Dobrý den - mám nějaký problém - viz příloha. Vždy resetuji PC, někdy i 2x za sebou a teprve pak sena stránku dostanu.
Prosím o preventivku:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28.03.2024
Ran by Danica (administrator) on DANICA-PC (Gigabyte Technology Co., Ltd. Z97-D3H) (22-05-2024 10:15:08)
Running from C:\Users\Danica\Desktop\FRST64 (1).exe
Loaded Profiles: Danica
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser not detected!
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe ->) (Avast Software s.r.o. -> Avast Software) C:\Program Files\AVAST Software\SecureLine VPN\OpenVPN\openvpn.exe
(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(cmd.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\AVAST Software\SecureLine VPN\VpnNM.exe
(explorer.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Cleanup\TuneupUI.exe <3>
(explorer.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Driver Updater\DriverUpdUI.exe <2>
(explorer.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe <4>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <26>
(explorer.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> PixArt Imaging Incorporation) C:\Windows\PixArt\Pac207\Monitor.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Cleanup\TuneupSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\AVAST Software\Driver Updater\DriverUpdSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [9831832 2024-03-18] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Monitor] => C:\Windows\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (Microsoft Windows Hardware Compatibility Publisher -> PixArt Imaging Incorporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [424344 2024-05-07] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\...\Run: [DriverUpdUI.exe] => C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe [10731416 2024-05-14] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-835433377-1433666261-3082474647-1000\...\Run: [Google Update] => C:\Users\Danica\AppData\Local\Google\Update\1.3.36.372\GoogleUpdateCore.exe [223008 2024-02-02] (Google LLC -> Google LLC)
HKLM\...\Windows x64\Print Processors\Canon MP250 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9W.DLL [28672 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP250 series: C:\Windows\system32\CNMLM9W.DLL [336896 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\109.0.5414.120\Installer\chrmstp.exe [2023-02-04] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll",CreateReaderUserSettings
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2024-05-17]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {013FAD6D-5668-420B-9392-267E371279A0} - \GoogleUpdateTaskUserS-1-5-21-835433377-1433666261-3082474647-1000UA{3AF7B6A2-B023-4717-9375-73F09B698A9A} -> No File <==== ATTENTION
Task: {CB9B770C-314C-4FA6-B782-E83AA9C1BBDE} - \GoogleUpdateTaskUserS-1-5-21-835433377-1433666261-3082474647-1000Core{88A44582-F8A3-4EE1-B69D-4759C14CF482} -> No File <==== ATTENTION
Task: {7363FB08-1054-4420-855C-42610C6DA190} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {FC5843C0-0214-4285-A0C0-AE3DEEB48673} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [4979096 2024-03-18] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\A (the data entry has 70 more characters).
Task: {85FA844B-D5F4-45C1-8A81-9000824661B6} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [7786904 2024-03-14] (Avast Software s.r.o. -> Avast Software)
Task: {F2BFED25-DF7B-4CE6-BA56-B99F9DA6E038} - System32\Tasks\Avast Software\Avast Driver Updater BugReport => C:\Program Files\Avast Software\Driver Updater\AvBugReport.exe [4891032 2024-05-14] (Avast Software s.r.o. -> Gen Digital Inc.) -> --send "dumps|report" --silent --product 148 --programpath "C:\Program Files\Avast Software\Driver Updater\Setup\.." --configpath "C:\Program Files\Avast Software\Driver Updater\Setup" --path "C:\ProgramData\Avast Software\Driver Updater\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --log (the data entry has 99 more characters).
Task: {932DDB95-B76B-43DD-89A5-D4790C13EA11} - System32\Tasks\Avast Software\Avast Driver Updater Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-du\icarus.exe [8039832 2024-05-08] (Avast Software s.r.o. -> Avast Software)
Task: {5FB88AD3-A2F9-4127-96E1-39C7D1470CBC} - System32\Tasks\Avast Software\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5201304 2024-05-07] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {E11EA96C-EC1B-4DD6-AFBB-DC813E92444B} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [5015960 2024-05-16] (Avast Software s.r.o. -> Gen Digital Inc.) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramDat (the data entry has 80 more characters).
Task: {5B4E9354-E0AB-481C-9162-76964E6A2BDE} - System32\Tasks\Avast Software\Avast SecureLine VPN Emergency Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1438616 2024-05-16] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {06AD13C9-5C46-4839-88A4-3F35F713E6A3} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [7498648 2024-04-26] (Avast Software s.r.o. -> Avast Software)
Task: {3D9600B3-AEDD-4F4F-86E6-8F609D5208A4} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-01] (Avast Software s.r.o. -> Avast Software)
Task: {4F4C1840-BCE7-47BF-9E3A-E2B6A4B999DE} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [816960 2017-10-11] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {5ECD3875-7B45-464F-B3C8-9550E064C862} - System32\Tasks\Opera scheduled assistant Autoupdate 1659598895 => C:\Users\Danica\AppData\Local\Programs\Opera\launcher.exe [1866960 2022-03-29] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Danica\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {14415E68-8A42-437A-9801-E9B3F6B9CC54} - System32\Tasks\Opera scheduled Autoupdate 1548835486 => C:\Users\Danica\AppData\Local\Programs\Opera\launcher.exe [1866960 2022-03-29] (Opera Software AS -> Opera Software)
Task: {0923F731-6A9F-421A-9AD8-45E54B612CA1} - System32\Tasks\Opera scheduled Autoupdate 1659598887 => C:\Users\Danica\AppData\Local\Programs\Opera\launcher.exe [1866960 2022-03-29] (Opera Software AS -> Opera Software)
Task: {DA7D9B12-8CB8-4164-9944-7D4559615EB6} - System32\Tasks\Program k provádění aktualizací online Adobe => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {D7D403FC-3B78-45D3-B1E1-E1BE5906998A} - System32\Tasks\WinASORegistryOptimizerForDanica => C:\Program Files (x86)\WinASO\Registry Optimizer 4.0\RegOpt.exe -> C:\Program Files (x86)\WinASO\Registry Optimizer 4.0\\-auto -second15 -param11111111111111111111
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\WinASORegistryOptimizerForDanica.job => C:\Program Files (x86)\WinASO\Registry Optimizer 4.0\RegOpt.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{A10C2104-F2DE-4AAA-AA41-1F8916A922BE}: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{A10C2104-F2DE-4AAA-AA41-1F8916A922BE}: [DhcpDomain] home
Tcpip\..\Interfaces\{BF8E6D5A-A227-42DC-BBC2-1E48544133F3}: [DhcpNameServer] 192.168.2.1 192.168.0.1
Tcpip\..\Interfaces\{E64695E6-DE1B-4473-B479-F34B73537FB5}: [NameServer] 100.120.182.1
Edge:
=======
Edge Profile: C:\Users\Danica\AppData\Local\Microsoft\Edge\User Data\Default [2020-06-26]
FireFox:
========
FF DefaultProfile: 8qyzod9n.default-1549969440949
FF ProfilePath: C:\Users\Danica\AppData\Roaming\Mozilla\Firefox\Profiles\8qyzod9n.default-1549969440949 [2020-07-09]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2015-11-18] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.14 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.20 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2024-05-12] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-835433377-1433666261-3082474647-1000: google.com/WidevineMediaOptimizer -> C:\Users\Danica\AppData\Roaming\IDM\bin\npwidevinemediaoptimizer.dll [2014-06-09] (Widevine Technologies -> Google Inc.)
Chrome:
=======
CHR Profile: C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default [2024-05-22]
CHR DownloadDir: C:\Users\Danica\Desktop
CHR Notifications: Default -> hxxps://cz.pinterest.com; hxxps://hotovkykosik.cz; hxxps://www.facebook.com; hxxps://www.megaknihy.cz
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.denik.cz/krimi/vysetrovani-tragedie ... ount/Index"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Facebook) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2015-11-24]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-04-04]
CHR Extension: (Avast Passwords) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2021-01-05]
CHR Extension: (Hodiny) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo [2015-11-24]
CHR Extension: (Chuck Anderson) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegkoiakifeoejnjkbnnojkkdoegeofp [2017-07-14]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2023-02-05]
CHR Extension: (Uložit na Pinterest) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2024-05-10]
CHR Extension: (Blogger) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\lejliakmhcfhakneflmicaoikhbicggc [2015-11-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Picasa) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2015-11-24]
CHR Extension: (Avast SecureLine VPN) - C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\phmegojolgpbbcnhccbfneddlooepbpd [2024-01-13]
CHR Profile: C:\Users\Danica\AppData\Local\Google\Chrome\User Data\System Profile [2019-03-26]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
Opera:
=======
OPR Profile: C:\Users\Danica\AppData\Roaming\Opera Software\Opera Stable [2023-10-12]
OPR Notifications: Opera Stable -> hxxps://www.facebook.com
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Danica\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-08-04]
OPR Extension: (Opera Crypto Wallet) - C:\Users\Danica\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-08-04]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Danica\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-06-28]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
S3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [9152408 2024-05-07] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [766872 2024-05-07] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2302360 2024-05-07] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [1203608 2024-05-07] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-05-20] (Avast Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [18727320 2024-03-18] (Avast Software s.r.o. -> AVAST Software)
R2 DriverUpdSvc; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [17233304 2024-05-14] (Avast Software s.r.o. -> Gen Digital Inc.)
S3 LibreOfficeMaintenance; C:\Program Files\LibreOffice\program\update_service.exe [123320 2024-05-01] (The Document Foundation -> The Document Foundation)
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [12354968 2024-05-16] (Avast Software s.r.o. -> Gen Digital Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2015-11-22] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [229944 2024-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [379960 2024-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [292920 2024-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [84536 2024-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [28728 2024-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [268856 2024-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [548920 2024-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [23472 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [97848 2024-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [69176 2024-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [935992 2024-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [695864 2024-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [203720 2024-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [53904 2018-09-05] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [306120 2024-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 aswVpnRdr; C:\Windows\System32\drivers\aswVpnRdr.sys [78632 2024-01-26] (Microsoft Windows Hardware Compatibility Publisher -> Avast Software)
R3 aswWintun; C:\Windows\System32\DRIVERS\aswWintun.sys [40832 2024-01-26] (Microsoft Windows Hardware Compatibility Publisher -> Avast Software)
S3 aswWireGuard; C:\Windows\System32\DRIVERS\aswWireguard.sys [184544 2023-05-14] (Avast Software s.r.o. -> Avast Software)
R3 int0800; C:\Windows\System32\DRIVERS\flashud.sys [51712 2009-09-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R1 netfilter2; C:\Windows\System32\drivers\netfilter2.sys [88720 2021-03-25] (Avast Software s.r.o. -> Windows (R) Win 7 DDK provider)
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [572416 2006-12-05] (Microsoft Windows Hardware Compatibility Publisher -> PixArt Imaging Inc.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166768 2020-10-20] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 SWDUMon; system32\DRIVERS\SWDUMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-05-22 10:15 - 2024-05-22 10:16 - 000024710 _____ C:\Users\Danica\Desktop\FRST.txt
2024-05-20 13:48 - 2024-05-20 13:48 - 000001418 _____ C:\Users\Public\Desktop\LibreOffice 24.2.lnk
2024-05-20 13:48 - 2024-05-20 13:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 24.2
2024-05-16 08:21 - 2024-05-20 18:29 - 000415160 _____ C:\Windows\system32\FNTCACHE.DAT
2024-05-12 10:46 - 2024-05-21 21:47 - 000003540 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{BEFB5EAA-93A6-4FC6-AC99-BF1F782E720D}
2024-05-12 10:46 - 2024-05-21 21:47 - 000003412 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{BBE4CBF5-88E0-47F4-B05E-101F2B24B505}
2024-05-12 10:44 - 2024-05-18 12:31 - 000000000 ____D C:\Program Files\TeamViewer
2024-05-07 08:41 - 2024-05-07 08:41 - 000314776 _____ (Gen Digital Inc.) C:\Windows\system32\aswBoot.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-05-22 10:15 - 2020-07-08 12:49 - 000000000 ____D C:\FRST
2024-05-22 10:12 - 2022-08-05 07:32 - 000000000 ___HD C:\Users\Danica\Downloads\.opera
2024-05-22 10:12 - 2022-08-05 07:32 - 000000000 ___HD C:\Users\Danica\.opera
2024-05-22 10:11 - 2015-11-22 10:34 - 000000000 ____D C:\Program Files (x86)\Google
2024-05-22 10:10 - 2017-03-12 10:36 - 000000000 ____D C:\Users\Danica\AppData\Local\AVAST Software
2024-05-22 10:08 - 2015-12-03 17:08 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2024-05-22 10:08 - 2015-11-22 14:26 - 000000000 __SHD C:\Users\Danica\IntelGraphicsProfiles
2024-05-22 10:07 - 2015-11-24 14:06 - 000000000 ____D C:\ProgramData\AVAST Software
2024-05-22 10:07 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-05-22 10:07 - 2009-07-14 06:45 - 000032464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2024-05-22 10:06 - 2009-07-14 06:45 - 000032464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2024-05-21 21:47 - 2022-08-04 09:41 - 000004308 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1659598895
2024-05-21 21:47 - 2022-08-04 09:41 - 000004072 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1659598887
2024-05-21 21:47 - 2019-11-23 14:17 - 000003646 _____ C:\Windows\system32\Tasks\Intel PTT EK Recertification
2024-05-21 21:47 - 2019-01-30 10:04 - 000004072 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1548835486
2024-05-20 13:47 - 2019-03-16 12:56 - 000000000 ____D C:\Program Files\LibreOffice
2024-05-20 09:18 - 2021-12-01 21:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2024-05-20 09:18 - 2021-12-01 21:38 - 000000000 ____D C:\Program Files\7-Zip
2024-05-19 18:17 - 2015-11-25 20:14 - 000004478 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2024-05-19 18:09 - 2022-10-21 06:25 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2024-05-17 20:06 - 2022-08-28 19:21 - 000000000 ____D C:\Users\Danica\Documents\recepty
2024-05-16 00:09 - 2015-11-22 17:14 - 000000000 ____D C:\Windows\system32\MRT
2024-05-16 00:06 - 2015-11-22 17:13 - 196465576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-05-15 18:28 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2024-05-13 15:15 - 2015-11-22 11:21 - 000000000 ___HD C:\Program Files (x86)\Temp
2024-05-13 08:41 - 2009-07-14 07:32 - 000000000 ____D C:\Windows\system32\FxsTmp
2024-05-12 10:50 - 2019-07-13 13:00 - 000000000 ____D C:\Users\Danica\AppData\Local\TeamViewer
2024-05-07 08:41 - 2021-01-02 19:32 - 000935992 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswSnx.sys
2024-05-07 08:41 - 2021-01-02 19:32 - 000695864 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswSP.sys
2024-05-07 08:41 - 2021-01-02 19:32 - 000548920 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswNetHub.sys
2024-05-07 08:41 - 2021-01-02 19:32 - 000379960 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswbidsdriver.sys
2024-05-07 08:41 - 2021-01-02 19:32 - 000306120 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswVmm.sys
2024-05-07 08:41 - 2021-01-02 19:32 - 000292920 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswbidsh.sys
2024-05-07 08:41 - 2021-01-02 19:32 - 000268856 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswMonFlt.sys
2024-05-07 08:41 - 2021-01-02 19:32 - 000229944 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswArPot.sys
2024-05-07 08:41 - 2021-01-02 19:32 - 000097848 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswRdr2.sys
2024-05-07 08:41 - 2021-01-02 19:32 - 000084536 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswbuniv.sys
2024-05-07 08:41 - 2021-01-02 19:32 - 000069176 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswRvrt.sys
2024-05-07 08:41 - 2021-01-02 19:32 - 000028728 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswKbd.sys
2024-05-02 08:49 - 2009-07-14 07:08 - 000032614 _____ C:\Windows\Tasks\SCHEDLGU.TXT
==================== Files in the root of some directories ========
2019-10-01 15:48 - 2019-10-01 15:48 - 000000017 _____ () C:\Users\Danica\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2024-05-17 12:34
==================== End of FRST.txt ===============
??????????????????????????????????????????????????????????????????????????????????????????????
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28.03.2024
Ran by Danica (22-05-2024 10:16:16)
Running from C:\Users\Danica\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X64) (2015-11-22 08:18:55)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-835433377-1433666261-3082474647-500 - Administrator - Disabled)
Danica (S-1-5-21-835433377-1433666261-3082474647-1000 - Administrator - Enabled) => C:\Users\Danica
Guest (S-1-5-21-835433377-1433666261-3082474647-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
FW: Avast Antivirus (Disabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 21.06 (x64) (HKLM\...\7-Zip) (Version: 21.06 - Igor Pavlov)
7-Zip 24.04 (x64 edition) (HKLM\...\{23170F69-40C1-2702-2404-000001000000}) (Version: 24.04.00.0 - Igor Pavlov)
Adobe Acrobat Reader - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 24.002.20759 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601067}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Adobe Shockwave Player 12.2 (HKLM-x32\...\{315BE77E-D725-477D-9C71-63F78844363C}) (Version: 12.2.2.172 - Adobe Systems, Inc)
Avast Cleanup Premium (HKLM\...\Avast Cleanup) (Version: 23.4.15807.16040 - Avast Software)
Avast Driver Updater (HKLM\...\Avast Driver Updater) (Version: 24.1.5025.17362 - Avast Software)
Avast Premium Security (HKLM\...\Avast Antivirus) (Version: 24.4.6112 - Avast Software)
Avast SecureLine VPN (HKLM\...\Avast SecureLine) (Version: 24.4.9914.11970 - Avast Software)
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 109.0.5414.120 - Google LLC)
i-Look 110 (HKLM-x32\...\{99F351B0-E2CD-43E2-935F-256F1CF1348B}) (Version: 1.0.4.15 - KYE)
Intel(R) Chipset Device Software (HKLM\...\{9A431D9C-9FC9-454E-AC8D-15DBAA6ED0F7}) (Version: 10.0.26 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{0CF34B2C-F509-4D23-927E-334C1A776FED}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{A0EBC31A-8EA9-4D24-89A8-2C12A0B8B0C9}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{E3DE9447-C8F3-4DDA-82D3-096166CBBBB5}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{C7C01DEF-DFDD-4C01-9F22-4BDF7B26CF1D}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel(R) Network Connections 18.8.136.0 (HKLM\...\{2B7A8C9C-465A-42F0-B9C3-180FDAAB2C4B}) (Version: 18.8.136.0 - Intel) Hidden
Intel(R) Network Connections 18.8.136.0 (HKLM\...\PROSetDX) (Version: 18.8.136.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.5180 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.16.1063 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{9503AD68-6198-4081-9F57-1F346D7B58D4}) (Version: 14.8.16.1063 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{246c6cc0-9810-4728-9a29-28474de2eec5}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel(R) USB 3.0\3.1 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 5.0.4.43 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{5a6a5d15-d5af-417c-b08f-f7e5eb1f98af}) (Version: 10.0.26 - Intel(R) Corporation) Hidden
K-Lite Codec Pack 11.6.6 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.6.6 - )
LibreOffice 24.2.3.2 (HKLM\...\{9A41C733-FC13-480D-853A-4DA18DAA59E1}) (Version: 24.2.3.2 - The Document Foundation)
Microsoft .NET Framework 4.8 (CSY) (HKLM\...\{39DC4515-B8C1-3AD9-AA88-D7C8A333612F}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{16735AF7-1D8D-3681-94A5-C578A61EC832}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 109.0.1518.140 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{054EDAF7-39E0-41E8-9F06-21E6D19B9E59}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{B431C944-726E-409E-B4A1-8864E64E4F6C}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24215 (HKLM\...\{EF1EC6A9-17DE-3DA9-B040-686A1E8A8B04}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24215 (HKLM\...\{50A2BC33-C9CD-3BF1-A8FF-53C10A0B183C}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215 (HKLM-x32\...\{69BCE4AC-9572-3271-A2FB-9423BDA36A43}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215 (HKLM-x32\...\{BBF2AC74-720C-3CB3-8291-5E34039232FA}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Nature Illusion Studio (HKLM-x32\...\Nature Illusion Studio) (Version: 3.41 - Nufsoft)
Prohlížeč Seznam.cz (HKU\S-1-5-21-835433377-1433666261-3082474647-1000\...\Seznam Browser) (Version: 6.21.0 - Seznam.cz a.s.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9239.1 - Realtek Semiconductor Corp.)
Sqirlz Water Reflections (HKLM-x32\...\Sqirlz Water Reflections) (Version: 2.6 - xiberpix)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 11.00 - Ghisler Software GmbH)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.20 - VideoLAN)
Widevine Media Optimizer IE 6.0.0 (HKU\S-1-5-21-835433377-1433666261-3082474647-1000\...\optimizer_ie) (Version: 6.0.0.12757 - Widevine Technologies)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{3BC2EF70-3830-43FC-9009-029942FD2DCE}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.36.372\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel(R) pGFX 2020 -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.36.372\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-835433377-1433666261-3082474647-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Danica\AppData\Local\Google\Update\1.3.36.372\psuser_64.dll (Google LLC -> Google LLC)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-05-07] (Avast Software s.r.o. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-05-07] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-04-05] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-05-07] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-05-07] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-04-05] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2021-03-17] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-04-05] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-05-07] (Avast Software s.r.o. -> Gen Digital Inc.)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Danica\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5046ca2656e8714f\Chromium.lnk -> C:\Users\Danica\AppData\Local\chromium\Application\chrome.exe (The Chromium Authors) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2024-04-05 14:00 - 2024-04-05 14:00 - 000101376 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2021-11-06 16:43 - 2021-11-06 16:43 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2024-05-22 08:47 - 2024-05-22 08:47 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll] C:\Program Files\Avast Software\Avast\defs\24052200\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2021-11-06 16:43 - 2021-11-06 16:43 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2024-05-22 08:47 - 2024-05-22 08:47 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll] C:\Program Files\Avast Software\Avast\defs\24052200\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2021-11-06 16:43 - 2021-11-06 16:43 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2024-05-22 08:47 - 2024-05-22 08:47 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll] C:\Program Files\Avast Software\Avast\defs\24052200\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2021-11-06 16:43 - 2021-11-06 16:43 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2024-05-22 08:47 - 2024-05-22 08:47 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll] C:\Program Files\Avast Software\Avast\defs\24052200\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2021-11-06 16:43 - 2021-11-06 16:43 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2024-05-22 08:47 - 2024-05-22 08:47 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll] C:\Program Files\Avast Software\Avast\defs\24052200\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2021-11-06 16:43 - 2021-11-06 16:43 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2024-05-22 08:47 - 2024-05-22 08:47 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\24052200\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2021-11-06 16:43 - 2021-11-06 16:43 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2024-05-22 08:47 - 2024-05-22 08:47 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\24052200\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2024-05-22 08:47 - 2024-05-22 08:47 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\24052200\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll
2024-05-22 08:47 - 2024-05-22 08:47 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\24052200\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll
2021-11-06 16:43 - 2021-11-06 16:43 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2024-05-22 08:47 - 2024-05-22 08:47 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\24052200\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2024-05-22 08:47 - 2024-05-22 08:47 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\24052200\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll
2024-05-22 08:47 - 2024-05-22 08:47 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\24052200\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll
2024-05-22 08:47 - 2024-05-22 08:47 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\24052200\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll
2021-11-06 16:43 - 2021-11-06 16:43 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2024-05-22 08:47 - 2024-05-22 08:47 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\24052200\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2021-11-06 16:43 - 2021-11-06 16:43 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2024-05-22 08:47 - 2024-05-22 08:47 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\24052200\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2021-11-06 16:43 - 2021-11-06 16:43 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2024-05-22 08:47 - 2024-05-22 08:47 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\24052200\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2024-05-22 08:47 - 2024-05-22 08:47 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\24052200\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll
2024-05-22 08:47 - 2024-05-22 08:47 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll] C:\Program Files\Avast Software\Avast\defs\24052200\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll
2024-05-22 08:47 - 2024-05-22 08:47 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\msvcp140.dll] C:\Program Files\Avast Software\Avast\defs\24052200\avast.local_vc142.crt\MSVCP140.dll
2021-11-06 16:43 - 2021-11-06 16:43 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\ucrtbase.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\ucrtbase.DLL
2024-05-22 08:47 - 2024-05-22 08:47 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\ucrtbase.dll] C:\Program Files\Avast Software\Avast\defs\24052200\avast.local_vc142.crt\ucrtbase.DLL
2021-11-06 16:43 - 2021-11-06 16:43 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\AVAST Software\Avast\avast.local_vc142.crt\vcruntime140.dll] C:\Program Files\AVAST Software\Avast\1029\avast.local_vc142.crt\VCRUNTIME140.dll
2024-05-22 08:47 - 2024-05-22 08:47 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\vcruntime140.dll] C:\Program Files\Avast Software\Avast\defs\24052200\avast.local_vc142.crt\VCRUNTIME140.dll
2024-05-22 08:47 - 2024-05-22 08:47 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\vcruntime140_1.dll] C:\Program Files\Avast Software\Avast\defs\24052200\avast.local_vc142.crt\VCRUNTIME140_1.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Version 11) (Whitelisted) ==========
HKU\S-1-5-21-835433377-1433666261-3082474647-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {2E2AE52D-B746-4D5A-8D87-040FF26DA1AD} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {37FE3127-D331-432F-BA62-C6FA353ED829} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {474B5B48-C606-45D6-85BD-240F1DC1BC5D} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {4A0FE769-7C54-4C0A-B4AB-3E525FB2DCB1} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {4AC592D3-7BCD-4DC1-8B44-C589D17B7A37} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {BB2D0F1E-B329-4EC6-9E6D-7AFE0321B394} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {E179443E-DC27-473B-A279-C9C8091DC7B4} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {F41CD5ED-2BB8-4D58-9A8C-3B826C405379} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-835433377-1433666261-3082474647-1000 -> {F8D14E72-77A1-4FB6-AAEE-BB4FB3AAC7CA} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2011-10-14 16:53 - 2019-10-13 22:36 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\UCRT\;C:\Program Files\Intel\UCRT\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT
HKU\S-1-5-21-835433377-1433666261-3082474647-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Danica\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 100.120.182.1 - 31.30.90.11
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\Sidebar.exe /autoRun
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{3871DEFB-3256-41E5-9E2F-6464122C8120}] => (Allow) C:\Windows\System32\migwiz\migwiz.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{0E048752-553C-47DE-8491-2F377493FF42}] => (Allow) C:\Windows\System32\migwiz\migwiz.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{ADA3CE02-14BA-4B05-8BFE-69ADB4F9931C}] => (Allow) LPort=7000
FirewallRules: [{C20991B6-BD4A-4AE3-AE45-1A26C8701E33}] => (Allow) LPort=7000
FirewallRules: [{43CF9B9D-CBFC-43D6-B8E5-B5C52AE656DC}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{645796C0-1D2F-4C56-8A5C-FB2787E57FEF}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{26F06A34-69A4-4312-B641-4CEA17AE165E}] => (Allow) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{CA94148E-4037-4F66-B0A6-891B2FA9EF03}] => (Allow) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{D4B4BF4D-2323-40AE-9B31-5421C5B25073}] => (Allow) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{9621991E-64F4-422E-8FD1-6DE7B3B78606}] => (Allow) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{DE392749-7C93-4FF6-9062-BA93F8BF18B2}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{B57D9FF1-A482-4814-9EEA-FE1AEE2FD656}] => (Allow) C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{818FCFE1-5983-4C4F-8925-975ADD9DB002}] => (Allow) C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{1D4F373E-A400-4771-B145-B456B0C3B83C}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.140\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
12-05-2024 19:00:15 Windows Zálohování
16-05-2024 00:05:44 Windows Update
19-05-2024 19:00:24 Windows Zálohování
==================== Faulty Device Manager Devices ============
Name: Microsoft 6to4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft ISATAP Adapter
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft ISATAP Adapter #2
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (05/22/2024 10:14:34 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST64 (1).exe verze 28.3.2024.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 1be4
Čas spuštění: 01daac200746aa94
Čas ukončení: 1
Cesta k aplikaci: C:\Users\Danica\Desktop\FRST64 (1).exe
ID hlášení: 4b3d2a11-1813-11ef-9f96-fcaa1403e10e
Error: (05/22/2024 10:08:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (05/22/2024 10:01:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (05/22/2024 08:46:51 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (05/21/2024 08:57:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (05/20/2024 06:38:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (05/20/2024 06:31:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (05/20/2024 08:30:02 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
System errors:
=============
Error: (05/22/2024 10:19:17 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} se v daném časovém limitu neregistroval u služby DCOM.
Error: (05/22/2024 10:06:34 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
Error: (05/21/2024 08:59:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (05/21/2024 08:59:06 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Presentation Foundation Font Cache 3.0.0.0 bylo dosaženo časového limitu (30000 ms).
Error: (05/20/2024 06:38:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (05/20/2024 06:38:32 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Presentation Foundation Font Cache 3.0.0.0 bylo dosaženo časového limitu (30000 ms).
Error: (05/20/2024 01:38:34 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (05/20/2024 01:37:47 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Windows Defender:
================
Date: 2016-01-15 18:53:23.072
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{C3E4969D-95AC-45BB-9AC1-1A0DBE8D68B5}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:Danica-PC\Danica
==================== Memory info ===========================
BIOS: American Megatrends Inc. F9 09/18/2015
Motherboard: Gigabyte Technology Co., Ltd. Z97-D3H-CF
Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 65%
Total physical RAM: 7580.21 MB
Available physical RAM: 2579.43 MB
Total Virtual: 15158.56 MB
Available Virtual: 7924.28 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:575.6 GB) (Free:500.68 GB) (Model: WDC WD10PURX-64E5EY0 SCSI Disk Device) NTFS
Drive e: (Záloha ) (Fixed) (Total:355.69 GB) (Free:44.26 GB) (Model: WDC WD10PURX-64E5EY0 SCSI Disk Device) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 32DA4823)
Partition: GPT.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o preventivku
Moderátor: Moderátoři
Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
-
Rudy
- Site Admin
- Příspěvky: 118375
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventivku
Zdravím.
Nejprve spusťte tuto utilitz:¨
Nejprve spusťte tuto utilitz:¨
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
danatoma
- Vzorný návštěvník
- Příspěvky: 361
- Registrován: 14 úno 2008 20:05
- Bydliště: Praha
- Kontaktovat uživatele:
Re: Prosím o preventivku
Omlouvám se, ale nepřišla mi hláška na e-mail s odpovědí.
Stáhla jsem AdwCleaner, dala skenovat, ale nic dalšího nemohu udělat. V příloze je screen...
Stáhla jsem AdwCleaner, dala skenovat, ale nic dalšího nemohu udělat. V příloze je screen...
- Přílohy
-
- adv.jpg (48.56 KiB) Zobrazeno 600 x
Děkuji!
Danica Tomášková
Danica Tomášková
-
danatoma
- Vzorný návštěvník
- Příspěvky: 361
- Registrován: 14 úno 2008 20:05
- Bydliště: Praha
- Kontaktovat uživatele:
Re: Prosím o preventivku
Je tohle ono?
# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build: 03-04-2024
# Database: 2024-03-04.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 05-23-2024
# Duration: 00:00:04
# OS: Windows 7 Service Pack 1
# Scanned: 32098
# Detected: 1
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
PUP.Optional.Seznam.cz C:\Users\Danica\AppData\Local\Seznam.cz
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build: 03-04-2024
# Database: 2024-03-04.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 05-23-2024
# Duration: 00:00:04
# OS: Windows 7 Service Pack 1
# Scanned: 32098
# Detected: 1
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
PUP.Optional.Seznam.cz C:\Users\Danica\AppData\Local\Seznam.cz
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
Děkuji!
Danica Tomášková
Danica Tomášková
-
Rudy
- Site Admin
- Příspěvky: 118375
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventivku
Nevím, proč vám nepřišlo upozornění. Nalezenou položku smažtea PC restartujte. Dále otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {013FAD6D-5668-420B-9392-267E371279A0} - \GoogleUpdateTaskUserS-1-5-21-835433377-1433666261-3082474647-1000UA{3AF7B6A2-B023-4717-9375-73F09B698A9A} -> No File <==== ATTENTION
Task: {CB9B770C-314C-4FA6-B782-E83AA9C1BBDE} - \GoogleUpdateTaskUserS-1-5-21-835433377-1433666261-3082474647-1000Core{88A44582-F8A3-4EE1-B69D-4759C14CF482} -> No File <==== ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
danatoma
- Vzorný návštěvník
- Příspěvky: 361
- Registrován: 14 úno 2008 20:05
- Bydliště: Praha
- Kontaktovat uživatele:
Re: Prosím o preventivku
Fix result of Farbar Recovery Scan Tool (x64) Version: 28.03.2024
Ran by Danica (23-05-2024 09:34:22) Run:11
Running from C:\Users\Danica\Desktop
Loaded Profiles: Danica
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {013FAD6D-5668-420B-9392-267E371279A0} - \GoogleUpdateTaskUserS-1-5-21-835433377-1433666261-3082474647-1000UA{3AF7B6A2-B023-4717-9375-73F09B698A9A} -> No File <==== ATTENTION
Task: {CB9B770C-314C-4FA6-B782-E83AA9C1BBDE} - \GoogleUpdateTaskUserS-1-5-21-835433377-1433666261-3082474647-1000Core{88A44582-F8A3-4EE1-B69D-4759C14CF482} -> No File <==== ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{013FAD6D-5668-420B-9392-267E371279A0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{013FAD6D-5668-420B-9392-267E371279A0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-835433377-1433666261-3082474647-1000UA{3AF7B6A2-B023-4717-9375-73F09B698A9A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CB9B770C-314C-4FA6-B782-E83AA9C1BBDE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB9B770C-314C-4FA6-B782-E83AA9C1BBDE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-835433377-1433666261-3082474647-1000Core{88A44582-F8A3-4EE1-B69D-4759C14CF482}" => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 34417371 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 2214311 B
Edge => 0 B
Chrome => 104389144 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 256 B
LocalService => 256 B
NetworkService => 256 B
Danica => 206257516 B
RecycleBin => 588914129 B
EmptyTemp: => 892.8 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 09:34:34 ====
Ran by Danica (23-05-2024 09:34:22) Run:11
Running from C:\Users\Danica\Desktop
Loaded Profiles: Danica
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {013FAD6D-5668-420B-9392-267E371279A0} - \GoogleUpdateTaskUserS-1-5-21-835433377-1433666261-3082474647-1000UA{3AF7B6A2-B023-4717-9375-73F09B698A9A} -> No File <==== ATTENTION
Task: {CB9B770C-314C-4FA6-B782-E83AA9C1BBDE} - \GoogleUpdateTaskUserS-1-5-21-835433377-1433666261-3082474647-1000Core{88A44582-F8A3-4EE1-B69D-4759C14CF482} -> No File <==== ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{013FAD6D-5668-420B-9392-267E371279A0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{013FAD6D-5668-420B-9392-267E371279A0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-835433377-1433666261-3082474647-1000UA{3AF7B6A2-B023-4717-9375-73F09B698A9A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CB9B770C-314C-4FA6-B782-E83AA9C1BBDE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB9B770C-314C-4FA6-B782-E83AA9C1BBDE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-835433377-1433666261-3082474647-1000Core{88A44582-F8A3-4EE1-B69D-4759C14CF482}" => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 34417371 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 2214311 B
Edge => 0 B
Chrome => 104389144 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 256 B
LocalService => 256 B
NetworkService => 256 B
Danica => 206257516 B
RecycleBin => 588914129 B
EmptyTemp: => 892.8 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 09:34:34 ====
Děkuji!
Danica Tomášková
Danica Tomášková
-
Rudy
- Site Admin
- Příspěvky: 118375
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventivku
Bylo smazáno. Změnilo se něco?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
danatoma
- Vzorný návštěvník
- Příspěvky: 361
- Registrován: 14 úno 2008 20:05
- Bydliště: Praha
- Kontaktovat uživatele:
Re: Prosím o preventivku
Je to pořád stejné. zase jsem se nemohla na banku přihlásit, ale vychytala jsem to tak, že restartuji PC a pak to běží. Někdy restartuji i 2x. Funguje to pak několik dní a proces se opakuje. Už jsem mluvila i s bankou. No, je to někde po cestě... nebo zakopaný pes. Teď to funguje - tak uvidím.
Děkuji, Rudýsku, za trpělivost.
Děkuji, Rudýsku, za trpělivost.
Děkuji!
Danica Tomášková
Danica Tomášková
-
Rudy
- Site Admin
- Příspěvky: 118375
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventivku
To jsem vám chtěl právě říci, že to nemusí být problém samotného PC. Je možné ještě zkusit, zda je problém u všech prohlížečů, nebo to dělaá jen jeden. Pak můžete zkusit vyčištění:
Stahnete Zoek.exe https://www.edisk.cz/stahni/21334/zoek.rar_1.3MB.html/a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
Pokud to dělají všechny prohlížeče, je to problém mimo vás.
Stahnete Zoek.exe https://www.edisk.cz/stahni/21334/zoek.rar_1.3MB.html/a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
Pokud to dělají všechny prohlížeče, je to problém mimo vás.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
danatoma
- Vzorný návštěvník
- Příspěvky: 361
- Registrován: 14 úno 2008 20:05
- Bydliště: Praha
- Kontaktovat uživatele:
Re: Prosím o preventivku
Ať se snažím jak se snažím, nejde mi stáhnout - tedy ano, ale hlásí mi to, že windows nemůže otevřít...
Děkuji!
Danica Tomášková
Danica Tomášková
-
danatoma
- Vzorný návštěvník
- Příspěvky: 361
- Registrován: 14 úno 2008 20:05
- Bydliště: Praha
- Kontaktovat uživatele:
Re: Prosím o preventivku
Podařilo se:
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Danica on źt 23.05.2024 at 16:37:05,30.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\Danica\AppData\Local\Temp\7zO8E1684F5\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
23.5.2024 16:38:40 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\Program Files\TeamViewer deleted successfully
C:\PROGRA~3\{A64A1F66-D283-FE55-47E2-88AFC574CEB4} deleted successfully
C:\Users\Danica\AppData\Roaming\dvdcss deleted successfully
C:\Users\Danica\AppData\Roaming\MPC-HC deleted successfully
C:\Windows\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking deleted successfully
C:\Users\Danica\AppData\Local\CrashDumps deleted successfully
C:\Users\Danica\AppData\Local\ghisler deleted successfully
C:\Users\Danica\AppData\Local\MigWiz deleted successfully
C:\Users\Danica\AppData\Local\Skype deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Danica\AppData\Roaming\Mozilla\Firefox\Profiles\8qyzod9n.default-1549969440949\prefs.js:
Added to C:\Users\Danica\AppData\Roaming\Mozilla\Firefox\Profiles\8qyzod9n.default-1549969440949\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\Danica\AppData\Roaming\Mozilla\Firefox\Profiles\m8sflxe2.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.seznam.cz/");
Added to C:\Users\Danica\AppData\Roaming\Mozilla\Firefox\Profiles\m8sflxe2.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\Danica\AppData\Roaming\Mozilla\Firefox\Profiles\gbknvhym.default-1562830117717\prefs.js:
Added to C:\Users\Danica\AppData\Roaming\Mozilla\Firefox\Profiles\gbknvhym.default-1562830117717\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Deleting Files \ Folders ======================
C:\PROGRA~3\{A64A1F66-D283-FE55-47E2-88AFC574CEB4} not found
C:\Users\Danica\AppData\Roaming\Seznam Browser deleted
C:\install.exe deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Danica\AppData\Local\AvastAntiTrackPremium deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\AVAST Software deleted
"C:\Users\Danica\AppData\Local\AVAST Software\Avast\datascan.json" not deleted
"C:\Users\Danica\AppData\Local\AVAST Software\Avast\datascan_processes.json" not deleted
"C:\Users\Danica\AppData\Local\AVAST Software\Avast\leaked_passwords.ini" not deleted
"C:\Users\Danica\AppData\Local\AVAST Software\APM\Danica\zhCphRypyrfTg0ppFfl2.dat" not deleted
"C:\Users\Danica\AppData\Local\AVAST Software\APM\Danica\zhCphRypyrfTg0pp\kv_pam.db" not deleted
"C:\Users\Danica\AppData\Local\AVAST Software\APM\Danica\zhCphRypyrfTg0pp\kv_pamcore.db" not deleted
"C:\Users\Danica\AppData\Local\AVAST Software\APM\Danica\zhCphRypyrfTg0pp\kv_pampub.db" not deleted
"C:\Users\Danica\AppData\Local\AVAST Software\APM\Danica\zhCphRypyrfTg0pp\pam.db" not deleted
"C:\found.000" deleted
"C:\Users\Danica\AppData\Local\AVAST Software" not deleted
"C:\Users\Danica\AppData\Local\AVAST Software\APM" not deleted
"C:\Users\Danica\AppData\Local\AVAST Software\Avast" not deleted
"C:\Users\Danica\AppData\Local\AVAST Software\APM\Danica" not deleted
"C:\Users\Danica\AppData\Local\AVAST Software\APM\Danica\zhCphRypyrfTg0pp" not deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\Danica\AppData\Roaming\Mozilla\Firefox\Profiles\8qyzod9n.default-1549969440949
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\Danica\AppData\Roaming\Mozilla\Firefox\Profiles\m8sflxe2.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\Danica\AppData\Roaming\Mozilla\Firefox\Profiles\gbknvhym.default-1562830117717
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions ======================
ProfilePath: C:\Users\Danica\AppData\Roaming\Mozilla\Firefox\Profiles\m8sflxe2.default
- Undetermined - %ProfilePath%\extensions\sko-extension@firma.seznam.cz
- Seznam litika - %ProfilePath%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
- Download YouTube Videos as MP4 - %ProfilePath%\extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
ProfilePath: C:\Users\Danica\AppData\Roaming\Mozilla\Firefox\Profiles\gbknvhym.default-1562830117717
- Undetermined - %ProfilePath%\extensions\jid1-r1tDuNiNb4SEww@jetpack.xpi
==== Firefox Plugins ======================
Profilepath: C:\Users\Danica\AppData\Roaming\Mozilla\Firefox\Profiles\gbknvhym.default-1562830117717
9260F4DF290730F7BAF8E9217E8D21BD - c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll - Silverlight Plug-In
887070B5A789D9DE6C52931168AD90EE - c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrlui.dll - Microsoft® Silverlight
4A270804DC8AB72DCB4F694D050A3517 - C:\Users\Danica\AppData\Roaming\IDM\bin\npWidevineMediaOptimizer.dll - Widevine Media Optimizer
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - No path found[]
eofcbnmajmjmplflapaojjnihcjkigck - No path found[]
Facebook - Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm
passwords - Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik
Blogger - Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\lejliakmhcfhakneflmicaoikhbicggc
Avast SafePrice - C:\Windows\SysNative\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Avast Online Security - C:\Windows\SysNative\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Chrome Media Router - C:\Windows\SysNative\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Rich Hints Agent - Danica\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk
Opera Crypto Wallet - Danica\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk
Amazon Assistant Promotion - Danica\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk
==== Chromium Startpages ======================
C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Preferences
3D74467C2978FC43C10267CC6B6133F27198C70995B4","last_username":"8DD4DDA01E7FA812807D208003076D5133D74B549A0D377FFA2B548A3C6F1C4E","username":"D41493C8D05705CDEF6DDD0F66C7692E358229945BD2F0D49538FB5B70C89DCC"}},"homepage":"6843FBB91BD20661C8A11ED3DDAE623669BEEF8675D5D338FD1D7C3C3451C9FE","homepage_is_newtabpage":"3516F1CBBEBFDFE02083D7A6295ACC710A2B7BD0FF4165AC18EA81B83E8505C0","media":{"cdm":{"origin_data":"8388B8FB1294F28D345CEA349140AA57324083B15E16511C62C0E79CF6F5C902","origins":"28CB7F9E82C9C98110FD91102AF0588D4D69FF6E18426690DE1AB846E1E1A11B"},"storage_id_salt":"A844E6B5F3BDC0B2426011F5DC7768C85C2880EB07A50ABD81B27799DF597762"},"module_blocklist_cache_md5_digest":"88868795DDF63CDCDE435338E35CDCA9CB5E75A160556BF26F11B78C7B54CDC8","pinned_tabs":"D2AEC015B58074204F6F0146B680619CDD0B8CDFB64D3F771A69C6476813BC99","prefs":{"preference_reset_time":"3B181E00BDB61594A8C53830EE38F068916D3CC25269849BFF37692ECECF9115"},"profile":{"reset_prompt_memento":"C289C5A282EA6B1FFC410377FF2BFFC6F90179EC7A63105582F678F62A323DC6"},"safebrowsing":{"incidents_sent":"54C1DCF4E87F1F5D3EAFDB53EE46836980A425D9C9673DEB3BEDF627D3340414"},"search_provider_overrides":"EBB3F02DCB5CAC143EACA5552F3695835BCF0A7801F19CF28C401C71E386D72F","session":{"restore_on_startup":"2A00A7FFC2C852E13CAF5D119D04030DB950B026DC6E5B9DA568C9D3FF52E2DA","startup_urls":"A01A4FF6C5F31B5A5B8932C39E03E078B1C21C1A4C96ECA6B81CE12B18E41A16"},"settings_reset_prompt":{"last_triggered_for_default_search":"7B1B91357BB69A43F00B1B30600469C748E8EC95AE57A61535C27E14DC45A684","last_triggered_for_homepage":"1AE7B3DB3C10C2DDC66A430336BF0C6855BF0D2B0C29AAE38DE2F02C5C68D493","last_triggered_for_startup_urls":"86F63D5B6FFB3B287985F4FADF20718208E6D977D3584EB735145FD7A008D33E","prompt_wave":"97E25A6C1842AC80AE4C2F078EF0BCFADB54BC5DF31B393EE424A5B80AF8C061"},"software_reporter":{"prompt_seed":"4520A676D2922EEFAB3A3DB20F1BB035341ACCDE4A116FC0C3DF3F06A5A9E0CB","prompt_version":"8DD5E8C6CBE1EFFE144FEE369E719BA24BAB5E1E86543FF8B98C7811948CA91C","reporting":"5DB8BF940E09C64C366487A5C6E4F72404B75F47322D381A0030C4DCF04273C8"}},"super_mac":"BDF9FF91405D7BA67C27926A72717351CADF72B35D31EA0F67E8E55DCBE0CF47"},"safebrowsing":{"incidents_sent":{"1":{"default_search_provider_data.template_url_data":"1189971063","extensions.settings":"3187871417","safebrowsing.incidents_sent":"668060169","session.restore_on_startup":"3815919927","session.startup_urls":"2313326690"}}},"session":{"restore_on_startup":1,"startup_urls":["http://www.denik.cz/krimi/vysetrovani-t ... ount/Index"]},"settings_reset_prompt":{"prompt_wave":20190606},"sync":{}}
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.seznam.cz/"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.seznam.cz/"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... 02&pc=UE10"
{2E2AE52D-B746-4D5A-8D87-040FF26DA1AD} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchT ... arch_12454"
{37FE3127-D331-432F-BA62-C6FA353ED829} Encyklopedie Seznam Url="http://encyklopedie.seznam.cz/search?q= ... arch_12454"
{474B5B48-C606-45D6-85BD-240F1DC1BC5D} Slovnˇk CZ/EN Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_12454"
{4A0FE769-7C54-4C0A-B4AB-3E525FB2DCB1} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12454"
{4AC592D3-7BCD-4DC1-8B44-C589D17B7A37} Firmy.cz Url="http://www.firmy.cz/?q={searchTerms}&so ... arch_12454"
{BB2D0F1E-B329-4EC6-9E6D-7AFE0321B394} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_12454"
{E179443E-DC27-473B-A279-C9C8091DC7B4} Seznam Url="http://search.seznam.cz/?q={searchTerms ... arch_12454"
{F41CD5ED-2BB8-4D58-9A8C-3B826C405379} Slovnˇk EN/CZ Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_12454"
{F8D14E72-77A1-4FB6-AAEE-BB4FB3AAC7CA} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms} ... arch_12454"
==== Reset Google Chrome ======================
C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Danica\AppData\Local\Microsoft\Edge\User Data\Default\Preferences was reset successfully
C:\Users\Danica\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences was reset successfully
C:\Users\Danica\AppData\Local\Seznam.cz\User Data\Default\Preferences was reset successfully
C:\Users\Danica\AppData\Local\Seznam.cz\User Data\Default\Secure Preferences was reset successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Danica\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\Danica\AppData\Roaming\Opera Software\Opera Stable\Preferences.backup was reset successfully
C:\Users\Danica\AppData\Roaming\Opera Software\Opera Stable\Secure Preferences was reset successfully
C:\Users\Danica\AppData\Roaming\Opera Software\Opera Stable\Secure Preferences.backup was reset successfully
C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Web Data will be reset at reboot
C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal will be reset at reboot
C:\Users\Danica\AppData\Local\Microsoft\Edge\User Data\Default\Web Data was reset successfully
C:\Users\Danica\AppData\Local\Microsoft\Edge\User Data\Default\Web Data-journal was reset successfully
C:\Users\Danica\AppData\Local\Seznam.cz\User Data\Default\Web Data was reset successfully
C:\Users\Danica\AppData\Local\Seznam.cz\User Data\Default\Web Data-journal was reset successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\Danica\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AcroRd32.exe\48ccfe06ae8cee90_PD deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iastorui.exe\6effccfb19af2e23_PD deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Avast Driver Updater deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Danica\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
C:\Users\Danica\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Cache will be emptied at reboot
C:\Users\Danica\AppData\Local\Microsoft\Edge\User Data\Default\Cache emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=3721 folders=578 1312967817 bytes)
==== Empty Temp Folders ======================
C:\Users\Danica\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Danica\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\Danica\AppData\Local\AVAST Software\Avast\datascan.json" not found
"C:\Users\Danica\AppData\Local\AVAST Software\Avast\datascan_processes.json" not found
"C:\Users\Danica\AppData\Local\AVAST Software\Avast\leaked_passwords.ini" not found
"C:\Users\Danica\AppData\Local\AVAST Software\APM\Danica\zhCphRypyrfTg0ppFfl2.dat" not found
"C:\Users\Danica\AppData\Local\AVAST Software\APM\Danica\zhCphRypyrfTg0pp\kv_pam.db" not found
"C:\Users\Danica\AppData\Local\AVAST Software\APM\Danica\zhCphRypyrfTg0pp\kv_pamcore.db" not found
"C:\Users\Danica\AppData\Local\AVAST Software\APM\Danica\zhCphRypyrfTg0pp\kv_pampub.db" not found
"C:\Users\Danica\AppData\Local\AVAST Software\APM\Danica\zhCphRypyrfTg0pp\pam.db" not found
"C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Web Data" not found
"C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal" not found
"C:\Users\Danica\AppData\Local\AVAST Software" not found
==== EOF on źt 23.05.2024 at 16:56:10,38 ======================
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Danica on źt 23.05.2024 at 16:37:05,30.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\Danica\AppData\Local\Temp\7zO8E1684F5\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
23.5.2024 16:38:40 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\Program Files\TeamViewer deleted successfully
C:\PROGRA~3\{A64A1F66-D283-FE55-47E2-88AFC574CEB4} deleted successfully
C:\Users\Danica\AppData\Roaming\dvdcss deleted successfully
C:\Users\Danica\AppData\Roaming\MPC-HC deleted successfully
C:\Windows\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking deleted successfully
C:\Users\Danica\AppData\Local\CrashDumps deleted successfully
C:\Users\Danica\AppData\Local\ghisler deleted successfully
C:\Users\Danica\AppData\Local\MigWiz deleted successfully
C:\Users\Danica\AppData\Local\Skype deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Danica\AppData\Roaming\Mozilla\Firefox\Profiles\8qyzod9n.default-1549969440949\prefs.js:
Added to C:\Users\Danica\AppData\Roaming\Mozilla\Firefox\Profiles\8qyzod9n.default-1549969440949\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\Danica\AppData\Roaming\Mozilla\Firefox\Profiles\m8sflxe2.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.seznam.cz/");
Added to C:\Users\Danica\AppData\Roaming\Mozilla\Firefox\Profiles\m8sflxe2.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Deleted from C:\Users\Danica\AppData\Roaming\Mozilla\Firefox\Profiles\gbknvhym.default-1562830117717\prefs.js:
Added to C:\Users\Danica\AppData\Roaming\Mozilla\Firefox\Profiles\gbknvhym.default-1562830117717\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Deleting Files \ Folders ======================
C:\PROGRA~3\{A64A1F66-D283-FE55-47E2-88AFC574CEB4} not found
C:\Users\Danica\AppData\Roaming\Seznam Browser deleted
C:\install.exe deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Danica\AppData\Local\AvastAntiTrackPremium deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\AVAST Software deleted
"C:\Users\Danica\AppData\Local\AVAST Software\Avast\datascan.json" not deleted
"C:\Users\Danica\AppData\Local\AVAST Software\Avast\datascan_processes.json" not deleted
"C:\Users\Danica\AppData\Local\AVAST Software\Avast\leaked_passwords.ini" not deleted
"C:\Users\Danica\AppData\Local\AVAST Software\APM\Danica\zhCphRypyrfTg0ppFfl2.dat" not deleted
"C:\Users\Danica\AppData\Local\AVAST Software\APM\Danica\zhCphRypyrfTg0pp\kv_pam.db" not deleted
"C:\Users\Danica\AppData\Local\AVAST Software\APM\Danica\zhCphRypyrfTg0pp\kv_pamcore.db" not deleted
"C:\Users\Danica\AppData\Local\AVAST Software\APM\Danica\zhCphRypyrfTg0pp\kv_pampub.db" not deleted
"C:\Users\Danica\AppData\Local\AVAST Software\APM\Danica\zhCphRypyrfTg0pp\pam.db" not deleted
"C:\found.000" deleted
"C:\Users\Danica\AppData\Local\AVAST Software" not deleted
"C:\Users\Danica\AppData\Local\AVAST Software\APM" not deleted
"C:\Users\Danica\AppData\Local\AVAST Software\Avast" not deleted
"C:\Users\Danica\AppData\Local\AVAST Software\APM\Danica" not deleted
"C:\Users\Danica\AppData\Local\AVAST Software\APM\Danica\zhCphRypyrfTg0pp" not deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\Danica\AppData\Roaming\Mozilla\Firefox\Profiles\8qyzod9n.default-1549969440949
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\Danica\AppData\Roaming\Mozilla\Firefox\Profiles\m8sflxe2.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
ProfilePath: C:\Users\Danica\AppData\Roaming\Mozilla\Firefox\Profiles\gbknvhym.default-1562830117717
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions ======================
ProfilePath: C:\Users\Danica\AppData\Roaming\Mozilla\Firefox\Profiles\m8sflxe2.default
- Undetermined - %ProfilePath%\extensions\sko-extension@firma.seznam.cz
- Seznam litika - %ProfilePath%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
- Download YouTube Videos as MP4 - %ProfilePath%\extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
ProfilePath: C:\Users\Danica\AppData\Roaming\Mozilla\Firefox\Profiles\gbknvhym.default-1562830117717
- Undetermined - %ProfilePath%\extensions\jid1-r1tDuNiNb4SEww@jetpack.xpi
==== Firefox Plugins ======================
Profilepath: C:\Users\Danica\AppData\Roaming\Mozilla\Firefox\Profiles\gbknvhym.default-1562830117717
9260F4DF290730F7BAF8E9217E8D21BD - c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll - Silverlight Plug-In
887070B5A789D9DE6C52931168AD90EE - c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrlui.dll - Microsoft® Silverlight
4A270804DC8AB72DCB4F694D050A3517 - C:\Users\Danica\AppData\Roaming\IDM\bin\npWidevineMediaOptimizer.dll - Widevine Media Optimizer
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - No path found[]
eofcbnmajmjmplflapaojjnihcjkigck - No path found[]
Facebook - Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm
passwords - Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik
Blogger - Danica\AppData\Local\Google\Chrome\User Data\Default\Extensions\lejliakmhcfhakneflmicaoikhbicggc
Avast SafePrice - C:\Windows\SysNative\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Avast Online Security - C:\Windows\SysNative\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Chrome Media Router - C:\Windows\SysNative\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Rich Hints Agent - Danica\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk
Opera Crypto Wallet - Danica\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk
Amazon Assistant Promotion - Danica\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk
==== Chromium Startpages ======================
C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Preferences
3D74467C2978FC43C10267CC6B6133F27198C70995B4","last_username":"8DD4DDA01E7FA812807D208003076D5133D74B549A0D377FFA2B548A3C6F1C4E","username":"D41493C8D05705CDEF6DDD0F66C7692E358229945BD2F0D49538FB5B70C89DCC"}},"homepage":"6843FBB91BD20661C8A11ED3DDAE623669BEEF8675D5D338FD1D7C3C3451C9FE","homepage_is_newtabpage":"3516F1CBBEBFDFE02083D7A6295ACC710A2B7BD0FF4165AC18EA81B83E8505C0","media":{"cdm":{"origin_data":"8388B8FB1294F28D345CEA349140AA57324083B15E16511C62C0E79CF6F5C902","origins":"28CB7F9E82C9C98110FD91102AF0588D4D69FF6E18426690DE1AB846E1E1A11B"},"storage_id_salt":"A844E6B5F3BDC0B2426011F5DC7768C85C2880EB07A50ABD81B27799DF597762"},"module_blocklist_cache_md5_digest":"88868795DDF63CDCDE435338E35CDCA9CB5E75A160556BF26F11B78C7B54CDC8","pinned_tabs":"D2AEC015B58074204F6F0146B680619CDD0B8CDFB64D3F771A69C6476813BC99","prefs":{"preference_reset_time":"3B181E00BDB61594A8C53830EE38F068916D3CC25269849BFF37692ECECF9115"},"profile":{"reset_prompt_memento":"C289C5A282EA6B1FFC410377FF2BFFC6F90179EC7A63105582F678F62A323DC6"},"safebrowsing":{"incidents_sent":"54C1DCF4E87F1F5D3EAFDB53EE46836980A425D9C9673DEB3BEDF627D3340414"},"search_provider_overrides":"EBB3F02DCB5CAC143EACA5552F3695835BCF0A7801F19CF28C401C71E386D72F","session":{"restore_on_startup":"2A00A7FFC2C852E13CAF5D119D04030DB950B026DC6E5B9DA568C9D3FF52E2DA","startup_urls":"A01A4FF6C5F31B5A5B8932C39E03E078B1C21C1A4C96ECA6B81CE12B18E41A16"},"settings_reset_prompt":{"last_triggered_for_default_search":"7B1B91357BB69A43F00B1B30600469C748E8EC95AE57A61535C27E14DC45A684","last_triggered_for_homepage":"1AE7B3DB3C10C2DDC66A430336BF0C6855BF0D2B0C29AAE38DE2F02C5C68D493","last_triggered_for_startup_urls":"86F63D5B6FFB3B287985F4FADF20718208E6D977D3584EB735145FD7A008D33E","prompt_wave":"97E25A6C1842AC80AE4C2F078EF0BCFADB54BC5DF31B393EE424A5B80AF8C061"},"software_reporter":{"prompt_seed":"4520A676D2922EEFAB3A3DB20F1BB035341ACCDE4A116FC0C3DF3F06A5A9E0CB","prompt_version":"8DD5E8C6CBE1EFFE144FEE369E719BA24BAB5E1E86543FF8B98C7811948CA91C","reporting":"5DB8BF940E09C64C366487A5C6E4F72404B75F47322D381A0030C4DCF04273C8"}},"super_mac":"BDF9FF91405D7BA67C27926A72717351CADF72B35D31EA0F67E8E55DCBE0CF47"},"safebrowsing":{"incidents_sent":{"1":{"default_search_provider_data.template_url_data":"1189971063","extensions.settings":"3187871417","safebrowsing.incidents_sent":"668060169","session.restore_on_startup":"3815919927","session.startup_urls":"2313326690"}}},"session":{"restore_on_startup":1,"startup_urls":["http://www.denik.cz/krimi/vysetrovani-t ... ount/Index"]},"settings_reset_prompt":{"prompt_wave":20190606},"sync":{}}
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.seznam.cz/"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.seznam.cz/"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... 02&pc=UE10"
{2E2AE52D-B746-4D5A-8D87-040FF26DA1AD} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchT ... arch_12454"
{37FE3127-D331-432F-BA62-C6FA353ED829} Encyklopedie Seznam Url="http://encyklopedie.seznam.cz/search?q= ... arch_12454"
{474B5B48-C606-45D6-85BD-240F1DC1BC5D} Slovnˇk CZ/EN Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_12454"
{4A0FE769-7C54-4C0A-B4AB-3E525FB2DCB1} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12454"
{4AC592D3-7BCD-4DC1-8B44-C589D17B7A37} Firmy.cz Url="http://www.firmy.cz/?q={searchTerms}&so ... arch_12454"
{BB2D0F1E-B329-4EC6-9E6D-7AFE0321B394} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_12454"
{E179443E-DC27-473B-A279-C9C8091DC7B4} Seznam Url="http://search.seznam.cz/?q={searchTerms ... arch_12454"
{F41CD5ED-2BB8-4D58-9A8C-3B826C405379} Slovnˇk EN/CZ Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_12454"
{F8D14E72-77A1-4FB6-AAEE-BB4FB3AAC7CA} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms} ... arch_12454"
==== Reset Google Chrome ======================
C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Danica\AppData\Local\Microsoft\Edge\User Data\Default\Preferences was reset successfully
C:\Users\Danica\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences was reset successfully
C:\Users\Danica\AppData\Local\Seznam.cz\User Data\Default\Preferences was reset successfully
C:\Users\Danica\AppData\Local\Seznam.cz\User Data\Default\Secure Preferences was reset successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Danica\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\Danica\AppData\Roaming\Opera Software\Opera Stable\Preferences.backup was reset successfully
C:\Users\Danica\AppData\Roaming\Opera Software\Opera Stable\Secure Preferences was reset successfully
C:\Users\Danica\AppData\Roaming\Opera Software\Opera Stable\Secure Preferences.backup was reset successfully
C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Web Data will be reset at reboot
C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal will be reset at reboot
C:\Users\Danica\AppData\Local\Microsoft\Edge\User Data\Default\Web Data was reset successfully
C:\Users\Danica\AppData\Local\Microsoft\Edge\User Data\Default\Web Data-journal was reset successfully
C:\Users\Danica\AppData\Local\Seznam.cz\User Data\Default\Web Data was reset successfully
C:\Users\Danica\AppData\Local\Seznam.cz\User Data\Default\Web Data-journal was reset successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\Danica\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AcroRd32.exe\48ccfe06ae8cee90_PD deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iastorui.exe\6effccfb19af2e23_PD deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Avast Driver Updater deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Danica\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
C:\Users\Danica\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Cache will be emptied at reboot
C:\Users\Danica\AppData\Local\Microsoft\Edge\User Data\Default\Cache emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=3721 folders=578 1312967817 bytes)
==== Empty Temp Folders ======================
C:\Users\Danica\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Danica\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\Danica\AppData\Local\AVAST Software\Avast\datascan.json" not found
"C:\Users\Danica\AppData\Local\AVAST Software\Avast\datascan_processes.json" not found
"C:\Users\Danica\AppData\Local\AVAST Software\Avast\leaked_passwords.ini" not found
"C:\Users\Danica\AppData\Local\AVAST Software\APM\Danica\zhCphRypyrfTg0ppFfl2.dat" not found
"C:\Users\Danica\AppData\Local\AVAST Software\APM\Danica\zhCphRypyrfTg0pp\kv_pam.db" not found
"C:\Users\Danica\AppData\Local\AVAST Software\APM\Danica\zhCphRypyrfTg0pp\kv_pamcore.db" not found
"C:\Users\Danica\AppData\Local\AVAST Software\APM\Danica\zhCphRypyrfTg0pp\kv_pampub.db" not found
"C:\Users\Danica\AppData\Local\AVAST Software\APM\Danica\zhCphRypyrfTg0pp\pam.db" not found
"C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Web Data" not found
"C:\Users\Danica\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal" not found
"C:\Users\Danica\AppData\Local\AVAST Software" not found
==== EOF on źt 23.05.2024 at 16:56:10,38 ======================
Děkuji!
Danica Tomášková
Danica Tomášková
-
Rudy
- Site Admin
- Příspěvky: 118375
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventivku
Ok. Nyní jste vyčistila všechny prohlížeče. Pokud by se problém znovu objevil, nemůže už být na vašem PC a bude třeba to řešit s ČSOB.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Rudy
- Site Admin
- Příspěvky: 118375
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventivku
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?