" --path "C:\ProgramData\Norton\VPN\log" --path "C:\ProgramData\Norton\Icarus\Logs" --logpath "C:\ProgramData\Norton\VPN\log" --guid 84195f1c-cda2-410b-9eec-00cccc3ac0af
Task: {8C098234-CC0B-4CA3-824D-4404749F0BFC} - System32\Tasks\Norton\Overseer => C:\Program Files\Common Files\Norton\Overseer\overseer.exe [2566760 2025-01-02] (NortonLifeLock Inc. -> Gen Digital Inc.)
Task: {67790422-94A3-452C-BA4A-79348172635C} - System32\Tasks\Norton\Suite Emergency Update => C:\Program Files\Norton\Suite\AvEmUpdate.exe [5288040 2025-03-19] (NortonLifeLock Inc. -> Gen Digital Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7807FB52-31AD-4D76-B787-FC6CE19C599D}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{7807FB52-31AD-4D76-B787-FC6CE19C599D}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{89C42099-44F4-427E-84B1-184E648CF327}: [NameServer] 10.252.0.0
Tcpip\..\Interfaces\{AED2BC6C-DEC5-4B89-8442-888AAE89882F}: [NameServer] 10.9.0.1
Tcpip\..\Interfaces\{C6100843-7139-4411-A0D4-A8230BD04ECB}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{C6100843-7139-4411-A0D4-A8230BD04ECB}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{EFC0BC5C-2049-4DAA-8886-3F99972202E4}: [NameServer] 8.8.8.8

FireFox:
========
FF DefaultProfile: bbmxikm6.default-1500151254905
FF ProfilePath: C:\Users\Martys\AppData\Roaming\Mozilla\Firefox\Profiles\bbmxikm6.default-1500151254905 [2025-03-27]
FF Homepage: Mozilla\Firefox\Profiles\bbmxikm6.default-1500151254905 -> moz-extension://16fe61a7-8a8a-46eb-b015-80d59906cdff/homePage.html
FF NewTab: Mozilla\Firefox\Profiles\bbmxikm6.default-1500151254905 -> about:newtab
FF HomepageOverride: Mozilla\Firefox\Profiles\bbmxikm6.default-1500151254905 -> Enabled: nortonhomepage@symantec.com
FF NewTabOverride: Mozilla\Firefox\Profiles\bbmxikm6.default-1500151254905 -> Enabled: nortonhomepage@symantec.com
FF NewTabOverride: Mozilla\Firefox\Profiles\bbmxikm6.default-1500151254905 -> Disabled: nortonsafesearch_ul_2@symantec.com
FF Extension: (Norton Home Page) - C:\Users\Martys\AppData\Roaming\Mozilla\Firefox\Profiles\bbmxikm6.default-1500151254905\Extensions\nortonhomepage@symantec.com.xpi [2024-12-23] [UpdateUrl:hxxps://static.nortoncdn.com/idscp/firefox/nsss/hp/updates.json]
FF Extension: (Norton Safe Search) - C:\Users\Martys\AppData\Roaming\Mozilla\Firefox\Profiles\bbmxikm6.default-1500151254905\Extensions\nortonsafesearch_ul_2@symantec.com.xpi [2024-12-23] [UpdateUrl:hxxps://static.nortoncdn.com/idscp/firefox/nsss/ds_modified/updates.json]
FF Extension: (Norton Safe Web) - C:\Users\Martys\AppData\Roaming\Mozilla\Firefox\Profiles\bbmxikm6.default-1500151254905\Extensions\nortonsafeweb@symantec.com.xpi [2025-01-13]
FF Plugin: @java.com/DTPlugin,version=13.0.2.0 -> C:\Program Files\Java\jre-10.0.2\bin\dtplugin\npDeployJava1.dll [2019-11-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2009-03-27] (CANON INC.) [File not signed]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2013-08-20] (Nero AG -> Nero AG)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2025-03-13] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Martys\AppData\Local\Google\Chrome\User Data\Default [2025-03-27]
CHR Notifications: Default -> hxxps://36icufrredxfn6.enhanceconnection.co.in; hxxps://3coj5unzs4wjur.enhanceconnection.co.in; hxxps://5vmi4ssitorwnk.enhanceconnection.co.in; hxxps://bxqra9a1711pju.enhanceconnection.co.in; hxxps://club.autodoc.cz; hxxps://cuae64u071bc73c40vsg.protocolchainflow.com; hxxps://cuae7am071bc73c425h0.enhanceconnection.co.in; hxxps://cuae7g6071bc73c42ba0.protocolchainflow.com; hxxps://cub1bs6071bc73ckocag.enhanceconnection.co.in; hxxps://cub1kkm071bc73cl1amg.enhanceconnection.co.in; hxxps://cudqgdu071bc73euiuj0.enhanceconnection.co.in; hxxps://cudqghu071bc73euj2fg.protocolchainflow.com; hxxps://cudqigu071bc73eul9ig.enhanceconnection.co.in; hxxps://cudqilu071bc73eulf4g.protocolchainflow.com; hxxps://datanodes.to; hxxps://ixzc4t.cipaineutti.com; hxxps://r3e3ckp8an73yq.enhanceconnection.co.in; hxxps://vjr2ws.parthonylogles.com; hxxps://xfmvc6zgsv3gsl.enhanceconnection.co.in; hxxps://xys4dbprmekzdd.enhanceconnection.co.in; hxxps://ytb3qzyl3e9s5a.enhanceconnection.co.in
CHR HomePage: Default -> hxxp://seznam.cz/
CHR NewTab: Default -> Not-active:"chrome-extension://mhffmephdchhhbfjmdpoaldedhhdanbn/homePageRedirect.html"
CHR DefaultSearchURL: Default -> hxxps://searchsafe.norton.com/search?omnisearch=yes&q={searchTerms}
CHR DefaultSearchKeyword: Default -> nortonsafe
CHR DefaultSuggestURL: Default -> hxxps://ss-sym.search.ask.com/ss?limit= ... f&hl=cs&q={searchTerms}
CHR Extension: (Free Download Manager) - C:\Users\Martys\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmpjcflkgiildlgicmcieglgoilbfdp [2025-02-13]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Omega Ad Blocker) - C:\Users\Martys\AppData\Local\Google\Chrome\User Data\Default\Extensions\aoognjkkhapcjkfnakpddcciddcfbjcd [2025-01-07]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Martys\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-03-18]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Adblock Bear - Blokujte invazivní reklamy) - C:\Users\Martys\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdiknemhndplpgnnnjjjhphhembfojec [2025-03-04]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Martys\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-04-10]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Norton Home Page) - C:\Users\Martys\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhffmephdchhhbfjmdpoaldedhhdanbn [2024-08-30]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Norton Safe) - C:\Users\Martys\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpnlkmlkncncpgnnkmkgoobfpnjmblnk [2024-10-22]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Martys\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-05]hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2024-12-18] (Adobe Inc. -> Adobe Inc.)
R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung Electronics CO., LTD. -> Samsung) [File not signed]
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] (ASUSTeK Computer Inc. -> )
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363616 2014-01-03] (Skype Software Sarl -> Microsoft Corporation)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1088816 2025-03-12] (Gen Digital Inc. -> Gen Digital Inc.)
S2 gupdate; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-02] (Google Inc -> Google Inc.)
S3 gupdatem; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-02] (Google Inc -> Google Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2022-06-24] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-13] (Macrovision Corporation) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-02-10] (Canon Inc. -> )
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-06-20] (Hewlett-Packard Company) [File not signed]
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-10-05] (Logitech Inc -> Logitech Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9484384 2025-03-18] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-03-18] (Malwarebytes Inc. -> Malwarebytes)
R3 nllbIDSAgent; C:\Program Files\Norton\Suite\aswidsagent.exe [7753320 2025-03-19] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R2 Norton Antivirus; C:\Program Files\Norton\Suite\NortonSvc.exe [808040 2025-03-19] (NortonLifeLock Inc. -> Gen Digital Inc.)
R2 Norton Firewall; C:\Program Files\Norton\Suite\afwServ.exe [2441832 2025-03-19] (NortonLifeLock Inc. -> Gen Digital Inc.)
R2 Norton Tools; C:\Program Files\Norton\Suite\nllToolsSvc.exe [860776 2025-03-19] (NortonLifeLock Inc. -> Gen Digital Inc.)
R2 nortonAvDumper64; C:\Program Files\Norton\Suite\AvDump.exe [3535976 2025-03-19] (NortonLifeLock Inc. -> Gen Digital Inc.)
R2 NortonVpn; C:\Program Files\Norton\Suite\VpnSvc.exe [12988008 2025-03-19] (NortonLifeLock Inc. -> Gen Digital Inc.)
R2 NortonWscReporter; C:\Program Files\Norton\Suite\wsc_proxy.exe [76552 2025-01-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2016-12-24] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2180624 2016-12-24] (Electronic Arts, Inc. -> Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-05-29] (Even Balance, Inc. -> )
R2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [15942192 2025-03-11] (ADLICE -> )
R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [617160 2016-03-03] (Samsung Electronics CO., LTD. -> Samsung Electronics Co.,Ltd)
R2 Správce výběru OS; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2156952 2010-07-07] (Acronis, Inc -> )
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13273104 2020-10-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 tmInstall; C:\Program Files\Thrustmaster\FFB Racing wheel\drivers\amd64\tmInstall.EXE [140056 2021-05-26] (Guillemot Recherche et Développement, Inc -> Thrustmaster®)
R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-09-28] (Ulead Systems, Inc.) [File not signed]
R2 UrbanVPNServiceInteractive; C:\Program Files\UrbanVPN\bin\urbanvpnserv.exe [450496 2024-08-21] (Urban Cyber Security Inc. -> )
S3 UrbanVPNUpdater; C:\Program Files\UrbanVPN\UrbanVPNUpdater.exe [1022040 2024-08-21] (Urban Cyber Security Inc. -> Urban Security)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmdTools64; C:\Windows\System32\DRIVERS\AmdTools64.sys [58216 2018-03-23] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] (ASUSTeK Computer Inc. -> )
R3 asmthub3; C:\Windows\System32\DRIVERS\asmthub3.sys [138568 2012-08-20] (MCCI Corporation -> ASMedia Technology Inc)
R3 asmtxhci; C:\Windows\System32\DRIVERS\asmtxhci.sys [416072 2012-08-20] (MCCI Corporation -> ASMedia Technology Inc)
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] (ASUSTeK Computer Inc. -> )
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-07] (Disc Soft Ltd -> Disc Soft Ltd)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2022-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 gdrv2; C:\Windows\gdrv2.sys [32600 2011-01-02] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 GVCIDrv; C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\GVCIDrv64.sys [24672 2019-12-09] (GIGA-BYTE Technology Co., Ltd. -> )
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2021-01-21] (Martin Malik - REALiX -> REALiX(tm))
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2022-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [67736 2018-10-05] (Logitech Inc -> Logitech Inc.)
R2 mbamchameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [234072 2025-03-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239568 2025-03-18] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 nllArDisk; C:\Windows\System32\drivers\nllArDisk.sys [20568 2025-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 nllArPot; C:\Windows\System32\drivers\nllArPot.sys [246880 2025-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 nllbidsdriver; C:\Windows\System32\drivers\nllbidsdriver.sys [384096 2025-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 nllbidsh; C:\Windows\System32\drivers\nllbidsh.sys [296032 2025-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 nllbuniv; C:\Windows\System32\drivers\nllbuniv.sys [84576 2025-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 nllKbd; C:\Windows\System32\drivers\nllKbd.sys [37984 2025-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 nllMonFlt; C:\Windows\System32\drivers\nllMonFlt.sys [278616 2025-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 nllNetHub; C:\Windows\System32\drivers\nllNetHub.sys [553568 2025-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 nllNetNd6; C:\Windows\System32\DRIVERS\nllNetNd6.sys [23456 2025-01-02] (Microsoft Windows Hardware Compatibility Publisher -> NortonLifeLock Inc.)
R1 nllRdr; C:\Windows\System32\drivers\nllRdr2.sys [98912 2025-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 nllRvrt; C:\Windows\System32\drivers\nllRvrt.sys [69728 2025-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 nllSnx; C:\Windows\System32\drivers\nllSnx.sys [959064 2025-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 nllSP; C:\Windows\System32\drivers\nllSP.sys [1427552 2025-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 nllStm; C:\Windows\System32\drivers\nllStm.sys [207456 2025-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 nllVmm; C:\Windows\System32\drivers\nllVmm.sys [389720 2025-03-19] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S3 nllVpnRdr; C:\Windows\System32\drivers\nllVpnRdr.sys [85584 2025-02-13] (Microsoft Windows Hardware Compatibility Publisher -> NortonLifelock Inc.)
R3 nllWintun; C:\Windows\System32\DRIVERS\nllWintun.sys [40640 2025-01-02] (Microsoft Windows Hardware Compatibility Publisher -> NortonLifeLock Inc.)
R3 nllWireGuard; C:\Windows\System32\DRIVERS\nllWireguard.sys [174680 2025-01-02] (Microsoft Windows Hardware Compatibility Publisher -> NortonLifeLock Inc.)
S3 SMIGrabber3C; C:\Windows\System32\Drivers\SmiUsbGrabber3C.sys [821888 2011-01-26] (SOMAGIC (HANGZHOU) TECHNOLOGY CO., LTD. -> Windows (R) Win 7 DDK provider)
R0 speedfan; C:\Windows\SysWow64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
R3 subvgaproduct64; C:\Windows\System32\DRIVERS\subvga64.sys [5120 2014-12-29] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [30720 2019-10-31] (OpenVPN Inc. -> The OpenVPN Project)
S3 tmhidusb; C:\Windows\System32\DRIVERS\tmhidusb.sys [419096 2021-05-26] (Guillemot Recherche et Développement, Inc -> Thrustmaster)
S3 tmResetMin; C:\Windows\System32\Drivers\tmResetMin.sys [45848 2021-05-26] (Guillemot Recherche et Développement, Inc -> © Guillemot R&D, 2021. All rights reserved.)
S3 tmwbulk; C:\Windows\System32\Drivers\tmwbulk.sys [290816 2019-10-22] (Guillemot Recherche et Développement, Inc -> © Guillemot R&D, 2018. All rights reserved.)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [31920 2018-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
S3 xb1usb; C:\Windows\System32\DRIVERS\xb1usb.sys [42760 2016-02-21] (Windows Central Build Account - X -> Microsoft Corporation)
S1 amsdk; \??\C:\Windows\system32\drivers\amsdk.sys [X]
S3 GPCIDrv; \??\C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

Error Reading file: "C:\ProgramData\Desktop\WinSCP.lnk"
Error Reading file: "C:\ProgramData\Desktop\Windows 7 Manager.lnk"
Error Reading file: "C:\ProgramData\Desktop\Winamp.lnk"
Error Reading file: "C:\ProgramData\Desktop\VLC media player.lnk"
Error Reading file: "C:\ProgramData\Desktop\Ulead VideoStudio SE DVD.lnk"
Error Reading file: "C:\ProgramData\Desktop\Total Commander.lnk"
Error Reading file: "C:\ProgramData\Desktop\Stronghold Crusader HD.lnk"
Error Reading file: "C:\ProgramData\Desktop\Stronghold Crusader Extreme HD.lnk"
Error Reading file: "C:\ProgramData\Desktop\Steam.lnk"
Error Reading file: "C:\ProgramData\Desktop\SD Card Formatter.lnk"
Error Reading file: "C:\ProgramData\Desktop\Registrace uživatele zařízení Canon MP270 series.LNK"
Error Reading file: "C:\ProgramData\Desktop\PotPlayer 64 bit.lnk"
Error Reading file: "C:\ProgramData\Desktop\Pandora Recovery.lnk"
Error Reading file: "C:\ProgramData\Desktop\Norton 360.lnk"
Error Reading file: "C:\ProgramData\Desktop\Nero 2014.lnk"
Error Reading file: "C:\ProgramData\Desktop\Malwarebytes.lnk"
Error Reading file: "C:\ProgramData\Desktop\ImgBurn.lnk"
Error Reading file: "C:\ProgramData\Desktop\Horizon.lnk"
Error Reading file: "C:\ProgramData\Desktop\Google Chrome.lnk"
Error Reading file: "C:\ProgramData\Desktop\Free Download Manager.lnk"
Error Reading file: "C:\ProgramData\Desktop\Firefox.lnk"
Error Reading file: "C:\ProgramData\Desktop\desktop.ini"
Error Reading file: "C:\ProgramData\Desktop\DAEMON Tools Lite.lnk"
Error Reading file: "C:\ProgramData\Desktop\Canon Solution Menu.lnk"
Error Reading file: "C:\ProgramData\Desktop\Canon My Printer.lnk"
Error Reading file: "C:\ProgramData\Desktop\Canon MP270 series Příručka online.lnk"
Error Reading file: "C:\ProgramData\Desktop\Canon MP Navigator EX 3.0.lnk"
Error Reading file: "C:\ProgramData\Desktop\Canon Easy-PhotoPrint EX.lnk"
Error Reading file: "C:\ProgramData\Desktop\Alan Wake.lnk"
Error Reading file: "C:\ProgramData\Desktop\Adlice Protect.lnk"
Error Reading file: "C:\ProgramData\Desktop\1-Click Cleaner.lnk"
2025-03-27 17:32 - 2025-03-27 17:33 - 000039634 _____ C:\Users\Martys\Desktop\FRST.txt
2025-03-27 17:32 - 2025-03-27 17:32 - 002404352 _____ (Farbar) C:\Users\Martys\Desktop\FRST64.exe
2025-03-27 17:20 - 2025-03-27 17:20 - 000000000 ____D C:\_OTL
2025-03-25 18:12 - 2025-03-25 18:12 - 000147364 _____ C:\Users\Martys\Desktop\OTL.Txt
2025-03-23 19:59 - 2025-03-23 19:59 - 000000693 _____ C:\Users\Public\Desktop\Alan Wake.lnk
2025-03-23 19:46 - 2025-03-23 20:01 - 000000000 ____D C:\Users\Martys\Documents\Remedy
2025-03-23 19:00 - 2025-03-23 19:00 - 000602112 _____ (OldTimer Tools) C:\Users\Martys\Desktop\OTL.exe
2025-03-23 18:55 - 2025-03-23 18:55 - 000000000 ____D C:\Users\Martys\AppData\Local\2K Games
2025-03-21 16:22 - 2025-03-21 16:22 - 000000000 ____D C:\Users\Martys\Desktop\nortonpchelp
2025-03-20 18:53 - 2025-03-20 19:03 - 000000000 ____D C:\Users\Martys\AppData\Local\Canon Easy-PhotoPrint EX
2025-03-20 18:13 - 2025-03-20 18:13 - 000000008 __RSH C:\ProgramData\ntuser.pol
2025-03-20 18:01 - 2025-03-20 18:01 - 000000000 ___HD C:\$AV_NLL
2025-03-19 15:34 - 2025-03-19 15:34 - 000316008 _____ (Gen Digital Inc.) C:\Windows\system32\nllBoot.exe
2025-03-18 19:32 - 2025-03-18 19:32 - 000001980 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2025-03-18 19:32 - 2025-03-18 19:32 - 000001968 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2025-03-18 19:32 - 2025-03-18 19:32 - 000000000 ____D C:\Users\Martys\AppData\Local\Malwarebytes
2025-03-18 19:30 - 2025-03-18 19:30 - 000000000 ____D C:\ProgramData\Malwarebytes
2025-03-18 19:30 - 2025-03-18 19:30 - 000000000 ____D C:\Program Files\Malwarebytes
2025-03-18 19:06 - 2025-03-18 19:06 - 000002043 _____ C:\Users\Public\Desktop\Windows 7 Manager.lnk
2025-03-18 19:06 - 2025-03-18 19:06 - 000002032 _____ C:\Users\Public\Desktop\1-Click Cleaner.lnk
2025-03-18 19:06 - 2025-03-18 19:06 - 000000000 ____D C:\Users\Martys\AppData\Roaming\Yamicsoft
2025-03-18 19:06 - 2025-03-18 19:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 Manager
2025-03-18 19:06 - 2025-03-18 19:06 - 000000000 ____D C:\Program Files\Yamicsoft
2025-03-18 18:50 - 2025-03-18 18:50 - 000002728 _____ C:\Users\Martys\Desktop\SecurityCheck.exe
2025-03-18 18:36 - 2025-03-18 19:21 - 000954273 _____ C:\Users\Martys\Desktop\Addition martan.txt
2025-03-18 18:34 - 2025-03-27 17:33 - 000000000 ____D C:\FRST
2025-03-18 18:18 - 2025-03-18 18:18 - 000001020 _____ C:\Users\Martys\Desktop\JRT.txt
2025-03-18 17:55 - 2025-03-18 17:55 - 001790024 _____ (Malwarebytes) C:\Users\Martys\Desktop\JRT.exe
2025-03-18 17:45 - 2025-03-18 18:02 - 000000818 _____ C:\Users\Public\Desktop\Adlice Protect.lnk
2025-03-18 17:45 - 2025-03-18 18:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2025-03-18 17:45 - 2025-03-18 18:02 - 000000000 ____D C:\Program Files\RogueKiller
2025-03-18 17:45 - 2025-03-18 17:56 - 000000000 ____D C:\ProgramData\RogueKiller
2025-03-18 17:44 - 2025-03-18 16:44 - 051488976 _____ (Adlice Software ) C:\Users\Martys\Desktop\RogueKiller_setup.exe
2025-03-18 16:38 - 2025-03-18 17:52 - 000000000 ____D C:\AdwCleaner
2025-03-18 16:34 - 2025-03-18 16:32 - 002834160 _____ (Malwarebytes) C:\Users\Martys\Desktop\MBSetup.exe
2025-03-18 16:34 - 2025-03-18 16:20 - 008791352 _____ (Malwarebytes) C:\Users\Martys\Desktop\adwcleaner.exe
2025-03-18 16:34 - 2025-03-18 16:20 - 001904096 _____ ( ) C:\Users\Martys\Desktop\adwcleaner-8.4.0-installer_U-gGFm1.exe
2025-03-18 16:28 - 2025-03-18 16:28 - 001904096 _____ ( ) C:\Users\Martys\Desktop\adwcleaner-8.4.0-installer_u-VkCv1.exe
2025-03-18 16:25 - 2025-03-18 16:25 - 000001025 _____ C:\Users\Public\Desktop\WinSCP.lnk
2025-03-18 16:22 - 2025-03-18 16:22 - 000002026 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Private Browsing.lnk
2025-03-18 16:22 - 2025-03-18 16:22 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-03-18 16:21 - 2025-02-19 11:51 - 000000545 _____ C:\Windows\UC.PIF
2025-03-18 16:21 - 2025-02-19 11:51 - 000000545 _____ C:\Windows\RAR.PIF
2025-03-18 16:21 - 2025-02-19 11:51 - 000000545 _____ C:\Windows\PKZIP.PIF
2025-03-18 16:21 - 2025-02-19 11:51 - 000000545 _____ C:\Windows\PKUNZIP.PIF
2025-03-18 16:21 - 2025-02-19 11:51 - 000000545 _____ C:\Windows\LHA.PIF
2025-03-18 16:21 - 2025-02-19 11:51 - 000000545 _____ C:\Windows\ARJ.PIF
2025-03-18 16:20 - 2025-03-18 16:20 - 000000943 _____ C:\Users\Public\Desktop\Winamp.lnk
2025-03-18 16:19 - 2025-03-18 16:19 - 000003242 _____ C:\Windows\system32\Tasks\klcp_update
2025-03-18 16:19 - 2025-03-18 16:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2025-03-18 16:19 - 2025-03-18 16:19 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2025-03-18 16:02 - 2025-03-21 16:22 - 000001791 _____ C:\Users\Martys\Desktop\CrystalDiskInfo.lnk
2025-03-18 16:02 - 2025-03-18 16:03 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2025-03-18 16:02 - 2025-03-18 16:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2025-03-14 16:02 - 2025-03-27 17:24 - 000003266 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2025-03-14 16:02 - 2025-03-27 17:24 - 000000670 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2025-03-11 18:32 - 2025-03-14 21:22 - 000000000 ____D C:\Users\Martys\AppData\Local\Adobe
2025-03-08 21:06 - 2025-03-08 21:04 - 000388608 _____ (Trend Micro Inc.) C:\Users\Martys\Desktop\HijackThis.exe
2025-03-08 19:34 - 2025-03-08 20:07 - 000000000 ____D C:\Users\Martys\Documents\Xenia
2025-03-07 18:21 - 2025-03-07 18:22 - 000000000 ____D C:\Users\Martys\Desktop\Nová složka
2025-03-07 16:46 - 2025-03-11 17:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-03-27 17:31 - 2009-07-14 05:45 - 000022656 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2025-03-27 17:31 - 2009-07-14 05:45 - 000022656 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2025-03-27 17:28 - 2009-07-14 16:18 - 000672158 _____ C:\Windows\system32\perfh005.dat
2025-03-27 17:28 - 2009-07-14 16:18 - 000142754 _____ C:\Windows\system32\perfc005.dat
2025-03-27 17:28 - 2009-07-14 06:13 - 001593302 _____ C:\Windows\system32\PerfStringBackup.INI
2025-03-27 17:28 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2025-03-27 17:25 - 2020-05-09 15:18 - 000000000 ____D C:\Program Files (x86)\Steam1
2025-03-27 17:25 - 2014-05-03 01:11 - 000000000 ____D C:\Program Files (x86)\Google
2025-03-27 17:24 - 2014-03-06 00:09 - 000000000 ____D C:\Program Files\CCleaner
2025-03-27 17:23 - 2022-02-21 18:55 - 000000000 ____D C:\ProgramData\Norton
2025-03-27 17:23 - 2014-03-26 19:49 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2025-03-27 17:22 - 2023-05-31 12:29 - 010485760 _____ C:\vgaexte.dat
2025-03-27 17:22 - 2014-05-03 01:18 - 000000000 ____D C:\ProgramData\NVIDIA
2025-03-27 17:22 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2025-03-23 20:21 - 2014-03-07 00:43 - 000000000 ____D C:\Users\Martys\AppData\Roaming\vlc
2025-03-23 19:59 - 2014-10-03 11:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2025-03-23 19:59 - 2009-07-14 06:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2025-03-23 19:17 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2025-03-23 17:51 - 2022-10-13 18:13 - 000002019 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2025-03-23 17:38 - 2022-12-21 19:23 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-03-20 19:03 - 2009-07-14 06:32 - 000000000 ____D C:\Windows\system32\FxsTmp
2025-03-20 19:00 - 2014-03-06 13:30 - 000000000 ____D C:\ProgramData\CanonIJPLM
2025-03-20 18:29 - 2019-11-07 23:29 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2025-03-20 18:11 - 2009-07-14 04:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2025-03-20 18:11 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2025-03-20 17:51 - 2025-01-02 20:20 - 000000000 ____D C:\Windows\system32\Tasks\Norton
2025-03-19 16:46 - 2025-02-21 16:49 - 000000000 ____D C:\Users\Martys\AppData\Roaming\rhj_tool_alpha
2025-03-19 15:34 - 2025-01-02 20:21 - 001427552 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\nllSP.sys
2025-03-19 15:34 - 2025-01-02 20:21 - 000959064 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\nllSnx.sys
2025-03-19 15:34 - 2025-01-02 20:21 - 000553568 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\nllNetHub.sys
2025-03-19 15:34 - 2025-01-02 20:21 - 000389720 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\nllVmm.sys
2025-03-19 15:34 - 2025-01-02 20:21 - 000384096 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\nllbidsdriver.sys
2025-03-19 15:34 - 2025-01-02 20:21 - 000296032 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\nllbidsh.sys
2025-03-19 15:34 - 2025-01-02 20:21 - 000278616 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\nllMonFlt.sys
2025-03-19 15:34 - 2025-01-02 20:21 - 000246880 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\nllArPot.sys
2025-03-19 15:34 - 2025-01-02 20:21 - 000098912 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\nllRdr2.sys
2025-03-19 15:34 - 2025-01-02 20:21 - 000084576 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\nllbuniv.sys
2025-03-19 15:34 - 2025-01-02 20:21 - 000069728 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\nllRvrt.sys
2025-03-19 15:34 - 2025-01-02 20:21 - 000037984 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\nllKbd.sys
2025-03-19 15:34 - 2025-01-02 20:21 - 000020568 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\nllArDisk.sys
2025-03-18 19:10 - 2025-01-22 18:25 - 000000000 ____D C:\Program Files\chrome_BITS_8564_597204738
2025-03-18 19:10 - 2024-12-13 16:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2025-03-18 19:10 - 2019-08-20 20:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CD to MP3 Freeware
2025-03-18 19:10 - 2019-08-04 18:54 - 000000000 ____D C:\Users\Martys\AppData\Roaming\Anvsoft
2025-03-18 19:10 - 2018-07-13 23:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speedtest By Ookla
2025-03-18 19:10 - 2018-02-24 22:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Castle Attack
2025-03-18 19:10 - 2017-10-19 16:56 - 000000000 ____D C:\Users\Martys\AppData\Local\PingPlotter 5
2025-03-18 19:10 - 2017-02-11 20:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mafia
2025-03-18 19:10 - 2014-07-27 22:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAG-COM
2025-03-18 19:10 - 2014-04-09 17:52 - 000000000 ____D C:\Users\Martys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2025-03-18 17:37 - 2016-06-15 14:18 - 000000000 ____D C:\ProgramData\Avg
2025-03-18 17:37 - 2014-03-13 17:47 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-03-18 16:29 - 2020-03-10 21:04 - 000000000 ____D C:\Users\Martys\AppData\Local\CrashDumps
2025-03-18 16:25 - 2021-05-27 11:20 - 000001037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk
2025-03-18 16:25 - 2021-05-27 11:20 - 000000128 _____ C:\Users\Martys\AppData\Roaming\winscp.rnd
2025-03-18 16:25 - 2021-05-27 11:20 - 000000000 ____D C:\Program Files (x86)\WinSCP
2025-03-18 16:24 - 2016-12-21 21:00 - 000000000 ____D C:\Program Files\Java
2025-03-18 16:24 - 2014-06-16 16:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2025-03-18 16:22 - 2022-12-21 19:23 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2025-03-18 16:22 - 2014-03-13 17:47 - 000000896 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-03-18 16:22 - 2014-03-08 01:55 - 000000884 _____ C:\Users\Public\Desktop\Firefox.lnk
2025-03-18 16:22 - 2014-03-06 00:14 - 000000000 ____D C:\Program Files\totalcmd
2025-03-18 16:21 - 2021-11-27 13:16 - 000000000 ____D C:\ProgramData\Package Cache
2025-03-18 16:20 - 2022-03-02 16:53 - 000000000 ____D C:\Users\Martys\AppData\Local\Norton
2025-03-18 16:20 - 2014-03-14 18:00 - 000000000 ____D C:\Program Files (x86)\Winamp

==================== Files in the root of some directories ========

2021-03-18 15:01 - 2022-11-01 19:22 - 000000040 _____ () C:\Users\Martys\AppData\Roaming\cdr.ini
2019-07-10 21:41 - 2019-07-10 21:50 - 000011348 _____ () C:\Users\Martys\AppData\Roaming\downloads.json
2014-03-07 12:43 - 2021-03-02 20:02 - 000099384 _____ () C:\Users\Martys\AppData\Roaming\inst.exe
2002-08-29 16:33 - 2002-08-29 16:33 - 000319488 ____R () C:\Users\Martys\AppData\Roaming\MafiaSetup.exe
2014-03-07 12:43 - 2021-03-02 20:02 - 000007859 _____ () C:\Users\Martys\AppData\Roaming\pcouffin.cat
2014-03-07 12:43 - 2021-03-02 20:02 - 000001167 _____ () C:\Users\Martys\AppData\Roaming\pcouffin.inf
2014-03-07 12:43 - 2021-03-02 20:02 - 000082816 _____ (VSO Software) C:\Users\Martys\AppData\Roaming\pcouffin.sys
2014-03-07 12:44 - 2016-01-31 10:40 - 000000668 _____ () C:\Users\Martys\AppData\Roaming\vso_ts_preview.xml
2021-05-27 11:20 - 2025-03-18 16:25 - 000000128 _____ () C:\Users\Martys\AppData\Roaming\winscp.rnd
2014-04-04 22:14 - 2014-04-04 22:14 - 000003584 _____ () C:\Users\Martys\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-28 23:28 - 2015-06-19 15:51 - 000001120 _____ () C:\Users\Martys\AppData\Local\MRDownloader.nast
2016-01-08 23:45 - 2025-01-04 22:38 - 000007666 _____ () C:\Users\Martys\AppData\Local\Resmon.ResmonCfg
2022-12-22 18:18 - 2022-12-22 18:18 - 000000000 _____ () C:\Users\Martys\AppData\Local\{D53D59BD-D5FE-41CB-99A4-85B7A10AB473}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2025-03-25 18:34
==================== End of FRST.txt ========================

[Marťan]

Zde FRST Addition https://webshare.cz/#/file/OJDmnLn7FT/addition-2-txt

[jaro3]

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR Notifications: Default -> hxxps://36icufrredxfn6.enhanceconnection.co.in; hxxps://3coj5unzs4wjur.enhanceconnection.co.in; hxxps://5vmi4ssitorwnk.enhanceconnection.co.in; hxxps://bxqra9a1711pju.enhanceconnection.co.in; hxxps://club.autodoc.cz; hxxps://cuae64u071bc73c40vsg.protocolchainflow.com; hxxps://cuae7am071bc73c425h0.enhanceconnection.co.in; hxxps://cuae7g6071bc73c42ba0.protocolchainflow.com; hxxps://cub1bs6071bc73ckocag.enhanceconnection.co.in; hxxps://cub1kkm071bc73cl1amg.enhanceconnection.co.in; hxxps://cudqgdu071bc73euiuj0.enhanceconnection.co.in; hxxps://cudqghu071bc73euj2fg.protocolchainflow.com; hxxps://cudqigu071bc73eul9ig.enhanceconnection.co.in; hxxps://cudqilu071bc73eulf4g.protocolchainflow.com; hxxps://datanodes.to; hxxps://ixzc4t.cipaineutti.com; hxxps://r3e3ckp8an73yq.enhanceconnection.co.in; hxxps://vjr2ws.parthonylogles.com; hxxps://xfmvc6zgsv3gsl.enhanceconnection.co.in; hxxps://xys4dbprmekzdd.enhanceconnection.co.in; hxxps://ytb3qzyl3e9s5a.enhanceconnection.co.in
CHR DefaultSuggestURL: Default -> hxxps://ss-sym.search.ask.com/ss?limit= ... f&hl=cs&q={searchTerms}
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKU\S-1-5-21-2131128835-2277457285-3308782453-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CMD: netsh int ip reset
CMD: ipconfig /flushDNS

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Pak ještě Adwcleaner.